Tuesday 31 January 2017

Windows Server 2016 RDS Connection Broker HA with Azure PaaS Databases using PowerShell

One of the most welcomed features in Windows Server 2016 when on the topic of Remote Desktop Services is the ability to store the RD Connection Broker state database in an Azure PaaS database instance. In previous versions of RDS, the only method to achieve high availability for the RD Connection Broker was to implement a shared SQL database using AlwaysOn Availability Groups or a similar HA technique inside SQL Server.

Connect to your Azure ARM account


Define the variable and create a new Resource Group

$resourceGroup = "rds2016"
$resourceGroupLocation = "West Europe"

New-AzureRmResourceGroup -Name $resourceGroup -Location $resourceGroupLocation

Define the variables for the SQL Server

$serverName = "rds2016demo"
$serverVersion = "12.0"
$serverLocation = $resourceGroupLocation
$serverResourceGroupName = $resourceGroup

$serverAdmin = "IT"
$serverAdminPassword = "pshere"
$securePassword = ConvertTo-SecureString -String $serverAdminPassword -AsPlainText -Force
$serverCreds = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $serverAdmin, $securePassword

Create the new logical SQL Server using defined variables

New-AzureRmSqlServer -ResourceGroupName $resourceGroup -ServerName $serverName -Location $serverLocation -ServerVersion $serverVersion -SqlAdministratorCredentials $serverCreds

Define the variables for the SQL database

$DatabaseName = "rdsdeployment"
$DatabaseEdition = "Basic"
$DatabaseServiceLevel = "Basic"

Create the new database using defined variables

$AzureDatabase = New-AzureRmSqlDatabase -DatabaseName $DatabaseName -ServerName $serverName -ResourceGroupName $resourceGroup -Edition $DatabaseEdition -RequestedServiceObjectiveName $DatabaseServiceLevel

I used the portal to check that the resources had been created properly before I started configuring the Remote Desktop Connection Brokers. 

Now the Azure PaaS database has been created we can now configure our RD Connection Brokers to use it as the state database. Although you must first create some firewall rules on the Azure side to allow communication to your cloud SQL instance. Click the Firewall tab enable Allow access to Azure services and click the Add client IP

Commit the changes by clicking Save.

I have configured my deployment with two multi-role RDS servers, all the roles with the exception of the RD Connection Broker have already been made highly available.

From the Deployment Overview page, right click on the RD Connection Broker and select Configure High Availability.

Select Shared Database Server and click Next.

From your Azure PaaS database click on the Show database connection strings option.

Click the ODBC (Including Node.js) tab and copy the entire connection string. 

You then have to download and install the ODBC Driver 13 for SQL Server, you can grab a copy from here https://www.microsoft.com/en-us/download/details.aspx?id=53339

Once this has been done return to the RD configuration screen and enter the FQDN of the RDS cluster I have configured DNS Round Robin ahead of time for this deployment. Please note you could also use a hardware application delivery controller, this would be the recommended approach as DNS RR does not offer any kind of “failover”. I explain some of the differences in this blog post

You must copy the entire connection string, but please remember to change the password field.