Deploying Remote Desktop IP Virtualization Step-by-Step Guide Microsoft Corporation Updated: April 2010 Published: July 2009 Abstract Remote Desktop IP Virtualization provides administrators the ability to assign a unique IP address to a program that is available by using RemoteApp and Desktop Connection. In this guide, we will configure Remote Desktop IP Virtualization and access it as a standard user by using RemoteApp and Desktop Connection.
Copyright Information This document supports a preliminary release of a software product that may be changed substantially prior to final commercial release, and is the confidential and proprietary information of Microsoft Corporation. It is disclosed pursuant to a non-disclosure agreement between the recipient and Microsoft. This document is provided for informational purposes only and Microsoft makes no warranties, either express or implied, in this document. Information in this document, including URL and other Internet Web site references, is subject to change without notice. The entire risk of the use or the results from the use of this document remains with the user. Unless otherwise noted, the companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted in examples herein are fictitious. No association with any real company, organization, product, domain name, e-mail address, logo, person, place, or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. 2009 Microsoft Corporation. All rights reserved. Microsoft, and Active Directory, RemoteApp, Windows, and Windows Server are trademarks of the Microsoft group of companies. All other trademarks are property of their respective owners.
Contents Deploying Remote Desktop IP Virtualization Step-by-Step Guide... 4 About this guide... 4 What this guide does not provide... 4 Scenario: Deploying Remote Desktop IP Virtualization in a test environment... 5 Step 1: Setting up the Contoso Domain... 6 Configure the RD Connection Broker server (RDCB-SRV)... 8 Configure the RD Web Access server (RDWA-SRV)... 9 Configure the DHCP server (DHCP-SRV)... 12 Step 2: Installing and Configuring RemoteApp... 14 Step 3: Configuring Remote Desktop IP Virtualization... 17 Step 4: Verifying Remote Desktop IP Virtualization Functionality... 17 Appendix A: Using Static IP Addresses for Remote Desktop IP Virtualization... 19
Deploying Remote Desktop IP Virtualization Step-by-Step Guide About this guide This step-by-step guide walks you through the process of setting up a working Remote Desktop IP Virtualization infrastructure in a test environment. During this process, you will create a test deployment that includes the following components: A Remote Desktop Connection Broker (RD Connection Broker) server A Remote Desktop Web Access (RD Web Access) server A DHCP server This guide assumes that you previously completed the Installing Remote Desktop Session Host Step-by-Step Guide (http://go.microsoft.com/fwlink/?linkid=147292), and that you have already deployed the following components (if you have previously configured the computers in the Installing Remote Desktop Session Host Step-by-Step Guide, you should repeat the steps in that guide with new installations): A Remote Desktop Session Host (RD Session Host) server A Remote Desktop Connection client computer An Active Directory domain controller As you complete the steps in this guide, you will: Set up the necessary servers in the CONTOSO domain. Install and configure RemoteApp and Desktop Connection. Configure Remote Desktop IP Virtualization. Verify that Remote Desktop IP Virtualization is functioning correctly. In Windows Server 2008 R2, RD Session Host supports per program and per session Remote Desktop IP Virtualization for Winsock applications. When using per program Remote Desktop IP Virtualization, you choose which programs to use with Remote Desktop IP Virtualization. When using per session Remote Desktop IP Virtualization, all Winsock applications are virtualized with Remote Desktop IP Virtualization. Remote Desktop IP Virtualization allows you to assign a unique IP address to a user session, which helps to avoid application compatibility issues by simulating a local desktop. What this guide does not provide This guide does not provide the following: An overview of Remote Desktop Services. 4
