Skip to main content

Part 3:- Building VDI using Remote Desktop Services (RDS)

After the virtual machines are installed and configured for the domain, you must configure them to work with Remote Desktop Services. The following steps must be configured on each virtual machine:

• Enable Remote Desktop.
• Add the user accounts that will be using this virtual machine to the local Remote Desktop Users security group.
• Allow Remote RPC.
• Create a firewall exception to allow Remote Services Management.
• Add permissions to the RDP protocol.

Task 1: Enable Remote Desktop and Add VDIGroup to the local Remote Desktop Users group

1. Log on to VDI01-Win7 with administrative rights.
2. Click Start, right-click Computer, and then click Properties.
3. Click Remote settings.
4. Under Remote Desktop, click Allow connections only from computers using Remote Desktop with Network Level Authentication (more secure), and then click Apply
5. Click on select Users button
6. On the Remote Desktop Users, click Add
7. Enter VDIGroup and click Check name
8. Click OK button to close the Remote Desktop Users
9. Click OK button to close the System Properties
10. Repeat these steps for VDI02-Win7 and VDI03-Win7.

Task 2:- To allow Remote RPC for Remote Desktop Services

1. Log on to VDI01-Win7 with administrative right
2 Click Start, and in the Search programs and files box, type regedit.exe and then press ENTER.
3. Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\TerminalServer.
4. Double-click the AllowRemoteRPC registry entry, in the Value data box, type 1 and then click OK.
Default value is 0.
5. Close Registry Editor.
6. Repeat these steps for VD102-Win7 and VDI03-Win7.

Task 3- To enable the Remote Service Management Windows Firewall exception

1. Log on to VDI01-Win7 with administrative right
2. Click Start, click Control Panel, and then click System and Security.
3. Under the Windows Firewall heading, click Allow a program through Windows Firewall.
4. Select the Remote Service Management check box, and then click OK.
5. Repeat these steps for VDI02-Win7 and VDI03-Win7.

Task 4-To add RDP protocol permissions to a virtual machine

1. Log on to VDI01-Win7 with administrative right
2. Click Start, point to All Programs, and then click Accessories.
3. Right-click Command Prompt, and then click Run as administrator.
4. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Yes.
5. At the command prompt, type the following commands:

• wmic /node:localhost RDPERMISSIONS where TerminalName="RDP-Tcp" CALL AddAccount "ms4u\RDSVHquot;,1
• wmic /node:localhost RDACCOUNT where "(TerminalName='RDP-Tcp' or TerminalName='Console') and AccountName='ms4u\\RDSVH" CALL ModifyPermissions 0,1
• wmic /node:localhost RDACCOUNT where "(TerminalName='RDP-Tcp' or TerminalName='Console') and AccountName='ms4u\\RDSVH" CALL ModifyPermissions 2,1
• wmic /node:localhost RDACCOUNT where "(TerminalName='RDP-Tcp' or TerminalName='Console') and AccountName='ms4u\\RDSVH" CALL ModifyPermissions 9,1
• Net stop termservice
• Net start termservice

Replace "ms4u" according to your domain name & "RDSVH" to your RD Virtualization Server host name.

6. Log off VDP1-CLNT. This is required in order for VDI Users to log on to one of the virtual machines in the virtual desktop pool successfully.
7. Repeat these steps for VDI02-Win7 and VDI03-Win7

Task 5- Enable Rollback on a virtual machine

Once you've complete all the configuration, you need to enable rollback. This allow VM to revert to original state once the user has log off. No data is saved into the VM. Please do not save your data inside the VM.
1. Open Hyper-V Manager. To open Hyper-V Manager, click Start, point to Administrative Tools, and then click Hyper-V Manager.
2. Under Virtual Machines, right-click, and then click Snapshot.
3. Under Snapshots, right-click, and then click Rename.
4. Type RDV_Rollback and then press ENTER. (Must use the exact snapshot name)
5.Cose Hyper-V Manager.
6. Repeat these steps for the VDI02-Win7 and VDI03-Win7 virtual machine

Task 6 - Verify Remote Desktop

1. Use your client computer and Open Re mote desktop connection. Click Start , on the search program and files , enter "mstsc" and press Enter
2. Key in "VDI01-Win7" and click Connect
3. Provide security authentication by enter username: -ms4u\vdiuser1 and the password isP@ssw0rd.
4. Click Ok
5. Make sure you can log on to the VM. Log off and repeat these steps for VDI02-Win7 and VDI03-Win7.

Popular posts from this blog


The BCD registry file controls which operating system installation starts and how long the boot manager waits before starting Windows. Basically, it’s like the Boot.ini file in earlier versions of Windows. If you need to edit it, the easiest way is to use the Startup And Recovery tool from within Vista. Just follow these steps: 1. Click Start. Right-click Computer, and then click Properties. 2. Click Advanced System Settings. 3. On the Advanced tab, under Startup and Recovery, click Settings. 4. Click the Default Operating System list, and edit other startup settings. Then, click OK. Same as Windows XP, right? But you’re probably not here because you couldn’t find that dialog box. You’re probably here because Windows Vista won’t start. In that case, you shouldn’t even worry about editing the BCD. Just run Startup Repair, and let the tool do what it’s supposed to. If you’re an advanced user, like an IT guy, you might want to edit the BCD file yourself. You can do this

DNS Scavenging.

                        DNS Scavenging is a great answer to a problem that has been nagging everyone since RFC 2136 came out way back in 1997.  Despite many clever methods of ensuring that clients and DHCP servers that perform dynamic updates clean up after themselves sometimes DNS can get messy.  Remember that old test server that you built two years ago that caught fire before it could be used?  Probably not.  DNS still remembers it though.  There are two big issues with DNS scavenging that seem to come up a lot: "I'm hitting this 'scavenge now' button like a snare drum and nothing is happening.  Why?" or "I woke up this morning, my DNS zones are nearly empty and Active Directory is sitting in a corner rocking back and forth crying.  What happened?" This post should help us figure out when the first issue will happen and completely avoid the second.  We'll go through how scavenging is setup then I'll give you my best practices.  Scavenging s

AD LDS – Syncronizing AD LDS with Active Directory

First, we will install the AD LDS Instance: 1. Create and AD LDS instance by clicking Start -> Administrative Tools -> Active Directory Lightweight Directory Services Setup Wizard. The Setup Wizard appears. 2. Click Next . The Setup Options dialog box appears. For the sake of this guide, a unique instance will be the primary focus. I will have a separate post regarding AD LDS replication at some point in the near future. 3. Select A unique instance . 4. Click Next and the Instance Name dialog box appears. The instance name will help you identify and differentiate it from other instances that you may have installed on the same end point. The instance name will be listed in the data directory for the instance as well as in the Add or Remove Programs snap-in. 5. Enter a unique instance name, for example IDG. 6. Click Next to display the Ports configuration dialog box. 7. Leave ports at their default values unless you have conflicts with the default values. 8. Click N