none
Remote desktop services windows 2008 R2 design and certificate requirements

    Question

  • Hi Friends,

    I'm in the process of designing 2008 R2 RDS Farm for 500 users. I'm currently testing to set this up based on the following role placement

    3x RDSH -- Internal network - domain joined ( domain.local)

    1x RD Connection Broker  --- Internal network - domain joined ( domain.local)

    2x RD WebAccess and RD Gateway roles on each server -- Internal network - domain joined ( domain.local)

    I'm planning to deploy WebAccess and RD Gateway roles  on the  same server, but wants to have HA for both WebAccess and RD Gateway. As i only have to open port 443 and i don't see any reason to put the RD Web/Gateway in DMZ.


    Can i achieve HA using two servers with each one having RD Web and RD Gateway roles installed? I'm planning to use NLB, but don't know if i can use this when both roles are installed on each of the two servers? is there any best way to design this? does it really effect the performance?

     I red some where that a minimum of 2 SAN certs are required . one to cover the farm name: domain.local [INTERNAL DOMAIN] and another SAN cert covering rdg,web and app signing. do we really need two certs? can i get away with one SAN cert covering domain.local,sign.domain.com,rdg.domain.com,web.domain.com?

    OR 1 cert covering domain.local and office.domain.com and use the office.domain.com for RDG/WEB/APP SIGNING?

    what is the best way to perform load test before going to production? any capacity planning tools? automation tools?testing tools?

    I'll really appreciate your help.

    many thanks

    sri



    • Edited by RDPS007 Sunday, July 07, 2013 9:08 AM
    Sunday, July 07, 2013 8:30 AM