Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science

Remote Desktop Services DR Solution using ASR

Automated Disaster Recovery Solution for
Remote Desktop Services using Azure Site
Recovery
Summary: This document provides technical guidance for implementing one-click disaster recovery
solution for Remote Desktop Services using Azure Site Recovery.
Published: September 2015
Applies to: Remote Desktop Services (RDS), Azure Site Recovery
0|Page
Copyright and Disclaimer
© 2015 Microsoft Corporation. All rights reserved.
This document is provided "as-is”. Information and views expressed in this document, including URL and
other Internet Web site references, may change without notice. You bear the risk of using it.
This document does not provide you with any legal rights to any intellectual property in any Microsoft
product. You may copy and use this document for your internal, reference purposes. You may modify this
document for your internal, reference purposes.
1|Page
Automated Disaster Recovery Solution for Remote Desktop Services
using Azure Site Recovery ................................................................................................... 3
Overview ....................................................................................................................................................................... 3
Remote Desktop Services architecture ............................................................................................................. 3
Supported Azure Site Recovery Deployment Options ................................................................................ 7
Prerequisites ................................................................................................................................................................ 7
Enable DR of RDS using ASR .............................................................................................. 7
Setup AD and DNS replication
Setup SQL Server replication
Enable protection for RDS application components
8
8
8
Create a recovery plan........................................................................................................... 9
Sessions Based Deployment ...............................................................................................................................10
Pooled Desktops ......................................................................................................................................................11
Personal Desktop.....................................................................................................................................................14
Perform a Test Failover ...................................................................................................... 16
Perform an Unplanned Failover...................................................................................... 17
Perform a Planned Failover .............................................................................................. 18
Perform a Failback................................................................................................................ 18
Best Practices.......................................................................................................................... 20
Capacity planning and readiness assessment ..............................................................................................20
Implementation Checklist.....................................................................................................................................20
Summary .................................................................................................................................. 21
2|Page
Automated Disaster Recovery Solution for Remote
Desktop Services using Azure Site Recovery
Overview
Remote Desktop Services accelerates and extends desktop and application deployments to any device,
improving remote worker efficiency, while helping to keep critical intellectual property secure and
simplify regulatory compliance. Remote Desktop Services enables virtual desktop infrastructure (VDI),
session-based desktops, and applications, allowing users to work anywhere.
Azure Site Recovery is an Azure based service that provides disaster recovery capabilities by orchestrating
replication, failover and recovery of virtual machines. Azure Site Recovery supports a number of
replication technologies to consistently replicate, protect, and seamlessly failover virtual machines and
applications to private/public or hoster’s clouds.
This document explains in detail about how you can create a disaster recovery solution for your Remote
Desktop services, perform a planned/unplanned/test failovers using one-click recovery plan, supported
configurations and prerequisites.
Remote Desktop Services architecture
The following picture illustrates the different components in an RDS deployment and the table below
explains about each role in detail.
3|Page
Role service name
Role service description
RD Virtualization Host
Remote Desktop Virtualization Host (RD Virtualization Host) integrates with Hyper-V
to deploy pooled or personal virtual desktop collections within your organization.
RD Session Host
Remote Desktop Session Host (RD Session Host) enables a server to host RemoteApp
programs or session-based desktops. Users can connect to RD Session Host servers in
a session collection to run programs, save files, and use resources on those servers.
RD Connection Broker
Remote Desktop Connection Broker (RD Connection Broker):

Allows users to reconnect to their existing virtual desktops, RemoteApp
programs, and session-based desktops.

Enables you to evenly distribute the load among RD Session Host servers in a
session collection or pooled virtual desktops in a pooled virtual desktop
collection.

Provides access to virtual desktops in a virtual desktop collection.
RD Web Access
Remote Desktop Web Access (RD Web Access) enables users to access RemoteApp
and Desktop Connection through the Start menu on a computer that is running
Windows 8, Windows 7, or through a web browser. RemoteApp and Desktop
Connection provides a customized view of RemoteApp programs and session-based
desktops in a session collection, and RemoteApp programs and virtual desktops in a
virtual desktop collection.
RD Licensing
Remote Desktop Licensing (RD Licensing) manages the licenses required to connect to
a Remote Desktop Session Host server or a virtual desktop. You can use RD Licensing
to install, issue, and track the availability of licenses.
RD Gateway
Remote Desktop Gateway (RD Gateway) enables authorized users to connect to
virtual desktops, RemoteApp programs, and session-based desktops on an internal
corporate network from any Internet-connected device.
4|Page
Remote Desktop Services Collections Types
Remote Desktop services can provide either a virtual desktop based service or a session based service
depending on the type of collection. Collection is a logical grouping of Remote Desktop Servers that
provides either session-based or virtual machine-based (VDI) deployments.