Guidance for setting up and configuring a Remote Desktop IP Virtualization server in a production environment. Scalability or performance information concerning RD Session Host in a production environment. Complete technical reference for Remote Desktop Services. Scenario: Deploying Remote Desktop IP Virtualization in a test environment We recommend that you first use the steps provided in this guide in a test lab environment. Stepby-step guides are not necessarily meant to be used to deploy Windows Server features without additional deployment documentation and should be used with discretion as a stand-alone document. Upon completion of this step-by-step guide, you will have a working Remote Desktop Services infrastructure by using Remote Desktop IP Virtualization. You can then test and verify Remote Desktop Services functionality as follows: Have a user connect to an RD Session Host server by using Remote Desktop Connection and verify that the session is assigned a unique IP address. The test environment described in this guide includes six computers connected to a private network using the following operating systems, applications, and services. Computer name Operating system Applications and services CONTOSO-DC Windows Server 2008 R2 Active Directory Domain Services, Domain Name System (DNS) RDSH-SRV Windows Server 2008 R2 RD Session Host CONTOSO-CLNT Windows 7 Remote Desktop Connection RDCB-SRV Windows Server 2008 R2 RD Connection Broker RDWA-SRV Windows Server 2008 R2 RD Web Access DHCP-SRV Windows Server 2008 R2 Dynamic Host Configuration Protocol (DHCP) The computers form a private network and are connected through a common hub or Layer 2 switch. This configuration can be emulated in a virtual server environment if desired. This stepby-step exercise uses private addresses throughout the test lab configuration. The private network ID 10.0.0.0/24 is used for the network. The domain controller is named CONTOSO-DC for the domain named contoso.com. The following figure shows the configuration of the test environment. 5
Step 1: Setting up the Contoso Domain To prepare your Remote Desktop IP Virtualization test environment in the CONTOSO domain, you must complete the following tasks: Configure the Remote Desktop Connection Broker (RD Connection Broker) server (RDCB- SRV). Configure the Remote Desktop Web Access (RD Web Access) server (RDWA-SRV). Configure the DHCP server (DHCP-SRV) Use the following table as a reference when setting up the appropriate computer names, operating systems, and network settings that are required to complete the steps in this guide. Important Before you configure your computers with static Internet Protocol (IP) addresses, we recommend that you first complete Windows product activation while each of your computers still has Internet connectivity. You should also install any available critical security updates from Windows Update (http://go.microsoft.com/fwlink/?linkid=47370). Computer name Operating system IP settings DNS settings requirement CONTOSO-DC Windows Server 2008 R2 IP address: Configured by DNS server role Subnet mask: 255.255.255.0 6
Computer name Operating system requirement IP settings DNS settings Default gateway: RDSH-SRV Windows Server 2008 R2 IP address: 10.0.0.2 Preferred: Subnet mask: 255.255.255.0 Default gateway: CONTOSO-CLNT Windows 7 IP address: 10.0.0.3 Subnet mask: 255.255.255.0 Default gateway: Preferred: RDCB-SRV Windows Server 2008 R2 IP address: 10.0.0.5 Preferred: Subnet mask: 255.255.255.0 Default gateway: RDWA-SRV Windows Server 2008 R2 IP address: 10.0.0.6 Preferred: Subnet mask: 255.255.255.0 Default gateway: DHCP-SRV Windows Server 2008 R2 IP address: 0 Preferred: Subnet mask: 255.255.255.0 Default gateway: 7
Configure the RD Connection Broker server (RDCB-SRV) To configure the server RDCB-SRV, you must: Install Windows Server 2008 R2. Configure TCP/IP properties. Join RDCB-SRV to the contoso.com domain. Install the RD Connection Broker role service. First, install Windows Server 2008 R2 as a stand-alone server. To install Windows Server 2008 R2 1. Start your computer by using the Windows Server 2008 R2 product CD. 2. When prompted for a computer name, type RDCB-SRV. 3. Follow the rest of the instructions that appear on your screen to finish the installation. Next, configure TCP/IP properties so that RDCB-SRV has a static IP address of 10.0.0.5. In addition, configure the DNS server by using the IP address of CONTOSO-DC (). To configure TCP/IP properties 1. Log on to RDCB-SRV with the RDCB-SRV\Administrator account or another user account in the local Administrators group. 2. Click Start, click Control Panel, click Network and Internet, click Network and Sharing Center, click Change adapter settings, right-click Local Area Connection, and then click Properties. 3. On the Networking tab, click Internet Protocol Version 4 (TCP/IPv4), and then click Properties. 4. Click Use the following IP address. In the IP address box, type 10.0.0.5. In the Subnet mask box, type 255.255.255.0. In the Default gateway box, type. 5. Click Use the following DNS server addresses. In the Preferred DNS server box, type. 6. Click OK, and then close the Local Area Connection Properties dialog box. Next, join RDCB-SRV to the contoso.com domain. To join RDCB-SRV to the contoso.com domain 1. Click Start, right-click Computer, and then click Properties. 2. Under Computer name, domain, and workgroup settings, click Change settings. 3. On the Computer Name tab, click Change. 4. In the Computer Name/Domain Changes dialog box, under Member of, click Domain, and then type contoso.com. 5. Click More, and in the Primary DNS suffix of this computer box, type contoso.com. 8
