As we know, RD Connection Broker is the brain of the RDS deployment which is responsible for directing clients to an available RD Session Host, reconnecting to existing sessions. It manages all session collections and published RemoteApps. It distributes the RDS configuration among the farm members. Having a single RD Connection Broker server creates a single point of failure. Back in 2008 R2, connection broker had a big disadvantage. We was able to configure High Availability but only as active / passive. Second server was used only when the first server failed. This provided high availability but not scalability. This is not the case any more (That was changed in RDS 2012) and now we can have multiple ative connection brokers in a single RDS environment.
Enabling Connection Broker HA is a one way ticket. Once a RD Connection Broker HA configuration is done, you cannot revert back without decommissioning the whole RDS configuration so be aware of it.
When RDS is configured, you will notice that there is a small database on RD Connection Broker server located in C:\Windows\rdcbDb
Database contains information about the farm and because it is stored locally on this machine there is no way for other Connection Brokers to access, read or modify it. For us to make RD Connection Broker highly available we need to move this database to SQL server so that other RD Brokers can talk to the database.
- Be sure to add second connection broker to All Servers in Server Manager (on your primary RDCB) so that you can manage it from there.
- Create Active Directory Security Group and add all your Connection Broker servers to it. We need this group to be able to convert the RD Connection Broker to a highly available RD Connection Broker.
- Configure the DNS Round Robin using the IP address’s of the Connection Brokers.
- SQL server is a must. I will run this on SQL 2016. Be sure to pre-create a folder to store the SQL database files on SQL server if you are not planing to use SQL default path. Give RD Connection Brokers full access on the folder.
- Ensure that all RDCB Servers have the SQL Server Native Client Installed
Let’s get started.
- Add second connection broker in the All servers list in Server Manager
- Create new security group in AD and add both RDCB servers in it. In my case ,RD Connection Brokers. Reboot RD Connection Broker servers.
- Next step is to create new host record in DNS. It will be used for DNS round robin for the broker servers. In my case I am using the DNS name of RDSFarm
- Let’s configure the SQL Server. Check if TCP/IP is enabled under Client Protocols. SQL Server 2016 install enables this by default, but check it just to be sure, especially if you use an existing SQL Server.
Click on Protocols for MSSQLSERVER and be sure that the TCP/IP is enabled.
Be sure that port 1433 is not being blocked by Windows Firewall. I added new rule SQL Server with port 1433 to the exception list to allow all inbound traffic.
When that is done, open SQL Management Studio –> expand Security and right click on Logins –> New Login
Click on Search
Change Object Types to Group, change Locations to Entire Directory and Add RD Group. Once Done, click OK
On Login – New Wizard, Click Server Roles and mark dbcreator. Click OK
We have granted the RDS Connection Broker server the right to create databases.
We need this because the RDS Connection Broker service will try to migrate from WID (Windows Internal Database to a (high available) SQL Server instance when we convert the Broker to a high available broker.
- Our next step is to install SQL Client on all RD Connection Broker servers so that they can communicate with the SQL Server. I have sql iso file on both RDCB Servers. Start SQL server installation and add Client Tools Connectivity.
Everything should be in place now so let’s convert the RD Connection Broker to HA.
In Server Manager click on remote desktop service node -> Overview –> Right-Click on RD Connection Broker and select Configure High Availability
Before you begin wizard will pop-up. Click Next
On Configure RD Connection Broker for HA page, click on Dedicated database server and click Next. Choose second option (Shared database server) if you manually created database on sql server.
On Configure RD Connection Broker for HA page, type in the DNS Round Robin name, Connection String and where you want to store the database.
DNS Name: RDSFARM.mehic.se
Connection String: DRIVER=SQL Server Native Client 11.0;SERVER=<name of SQL server>;Trusted_Connection=Yes;APP=Remote Desktop Services Connection Broker;DATABASE=<name of database>
Folder path: C:\Program Files\Microsoft SQL Server\MSSQL13.MSSQLSERVER\MSSQL\DATA
Once done, click next
On Confirmation Page, click Configure
And if everything is configured properly you should see Succeeded. Click Close
The RD Connection Broker is now in High Availability Mode which we can see in Server Manager Overview
Before we continue let’s go back to our SQL server to check if database is created.
Expand Security –> Double-Click on your connection broker login and under User Mapping click on RDS database and give db_owner permission. Once done click ok
Now we are ready to add second Connection Broker server. Go to Server Manager –> Remote Desktop Services, right click on RD Connection Broker and choose Add RD Connection Broker Server to add your new broker server
On Before you begin page, click Next
On Select a server page, select your Connection Broker server and click Next
On Confirm selections page, click ADD
Once the configuration is completed, we will now need to re-apply the certificates for Single-Sign On and Publishing. This certificate will be required on all broker servers. Select the option Configure certificate
Deployment Properties wizard will pop-up. You can see that status is showing Error. This is because I already pre-created my certificates. Click Select existing certificate
Locate the certificate, enter the password and select the checkbox to allow the certificate to be added to the Trusted Root Certification Authorities certificate store on the destination computers and hit OK.
Hit Apply to assign the certificate and you will see Success. Do the same for Publishing. Click on OK and close the wizard.
The RDS Farm is now configured with two highly available RD Connection broker servers.
If you would like to change RD Management server you can do it under tasks –> Select RD management server.
That’s it. In the next posts we will continue with our RDS Deployment and add additional session host and configure RD Gateway.
Thanks for reading.