Virtual Desktop Infrastructure (VDI). An individual virtual machine running a desktop Operating
System (OS). Although there can be multiple virtual machines per a given underlying physical
server, there is only one user at a time on a given virtual machine. Each user is generally assigned
their own virtual machine.

Session-Based Desktop. An individual session running inside a server OS on either a virtual
machine or a physical server. There can be multiple user sessions per virtual/physical machine,
and each virtual/physical machine is shared by multiple users.
Under Virtual Desktop Infrastructure, the virtual machines can be provisioned in either of the below
configurations.

Pooled Desktops. In this deployment, the virtual machines are created from a template and
provisioned to the end user on-demand when he connects. The state of the virtual machine is
rolled back after the user disconnects. The users’ data can be persisted by using User Profile Disks
that are placed remotely on a share. The desktop is assigned to the user from the pooled collection
at random when the user connects.

Personal Desktops. In this deployment, an individual user gets an assigned virtual machine as a
personal machine. Every time the user logs in he is provisioned with the same machine and the
state of the machine is maintained forever.
The pooled and personal desktops, in turn can be either managed or unmanaged. Managed desktops’
lifecycle is controlled by the Remote Desktop Management service. It controls its provisioning and
rollbacks as per configuration. In Unmanaged deployments, the desktops can be created using either
System Center VMM or other Virtual Machine management software.
5|Page
HA deployments
The different components of RDS can be deployed as HA or as farms to allow scalability and robustness.
Below are the different ways each component can be deployed as HA.
Component
Simple Deployment
Scaled Deployment
Web Access
Web Access Farm
Load balanced using load balancer
Gateway Server
Web Access Farm
License Server
Single Role
Use windows clustering or licenses split across multiple
license servers
Connection Broker
Data stored in local
Windows store
Multiple brokers configured to store data in SQL server.
SQL configured with write permission to all RD connection
broker
HA Deployment using
Hyper-V Cluster
Session Host
A single session host
server
A pool of session host servers (either physical machines or
virtual machines). VMs can be HA using Hyper-V Clusters.
SQL Server
Standard SQL server
deployments
SQL is highly available.
Virtualization Hosts
Standalone hosts/Clusters Standalone hosts/Clusters.
6|Page
Supported Azure Site Recovery Deployment Options
Customers can deploy Remote Desktop services as Virtual Machines running on Hyper-V or VMware or as
Physical Servers. Azure Site Recovery can protect both physical and Virtual deployments to either a
secondary Site or to Azure. The following table lists the supported RDS deployments in Site to Site and
Site to Azure scenarios.
Hyper-V
RDS deployment
type
VMware
Physical
Site to
Site
Site to
Azure
Site to
Site
Site to
Azure
Site to
Site
Site to
Azure
Pooled Virtual
Desktop
(unmanaged)
Yes
No
Yes
No
Yes
No
Pooled Virtual
Desktop (managed
and without UPD)
Yes
No
Yes
No
Yes
No
Remote applications
and Desktop sessions
(without UPD)
Yes
Yes
Yes
Yes
Yes
Yes
Prerequisites
Implementing disaster recovery for Remote Desktop services deployment using Azure Site Recovery
requires the following pre-requisites completed.



An on-premises RDS deployment has been setup
Azure Site Recovery Services vault has been created in Microsoft Azure subscription1
If Azure is your recovery site, run the Azure Virtual Machine Readiness Assessment tool2 on VMs
to ensure that they are compatible with Azure VMs and Azure Site Recovery Services.
Enable DR of RDS using ASR
Each component of the RDS application needs to be protected to enable the complete application
replication and recovery. This section covers:
1
2