6. Click OK, and then click OK again. 7. When a Computer Name/Domain Changes dialog box appears prompting you for administrative credentials, provide the credentials for CONTOSO\Administrator, and then click OK. 8. When a Computer Name/Domain Changes dialog box appears welcoming you to the contoso.com domain, click OK. 9. When a Computer Name/Domain Changes dialog box appears telling you that the computer must be restarted, click OK, and then click Close. 10. Click Restart Now. Finally, install the RD Connection Broker role service by using Server Manager. To install the RD Connection Broker role service 1. Log on to RDCB-SRV as CONTOSO\Administrator. 2. Click Start, point to Administrative Tools, and then click Server Manager. 3. Under the Roles Summary heading, click Add Roles. 4. On the Before You Begin page, click Next. 5. On the Select Server Roles page, click the Remote Desktop Services check box, and then click Next. 6. On the Remote Desktop Services page, click Next. 7. On the Select Role Services page, select the Remote Desktop Connection Broker check box, and then click Next. 8. On the Confirm Installation Selections page, verify that the RD Connection Broker role service is listed, and then click Install. 9. After the installation is complete, click Close. Configure the RD Web Access server (RDWA-SRV) To configure the RD Web Access server by using Windows Server 2008 R2, you must: Install Windows Server 2008 R2. Configure TCP/IP properties. Join RDWA-SRV to the contoso.com domain. Install the RD Web Access role service. Export the SSL certificate and copy it to the CONTOSO-CLNT computer. First, install Windows Server 2008 R2 on a stand-alone server. To install Windows Server 2008 R2 1. Start your computer by using the Windows Server 2008 R2 product CD. 2. When prompted for a computer name, type RDWA-SRV. 9
3. Follow the rest of the instructions that appear on your screen to finish the installation. Next, configure TCP/IP properties so that RDWA-SRV has an IPv4 static IP address of 10.0.0.6. To configure TCP/IP properties 1. Log on to RDWA-SRV with the RDWA-SRV\Administrator account. 2. Click Start, click Control Panel, click Network and Internet, click Network and Sharing Center, click Change adapter settings, right-click Local Area Connection, and then click Properties. 3. On the Networking tab, click Internet Protocol Version 4 (TCP/IPv4), and then click Properties. 4. Click Use the following IP address. In the IP address box, type 10.0.0.6. In the Subnet mask box, type 255.255.255.0. In the Default gateway box, type. 5. Click Use the following DNS server addresses. In the Preferred DNS server box, type. 6. Click OK, and then close the Local Area Connection Properties dialog box. Next, join RDWA-SRV to the contoso.com domain. To join RDWA-SRV to the contoso.com domain 1. Click Start, right-click Computer, and then click Properties. 2. Under Computer name, domain, and workgroup settings, click Change settings. 3. On the Computer Name tab, click Change. 4. In the Computer Name/Domain Changes dialog box, under Member of, click Domain, and then type contoso.com. 5. Click More, and in the Primary DNS suffix of this computer box, type contoso.com. 6. Click OK, and then click OK again. 7. When a Computer Name/Domain Changes dialog box appears prompting you for administrative credentials, provide the credentials for CONTOSO\Administrator, and then click OK. 8. When a Computer Name/Domain Changes dialog box appears welcoming you to the contoso.com domain, click OK. 9. When a Computer Name/Domain Changes dialog box appears telling you that the computer must be restarted, click OK, and then click Close. 10. Click Restart Now. Next, install the RD Web Access role service by using Server Manager. To install the RD Web Access role service 1. Log on to RDWA-SRV as CONTOSO\Administrator. 10
