Manage Windows Terminal Services With TS Session Broker
Windows Server 2008 has added several very useful enhancements to Terminal Services (TS). TS Remote Apps lets you present TS based applications to users in a way that is virtually identical to a standard desktop app. TS Gateway finally gives us a way to monitor and manage remote desktop connections. If these new features entice you to increase the TS footprint at your organization then you will likely want to deploy multiple terminal servers to handle the load and ease maintenance. TS Session Broker with load balancing makes it easy to deploy multiple load balanced terminal servers, and even return users to the correct terminal server if they've left a TS session open.
Windows Server 2003 introduced the Terminal Services Session Directory (TSSD) feature. This feature has been enhanced and renamed to the TS Session Broker role in Windows Server 2008. Microsoft has also made this feature available in the Standard version of Windows Server 2008 (the TSSD feature required the Enterprise edition of Window Server 2003). TSSD is able to redirect users back to the appropriate terminal server if they are attempting to reconnect to a disconnected session, but it does not have any logic to even out the load among terminal servers (i.e. load balancing). TS Session Broker has the ability to see how many connections there are on each terminal server in a Windows Server 2008 TS farm and direct new remote desktop sessions to the server with the least number of connections.
Below are the steps for a basic deployment of TS Session Broker Load Balancing.
- One domain attached Windows Server 2008 box to host the TS Session Broker role
- Two or more Windows Server 2008 terminal servers (the TS Session Broker can live on one of your terminal servers)
- Access to configure DNS for round robin load balancing
Install TS Session Broker:
- Start >> Server Manager >> Roles >> Add Roles >> Next
- Select Terminal Services >> Next >> Next
- Select TS Session Broker >> Next >> Install
Add Terminal Servers to the Session Directory Computers Local Group on the TS Session Broker Server:
- Start >> Server Manager >> Configuration >> Local Users and Groups
- Select Groups >> double click on Session Directory Computers >> Add...
- Click on Object Types... >> select Computers >> OK
- Enter the computer names for each terminal server separated by a semi-colon >> OK >> OK
Setup Terminal Servers to Be a Part of the TS Session Broker Load Balancing Farm:
- Start >> Administrative Tools >> Terminal Services >> Terminal Services Configuration
- Double click on Member of farm in TS Session Broker (under the Edit settings area) >> select the checkbox to Join a farm in TS Session Broker
- Enter the requested information
- Be sure to use the same Farm name (e.g. tsfarm1) on all of the terminal servers
- If you want to do load balancing then check the box to Participate in Session Broker Load-Balancing
- Select the IP address(es) that you want to give clients when they are being reconnected back to this server because that is where their pre-existing session lives
Setup Load Balancing:
There are several options for load balancing your terminal servers. These include hardware load balancers, Microsoft's Network Load Balancing, and DNS round robin. Round robin DNS is the simplest to setup so we'll take a look at the steps required to get that going:
- On your Windows Server 2008 DNS server >> Start >> Administrative Tools >> DNS
- Expand SERVERNAME and then Forward Lookup Zones
- Right click on the appropriate Forward Lookup Zone (e.g. ad.mydomain.com) and select New Host (A or AAAA)...
- Enter the name of your new TS Session Broker farm (e.g. tsfarm1) into the Name field and enter the IP address for one of the terminal servers in your farm.
- Repeat steps 3 and 4 using the same Name (e.g. tsfarm1) with a different IP address until you have entered each of your terminal server's IP addresses.
That's it, you've just setup DNS round robin by adding several DNS resource records with the same Name but different IP addresses. When queried for the TS farm name (e.g. tsfarm1.ad.mydomain.com) your DNS server will return all of the IP addresses for that record, but change the order in which IP addresses are returned for each query (clients typically use the first IP address in the list). This is definitely not the most sophisticated form of load balancing, but it should be good enough for most small to midsize TS Session Broker deployments.
Connecting to Your New TS Farm
Now let's take a look at how to connect to your new load balanced TS farm and walk through the connection process. First, you will want to make sure you are using a client with Remote Desktop Connection version 5.2 or later. Second, if you are not going to be logging on as an administrator be sure that you have added your remote user the Remote Desktop Users group on each terminal server. Open up a new Remote Desktop Connection (mstsc.exe), input the name of your TS farm (e.g. tsfarm1.ad.mydomain.com), and click Connect!
When you click on that Connect button your client will query DNS for your TS farm name (e.g. tsfarm1.ad.mydomain.com). Because you have setup DNS round robin you will get a list of IP addresses back from the server. The client will make a connection to the fist IP address in the list and end up talking to one of the terminal servers. This terminal server will query the TS Session Broker server to determine which terminal server the client should logon to. If the user already has a session open on one of the terminal servers then they will be referred to that server, otherwise, they will be referred to the server with the least number of connections. The client then makes a direct connection to that terminal server. Finally the terminal server that the user logged on to lets the TS Session Broker server know that the user has successfully logged on.
Other Useful Info
You can also use group policy to configure your terminal servers to be a part of the TS Session Broker farm instead of manually configuring each server via the Terminal Services Configuration console. These settings are located under Computer Configuration/Policies/Administrative Templates/Windows Components/Terminal Services/Terminal Server/TS Session Broker. By creating a group policy object with the TS Session Broker settings you can automatically apply these settings to servers in a particular Organizational Unit in Active Directory.
If you are having trouble with your TS Session Broker installation you can enable logging by manipulating the following registry key:
0: No output
1: Output to debugger
2: Output to the command window. This option only applies when starting tssdis.exe using the -debug switch for debugging
3: Output to a log file, tssdis.log
TS Session Broker Load Balancing is a great addition to Windows Server 2008. If you are looking at deploying more than one terminal server then it's definitely something worth exploring.