Protection of Active Directory

Protection of SQL Tier

Protection of RDS components

Networking configuration
Create Azure Site Recovery vault in Microsoft Azure subscription
Azure Virtual Machine Readiness Assessment
7|Page
Setup AD and DNS replication
Active Directory is required on the DR site for RDS application to function. There are two recommended
options based on the complexity of the customer’s on-premises environment.
Option 1
If the customer has a small number of applications and a single domain controller for his entire onpremises site and will be failing over the entire site together, then we recommend using ASRReplication to replicate the DC machine to secondary site (applicable for both Site to Site and Site to
Azure)
Option 2
If the customer has a large number of applications and is running an Active Directory forest and will
failover few applications at a time, then we recommend setting up an additional domain controller
on the DR site (secondary site or in Azure).
Please refer to companion guide3 on making a domain controller available on DR site. For remainder of
this document we will assume a DC is available on DR site.
Setup SQL Server replication
Please refer to companion guide4 for detailed technical guidance on the recommended option for
protecting SQL tier.
Enable protection for RDS application components
Depending on the RDS deployment type, you can enable protection of different component VMs (as listed
in the table below) in ASR. Perform relevant Azure Site Recovery configuration based on whether the VMs
are deployed on Hyper-V or on VMware.
RD Service deployment type
Personal Virtual Desktop
(unmanaged)
3
4
Protection steps
1.
2.
3.
4.
5.
Make sure all virtualization hosts are ready with RD-VH role installed.
Connection Broker
Personal Desktops
Gold Template VM
Webaccess, License Server and Gateway server
Setting up AD for a DR environment
Protect SQL Tier
8|Page
Pooled Virtual Desktop
(managed and without UPD)
Remote applications and
Desktop Sessions (without
UPD)
1.
2.
3.
4.
All Virtualization hosts are ready with RD-VH role installed.
Connection Broker
Gold Template VM
Webaccess, License Server and Gateway server
1. Session Hosts
2. Connection Broker
3. Webaccess, License Server and Gateway server
Create a recovery plan
You can create a recovery plan in ASR to automate the failover process. Add all the RDS component VMs
to the recovery plan.
1.
2.
3.
4.
Select the ASR vault in your subscription and click on ‘Recovery Plans’ tab.
Click on ‘Create’ and specify a name
Select the ‘Source’ and ‘Target’. The target can be Azure or secondary site.
Select the RDS component VMs to enable protection and click the ✓.
9|Page
Sessions Based Deployment
You can customize the recovery plan for RDS sessions based deployment by grouping the VMs
appropriately so that they come up in a sequence. The above snapshot shows the complete recovery plan
after adding all the steps.
Steps:
1. Failover Group 1: SessionHost VM
2. Failover Group 2: Broker VM
3. Failover Group 3: Web access VM
10 | P a g e
Pooled Desktops
You can customize the recovery plan for RDS pooled desktop deployment by grouping the VMs
appropriately, adding manual steps and scripts. The above snapshot shows the complete recovery plan
after adding all the steps.
Steps:
1. Failover Group 1: RDS Broker VM
2. Group 1 Manual Action: Update DNS
Run PowerShell on elevated mode on the Broker VM. Run the below command and wait for a
couple of minutes to ensure the DNS is updated with the new value.
11 | P a g e
> ipconfig /registerdns
This step is not required if you have retained IP address using NVGRE or mapping to the same IP
address Pool.
3. Group 1 Script: Add Virtualization Hosts
Modify the below script to run it for each Virtualization host in the Cloud. Typically after adding a
virtualization host to a broker, the host needs a reboot. Ensure that the Hosts does not have a
reboot pending else this step will fail.
Broker - broker.contoso.com
Virtualization host - VH1.contoso.com
ipmo RemoteDesktop;
add-rdserver –ConnectionBroker broker.contoso.com –Role RDSVIRTUALIZATION –Server VH1.contoso.com
4. Failover Group 2: Template VM
5. Group 2 Script 1: Turn off Template VM
The Template VM when recovered to the secondary site will boot up. However it is a syspreped
VM and cannot boot up. Also RDS will require it in a shutdown state to create a Pooled VM
configuration from it. So we need to turn it off. In case of single VMM server, the template VM
name will be the same as on primary or secondary. Hence use the VM ID as specified by the
Context variable in the script. If there are multiple templates then you can turn them all off.
ipmo virtualmachinemanager;
Foreach($vm in $VMsAsTemplate)
{
Get-SCVirtualMachine -ID $vm | Stop-SCVirtualMachine –Force
}
6. Group 2 Script 2: Remove Existing Pooled VMs
The pooled VMs on the primary site need to be removed from the Broker so that new VMs can be
created on the secondary site. Note that in this case, you need to specify the exact host on which
the Pooled VM will be created. Note that this will delete the VMs from the collection only.
12 | P a g e
ipmo RemoteDesktop
$desktops = Get-RDVirtualDesktop -CollectionName Win8Desktops;
Foreach($vm in $desktops){
Remove-RDVirtualDesktopFromCollection -CollectionName Win8Desktops VirtualDesktopName $vm.VirtualDesktopName –Force
}
7. Group 2 Manual Action: Assign New Template
You need to assign the new template to the Broker for that collection so that you can create new
Pooled VMs on the recovery site. Go to the RDS Broker and identify the collection. Edit the
properties and specify a new VM Image as its template
8. Group 2 Script 3: Recreate all Pooled VMs