2. Click Start, point to Administrative Tools, and then click Server Manager. 3. Under the Roles Summary heading, click Add Roles. 4. On the Before You Begin page, click Next. 5. On the Select Server Roles page, select the Remote Desktop Services check box, and then click Next. 6. On the Remote Desktop Services page, click Next. 7. On the Select Role Services page, select the Remote Desktop Web Access check box. 8. Review the information about adding Web Server (IIS) and the Remote Server Administration Tools, click Add Required Role Services, and then click Next. 9. On the Web Server (IIS) page, click Next. 10. On the Select Role Services page, click Next to accept the Web Server (IIS) default settings. 11. On the Confirm Installation Selections page, verify that the Web Server and RD Web Access role services are listed, and then click Install. 12. After installation is complete, click Close. Finally, export the self-signed SSL certificate on RDWA-SRV and copy it to the CONTOSO-CLNT computer. To export the SSL certificate for the RD Web Access server and copy it to the CONTOSO-CLNT computer 1. Click Start, click Run, type mmc and then click OK. 2. On the File menu, click Add/Remove Snap-in. 3. In the Add or Remove Snap-ins dialog box, in the Available snap-ins list, click Certificates, and then click Add. 4. In the Certificates snap-in dialog box, click the Computer account option, and then click Next. 5. In the Select Computer dialog box, click Local computer: (the computer this console is running on), and then click Finish. 6. In the Add or Remove snap-ins dialog box, click OK. 7. In the Certificates snap-in console, in the console tree, expand Certificates (Local Computer), expand Personal, and then click Certificates. 8. Right-click the certificate RDWA-SRV.contoso.com, point to All Tasks, and then click Export. 9. On the Welcome to the Certificate Export Wizard page, click Next. 10. On the Export Private Key page, ensure that No, do not export the private key is selected, and then click Next. 11. On the Export File Format page, ensure that DER encoded binary X.509 (.CER) is 11
selected, and then click Next. 12. On the File to Export page, in the File name box, click Browse. 13. In the Save As dialog box, in the File name box, enter RDWA-SRV, and then click Save. 14. On the File to Export page, click Next. 15. On the Completing the Certificate Export Wizard page, click Finish. 16. After the certificate export has successfully completed, a message appears confirming that the export was successful. Click OK. 17. Close the Certificates snap-in. 18. When you are prompted to save your settings, click No. 19. Copy the certificate, located at c:\users\administrator.contoso\documents\rdwa- SRV.cer on RDWA-SRV, to the CONTOSO-CLNT computer. Configure the DHCP server (DHCP-SRV) To configure the DHCP server, you must: Install Windows Server 2008 R2. Configure TCP/IP properties. Join DHCP-SRV to the contoso.com domain. Install the DHCP server role. First, install Windows Server 2008 R2 on a stand-alone server. To install Windows Server 2008 R2 1. Start your computer by using the Windows Server 2008 R2 product CD. 2. When prompted for a computer name, type DHCP-SRV. 3. Follow the rest of the instructions that appear on your screen to finish the installation. Next, configure TCP/IP properties so that DHCP-SRV has an IPv4 static IP address of 0. To configure TCP/IP properties 1. Log on to RDWA-SRV with the RDWA-SRV\Administrator account. 2. Click Start, click Control Panel, click Network and Internet, click Network and Sharing Center, click Change adapter settings, right-click Local Area Connection, and then click Properties. 3. On the Networking tab, click Internet Protocol Version 4 (TCP/IPv4), and then click Properties. 4. Click Use the following IP address. In the IP address box, type 0. In the Subnet mask box, type 255.255.255.0. In the Default gateway box, type. 5. Click Use the following DNS server addresses. In the Preferred DNS server box, type. 12
6. Click OK, and then close the Local Area Connection Properties dialog box. Next, join DHCP-SRV to the contoso.com domain. To join DHCP-SRV to the contoso.com domain 1. Click Start, right-click Computer, and then click Properties. 2. Under Computer name, domain, and workgroup settings, click Change settings. 3. On the Computer Name tab, click Change. 4. In the Computer Name/Domain Changes dialog box, under Member of, click Domain, and then type contoso.com. 5. Click More, and in the Primary DNS suffix of this computer box, type contoso.com. 6. Click OK, and then click OK again. 7. When a Computer Name/Domain Changes dialog box appears prompting you for administrative credentials, provide the credentials for CONTOSO\Administrator, and then click OK. 8. When a Computer Name/Domain Changes dialog box appears welcoming you to the contoso.com domain, click OK. 9. When a Computer Name/Domain Changes dialog box appears telling you that the computer must be restarted, click OK, and then click Close. 10. Click Restart Now. Finally, install the DHCP server role by using Server Manager. To install the DHCP server role 1. Log on to DHCP-SRV as CONTOSO\Administrator. 2. Click Start, point to Administrative Tools, and then click Server Manager. 3. Under the Roles Summary heading, click Add Roles. 4. On the Before You Begin page, click Next. 5. On the Select Server Roles page, select the DHCP Server check box, and then click Next. 6. On the DHCP Server page, click Next. 7. On the Select Network Connection Bindings page, ensure that the 0 check box is selected, and then click Next. 8. On the Specify IPv4 DNS Server Settings page, ensure that contoso.com appears in the Parent domain box. Ensure that appears in the Preferred DNS Server IPv4 address box, and then click Next. 9. On the Specify WINS Server Settings page, ensure that the WINS is not required for applications on this network option is selected, and then click Next. 10. On the Add or Edit DHCP Scopes page, create a new DHCP scope. To create a new 13
DHCP scope: a. Click Add. b. In the Scope name box, type Remote Desktop IP Virtualization scope. c. In the Starting IP address box, type 00. d. In the Ending IP address box, type 20. e. In the Subnet mask box, type 255.255.255.0. f. In the Default gateway box, type. g. Click OK, and then click Next. Important You must ensure that enough IP addresses are allocated in the DHCP scope so that each session can get a unique IP address. 11. On the Configure DHCPv6 Stateless Mode page, ensure that the Enable DHCPv6 stateless mode for this server option is selected, and then click Next. 12. On the Specify IPv6 DNS Server Settings page, click Next. 13. On the Authorize DHCP Server page, ensure that the Use current credentials option is selected, and then click Next. 14. On the Confirm Installation Selections page, click Install. 15. After the installation is complete, click Close. Step 2: Installing and Configuring RemoteApp In this step, you will configure RemoteApp and Desktop Connection so that users in the CONTOSO domain can access it by using Remote Desktop Web Access (RD Web Access). Use the following steps to configure RemoteApp and Desktop Connection: Add the RDCB-SRV computer account object to the TS Web Access Computers security group on RDSH-SRV. Add a RemoteApp program by using RemoteApp Manager. Add the RDWA-SRV computer account object to the TS Web Access Computers security group on RDCB-SRV. Assign a RemoteApp source on the RD Web Access server (RDWA-SRV). Add a RemoteApp source on the RDCB-SRV computer by using Remote Desktop Connection Manager. First, you must add the RDCB-SRV computer account object to the TS Web Access Computers security group on RDSH-SRV. 14
To add RDCB-SRV to the TS Web Access Computers group on RDSH-SRV 1. Log on to RDSH-SRV as CONTOSO\Administrator. 2. Click Start, point to Administrative Tools, and then click Computer Management. 3. Expand Local Users and Groups, and then click Groups. 4. Right-click TS Web Access Computers, and then click Add to Group. 5. Click Add. 6. In the Select Users, Computers, Service Accounts, or Groups dialog box, click Object Types. 7. In the Object Types dialog box, select the Computers check box, and then click OK. 8. In the Enter the object names to select box, type rdcb-srv and then click OK. 9. Click OK to close the TS Web Access Computers dialog box. Next, you must add a RemoteApp program to RDSH-SRV by using RemoteApp Manager. To add a RemoteApp program by using RemoteApp Manager 1. Log on to RDSH-SRV as CONTOSO\Administrator. 2. Click Start, point to Administrative Tools, point to Remote Desktop Services, and then click RemoteApp Manager. 3. In the Action pane, click Add RemoteApp Programs. 4. On the Welcome to the RemoteApp Wizard page, click Next. 5. On the Choose programs to add to the RemoteApp Program list page, click Browse. 6. Navigate to %Windir%\System32, where %Windir% is the Windows installation directory. 7. Click cmd.exe, and then click Open. 8. Click Next. 9. On the Review Settings page, click Finish. Next, you must add the RDWA-SRV computer account object to the TS Web Access Computers security group on the RDCB-SRV computer. To add RDWA-SRV to the TS Web Access Computers group on RDCB-SRV 1. Log on to RDCB-SRV as CONTOSO\Administrator. 2. Click Start, point to Administrative Tools, and then click Computer Management. 3. Expand Local Users and Groups, and then click Groups. 4. Right-click TS Web Access Computers, and then click Add to Group. 5. Click Add. 6. In the Select Users, Computers, Service Accounts, or Groups dialog box, click Object Types. 15