The pooled VMs on the recovery site need to be recreated via the Broker. Note that in this case,
you need to specify the exact host on which the Pooled VM will be created.
The Pooled VM name should be made unique by using the Prefix and Suffix. In case the VM name
already exists, this will fail. Also if the primary side VMs were numbered from 1-5, the recovery
site numbering will continue from 6 and above.
ipmo RemoteDesktop;
Add-RDVirtualDesktopToCollection -CollectionName Win8Desktops
-VirtualDesktopAllocation @{"RDVH1.contoso.com" = 1}
9. Failover Group 3: Web Access and Gateway server VM
13 | P a g e
Personal Desktop
You can customize the recovery plan for RDS personal deployment by grouping the VMs appropriately,
adding manual steps and scripts. The above snapshot shows the complete recovery plan after adding all
the steps.
Steps:
1. Failover Group 1: RDS Broker VM
2. Group 1 Manual Action: Update DNS
Run PowerShell on elevated mode on the Broker VM. Run the below command and wait for a
couple of minutes to ensure the DNS is updated with the new value.
> ipconfig /registerdns
This step is not required if you have retained IP address using NVGRE or mapping to the same IP
address Pool.
14 | P a g e
3. Group 1 Script: Add Virtualization Hosts
Modify the below script to run it for each Virtualization host in the Cloud. Typically after adding a
virtualization host to a broker, the host needs a reboot. Ensure that the Hosts does not have a
reboot pending else this step will fail.
Broker - broker.contoso.com
Virtualization host - VH1.contoso.com
ipmo RemoteDesktop;
add-rdserver –ConnectionBroker broker.contoso.com –Role RDSVIRTUALIZATION –Server VH1.contoso.com
4. Failover Group 2: Template VM
5. Group 2 Script 1: Turn off Template VM
The Template VM when recovered to the secondary site will boot up. However it is a syspreped
VM and cannot boot up. Also RDS will require it in a shutdown state to create a Pooled VM
configuration from it. So we need to turn it off. In case of single VMM server, the template VM
name will be the same as on primary or secondary. Hence use the VM ID as specified by the
Context variable in the script. If there are multiple templates then you can turn them all off.
ipmo virtualmachinemanager;
Foreach($vm in $VMsAsTemplate)
{
Get-SCVirtualMachine -ID $vm | Stop-SCVirtualMachine –Force
}
6. Failover Group 3: Personal VMs
7. Group 3 Script 1: Remove Existing Personal VMs and add them
The Personal VMs on the primary site need to be removed from the Broker so that new VMs can
be created on the secondary site. Note that in this case, you need to extract the VMs assignments
and re-add the virtual machines to the broker with the hash of assignments. Note that this will
only remove the Personal VMs from the collection and re-add them. The personal desktop
allocation will be exported and imported back into the collection.
15 | P a g e
ipmo RemoteDesktop
$desktops = Get-RDVirtualDesktop -CollectionName CEODesktops;
Export-RDPersonalVirtualDesktopAssignment -CollectionName CEODesktops -Path
./Desktopallocations.txt -ConnectionBroker broker.contoso.com
Foreach($vm in $desktops){
Remove-RDVirtualDesktopFromCollection -CollectionName CEODesktops VirtualDesktopName $vm.VirtualDesktopName –Force
}
Import-RDPersonalVirtualDesktopAssignment -CollectionName CEODesktops -Path
./Desktopallocations.txt -ConnectionBroker broker.contoso.com
8. Failover Group 3: Web Access and Gateway server VM
Perform a Test Failover
Refer to ‘AD DR Solution5’ and ‘SQL Server DR solution6’ companion guides for considerations specific to
AD and SQL server respectively during Test Failover.
1.
2.
3.
4.
5
6
Go to Azure manage portal and select your Site Recovery vault.
Click on the recovery plan created for RDS.
Click on ‘Test Failover’.
Select the virtual network to start the test failover process.
Protect AD
Protect SQL Server
16 | P a g e
5. Once the secondary environment is up, you can perform your validations.
6. Once the validations are complete, you can select ‘Validations complete’ and the test failover
environment will be cleaned.
Perform an Unplanned Failover
1. Go to Azure manage portal and select your Site Recovery vault.
2. Click on the recovery plan created for RDS.
3. Click on ‘Failover’ and select ‘Unplanned Failover’.
17 | P a g e
4. Select the target network and click ✓ to start the failover process.
Perform a Planned Failover
1.
2.
3.
4.
Go to Azure manage portal and select your Site Recovery vault.
Click on the recovery plan created for RDS.
Click on ‘Failover’ and select ‘Planned Failover’.
Select the target network and click ✓ to start the failover process.
Perform a Failback
Refer to ‘SQL Server DR Solution7’ companion guide for considerations specific to SQL server during
Failback.
1. Go to Azure manage portal and select your Site Recovery vault.
2. Click on the recovery plan created for RDS.
7
Protect SQL Server
18 | P a g e
3.
4.
5.
6.
Click on ‘Failover’ and select planned/unplanned failover.
Click on ‘Change Direction’.
Select the appropriate options - data synchronization and VM creation options
Click ✓ to start the ‘Failback’ process.
19 | P a g e
Best Practices
Capacity planning and readiness assessment
Hyper-V site
User Capacity planner tool8 to design the server, storage and network infrastructure for your Hyper-V
Replica environment.
Azure
You can run the Azure Virtual Machine Readiness Assessment tool9 on VMs to ensure that they are
compatible with Azure VMs and Azure Site Recovery Services. The Readiness Assessment Tool checks
VM configurations and warns when configurations are incompatible with Azure. For example, it issues a
warning if a C: drive is larger than 127 GB.
Capacity planning is made up of at least two important components:

Mapping on-premises Hyper-V VMs to Azure VM sizes (such as A6, A7, A8, and A9).

Determining the required Internet bandwidth.
Implementation Checklist
Step 1
Create Azure Site Recovery vault in Microsoft Azure subscription.
Check the prerequisites to protect your RDS application.
Step 2
Hyper-V only step - Download Microsoft Azure Site Recovery Provider, and install it on VMM server /
Hyper-V host
VMware only step - Configure Protection server, Configuration server and Master Target servers
appropriately
Step 3
Prepare resources.
Add an Azure Storage account.
Hyper-V only step - Download the Microsoft Azure Recovery Services Agent, and install it on Hyper-V
host servers.
VMware only step – Make sure the mobility service is installed on all the VMs
Step 4
8
9
Hyper-V Replica Capacity Planner tool
Azure Virtual Machine Readiness Assessment tool
20 | P a g e
Enable protection for VMs in VMM clouds / Hyper-V sites / VMware sites
Step 5
Map resources. Map on premise networks to Azure VNET.
Step 7
Create the recovery plan
Perform test failover using the recovery plan
Ensure that all VMs have access to required resources, such as Active Directory
Ensure that network redirections for RDS are working
Step 8
Perform DR drill using planned and unplanned failovers
Ensure that all VMs have access to required resources, such as Active Directory
Ensure that network redirections for RDS are working
Summary
Using Azure Site Recovery, you can create a complete automated disaster recovery plan for your Remote
Desktop Services (RDS) deployment. You can initiate the failover within seconds from anywhere in the
event of a disruption and get the application up and running in a few minutes.
21 | P a g e
Related documents
Windows Azure Active Directory Overview
Windows Azure Active Directory Overview
Getting Started - Microsoft Azure Platform Academic 150 day Pass.ppt
Getting Started - Microsoft Azure Platform Academic 150 day Pass.ppt
CloudBrew 2013- Connecting IoT
CloudBrew 2013- Connecting IoT
Computer Applications & Functions Worksheet
Computer Applications & Functions Worksheet
Windows Azure Websites
Windows Azure Websites
Road-to-the-Cloud-Compliance-Security-and-Trust
Road-to-the-Cloud-Compliance-Security-and-Trust
Running Your Dev/Test in Microsoft Azure
Running Your Dev/Test in Microsoft Azure
Download