7. In the Object Types dialog box, select the Computers check box, and then click OK. 8. In the Enter the object names to select box, type rdwa-srv and then click OK. 9. Click OK to close the TS Web Access Computers dialog box. Next, assign a RemoteApp source on the RD Web Access server (RDWA-SRV). To assign a RemoteApp source on RDWA-SRV 1. Log on to RDWA-SRV as CONTOSO\Administrator. 2. Click Start, point to Administrative Tools, point to Remote Desktop Services, and then click Remote Desktop Web Access Configuration. 3. Click Continue to this website (not recommended). Important This guide uses a self-signed certificate for the RD Web Access server. Selfsigned certificates are not recommended in a production environment. You should use a certificate that is trusted from a certification provider when deploying RD Web Access in a production environment. 4. In the Domain\user name box, type CONTOSO\Administrator. 5. In the Password box, type the password that you specified for CONTOSO\Administrator, and then click Sign in. 6. On the Configuration page, click An RD Connection Broker server. 7. In the Source name box, type rdcb-srv and then click OK. Finally, you must add a RemoteApp source on the RDCB-SRV computer by using Remote Desktop Connection Manager. To add a RemoteApp source by using Remote Desktop Connection Manager 1. Log on to RDCB-SRV as CONTOSO\Administrator. 2. Click Start, point to Administrative Tools, point to Remote Desktop Services, and then click Remote Desktop Connection Manager. 3. Click RemoteApp Sources, and then in the Actions pane, click Add RemoteApp Source. 4. In the RemoteApp source name box, type rdsh-srv and then click Add. 16
Step 3: Configuring Remote Desktop IP Virtualization In this section you will configure the Remote Desktop Session Host (RD Session Host) server (RDSH-SRV) to use Remote Desktop IP Virtualization. Membership in the local Administrators group, or equivalent, on the RD Session Host server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups (http://go.microsoft.com/fwlink/?linkid=83477). To configure Remote Desktop IP Virtualization for per program virtualization 1. Log on to RDSH-SRV as CONTOSO\Administrator. 2. Click Start, point to Administrative Tools, point to Remote Desktop Services, and then click Remote Desktop Session Host Configuration. 3. Under the RD IP Virtualization heading, double-click IP Virtualization. 4. Click the Enable IP virtualization check box. 5. In the Select the network adapter to be used for IP virtualization box, select the appropriate network adapter. 6. Under the IP virtualization mode heading, ensure that the Per program option is selected. Important If your computer has more than one network adapter, you must choose per program. Using per session Remote Desktop IP Virtualization with more than one network adapter installed on the computer is not supported. 7. Click Add Program, navigate to %windir%\system32, where %windir% is the directory where Windows is installed. 8. Click cmd.exe, and then click Open. 9. Click OK. Step 4: Verifying Remote Desktop IP Virtualization Functionality To verify the functionality of a Remote Desktop IP Virtualization deployment, you must complete the following tasks: 17
Import the SSL certificate for the Remote Desktop Web Access (RD Web Access) server on the CONTOSO-CLNT computer. Configure RemoteApp and Desktop Connection. Verify that the session has a virtual IP address. First, import the SSL certificate for the RD Web Access server on the CONTOSO-CLNT computer. To import the SSL certificate for the RD Web Access server on the CONTOSO-CLNT computer 1. Log on to CONTOSO-CLNT as CONTOSO\Administrator. 2. Click Start, and in the Start Search box, type mmc, and then click OK. 3. On the File menu, click Add/Remove Snap-in. 4. In the Add or Remove Snap-ins dialog box, in the Available snap-ins list, click Certificates, and then click Add. 5. In the Certificates snap-in dialog box, click Computer account, and then click Next. 6. In the Select Computer dialog box, click Local computer: (the computer this console is running on), and then click Finish. 7. In the Add or Remove snap-ins dialog box, click OK. 8. In the Certificates snap-in console, in the console tree, expand Certificates (Local Computer), and then click Trusted Root Certification Authorities. 9. Right-click the Trusted Root Certification Authorities folder, point to All Tasks, and then click Import. 10. On the Welcome to the Certificate Import Wizard page, click Next. 11. On the File to Import page, in the File name box, click Browse, and then browse to the location where you copied the SSL certificate for the RDWA-SRV computer. Click Open, and then click Next. 12. On the Certificate Store page, accept the default option (Place all certificates in the following store Trusted Root Certification Authorities), and then click Next. 13. On the Completing the Certificate Import Wizard page, click Finish. 14. After the certificate import has successfully completed, a message appears confirming that the import was successful. Click OK. 15. Close the Certificates snap-in. 16. When you are prompted to save your changes, click No. 17. Log out of the CONTOSO-CLNT computer. Next, configure RemoteApp and Desktop Connection. To configure RemoteApp and Desktop Connection 1. Log on to CONTOSO-CLNT as Morgan Skinner (CONTOSO\mskinner). 18
2. Click Start, and then click Control Panel. 3. In the Search Control Panel box, type RemoteApp. 4. Under the RemoteApp and Desktop Connections heading, click Set up a new connection with RemoteApp and Desktop Connections. 5. In the Connection URL box, type the following URL, and then click Next. https://rdwa-srv.contoso.com/rdweb/feed/webfeed.aspx 6. On the Ready to set up the connection page, click Next. 7. Click Finish. Finally, verify that the session was assigned a virtual IP address by using ipconfig.exe. To verify that the session was assigned a virtual IP address 1. Click Start, and then click All Programs. 2. Click RemoteApp and Desktop Connections, click Enterprise Remote Access, and then click cmd.exe (Enterprise Remote Access). Note A dialog box will appear while the computer is connecting to the RDSH-SRV computer. 3. At the command prompt, type ipconfig.exe /all and then press ENTER. 4. Verify that two IPv4 addresses are shown in the command output. You have successfully deployed and demonstrated the functionality of Remote Desktop IP Virtualization by using the simple scenario of connecting to a command prompt and running ipconfig.exe by using RemoteApp and Desktop Connection. You can also use this deployment to explore some of the additional capabilities of RemoteApp and Desktop Connection through additional configuration and testing. Appendix A: Using Static IP Addresses for Remote Desktop IP Virtualization Instead of using DHCP, you can assign either a static IP address range or individual static IP addresses in the registry on the Remote Desktop Session Host (RD Session Host) server. To assign a static IP address range 1. Log on to RDSH-SRV as CONTOSO\Administrator. 2. Click Start, and then click Run. 3. Type regedit.exe and then click OK. 4. Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal 19
Server\TSAPPSrv\VirtualIP. 5. Create a new REG_SZ registry setting named IPPool. a. Right-click VirtualIP, point to New, and then click String Value. b. Type IPPool and then press ENTER. c. Double-click IPPool, and in the Value data box, type %SystemRoot%\system32\TSVIPool.dll and then click OK. 6. Create a new registry key named IPPool. a. Right-click VirtualIP, point to New, and then click Key. b. Type IPPool and then press ENTER. 7. Create a new REG_SZ registry setting named Start. a. Right-click IPPool, point to New, and then click String Value. b. Type Start and then press ENTER. c. Double-click Start, and in the Value data box, type the starting IP address in the desired IP address range, and then click OK. 8. Create a new REG_SZ registry setting named End. a. Right-click IPPool, point to New, and then click String Value. b. Type End and then press ENTER. c. Double-click End, and in the Value data box, type the ending IP address in the desired IP address range, and then click OK. 9. Create a new REG_SZ registry setting named SubnetMask. a. Right-click IPPool, point to New, and then click String Value. b. Type SubnetMask and then press ENTER. c. Double-click SubnetMask, and in the Value data box, type the subnet mask for the desired IP address range, and then click OK. 10. Close Registry Editor. You can also assign specific IP addresses, as opposed to specifying an IP address range. If both the IP addresses and an IP address range exist, Remote Desktop IP Virtualization will use the specific IP addresses first. To assign specific IP addresses 1. Log on to RDSH-SRV as CONTOSO\Administrator. 2. Click Start, and then click Run. 3. Type regedit.exe and then click OK. 4. Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\TSAPPSrv\VirtualIP. 5. Create a new registry key named IPPool. Right-click VirtualIP, point to New, and then click Key. 20
Type IPPool and then press ENTER. 6. Create a new multi-string registry setting named StaticIPList. a. Right-click IPPool, point to New, and then click Multi-String Value. b. Type StaticIPList and then press ENTER. c. Double-click Start, and in the Value data box, type the desired IP addresses, and then click OK. 7. Close Registry Editor. 21