azure / rds-templates Goto Github PK
View Code? Open in Web Editor NEWARM Templates for Remote Desktop Services deployments
License: MIT License
ARM Templates for Remote Desktop Services deployments
License: MIT License
when deploying template, azurerm module always installs.
changing from:
# install AzureRM module # if (-not (get-module AzureRM)) { log "installing AzureRm powershell module..." install-module AzureRM -force }
changing to:
# install AzureRM module # if (-not (get-module AzureRM*)) { log "installing AzureRm powershell module..." install-module AzureRM -force }
Missing the following parameters:
From @mmarch on March 8, 2017 19:45
From: Dharmesh Chauhan
Sent: Tuesday, March 7, 2017 6:38 AM
Subject: RE: [REG:117013115250952] Re ticket 117012615231936 FAO Azure AD Domain Ser
Hi All,
Thanks for your help, after much trial and error I have managed to deploy a set of servers using the template, when I was expecting it to work “straight out of the box” with it being a quickstart template. Below is some feedback which I hope helps you with making the templating more user friendly, and more applicable to customer environment set ups.
When completing the template BASICS section, there is an option to select New or existing resource group, however this contradicts with the fact that I was only able to complete the deployment without failure if I chose the RG the VNet was a part of.
Hand in hand with that, I had to modify the template variables to use specific values for dns labels, storage account and container, dns server etc as some of these values had concatenated resource group values, and with the VNet RG had a hyphen and mixed upper and lower case, this was causing issues with limitations in naming conventions of some resources therefore failing deploying, e.g. storage accounts can only be in lower case.
Also some of the parameter name and descriptions on https://azure.microsoft.com/en-gb/resources/templates/rds-deployment-existing-ad/ are not clear enough:
adVnetName – I was able to use the ARM Vnet and did not have to use the classic Vnet where AAD is hosted.
adSubnetName - The subnet name of AD domain. I found this to be incorrect as was able to set the VMs to in in a subnet where the AD is not located, i.e. subnet BTApp
adminUsername – From trial and error I realised this has to be a domain account with admin permissions, as from reading the description I interpreted this as declaring a username for a local admin account to be created.
Also there are the limitations that all VMs have to be in one subnet, and all resources in one resource group however I understand there is probably a way to split this out.
Kind Regards,
Daz Chauhan | Senior Technical Analyst
Copied from original issue: mmarch/rds-templates#36
add test scripts to rds-templates/scripts to test / validate all rds-deployments
From @fberson on December 1, 2016 15:1
For most of the resources that these templates create a variable, parameter of function is used to construct the name of the resources. This makes sense and I usually do that too, however is does have a small negative effect on the readability in for example Visual Studio. Objects names are not resolved at this point.
An easy way to accomplish this is by adding a tag in the resource
{
"apiVersion": "[variables('apiVersion')]",
"type": "Microsoft.Compute/virtualMachines",
"name": "[concat(parameters('RDGWHostNamePrefix'),'0', copyindex(1))]",
"tags": {
"displayName": "RD Gateway Virtual Machines"
},
This improves readability in Visual Studio, as per example below. Again, this is in no way critical but it helps to interpret resources in Visual Studio by others
Copied from original issue: mmarch/rds-templates#20
SQLServer parameter is required, otherwise the deployment will fail with error of missing argument of sqlserver.
The description implies it is only required for dedicated database, so for Azure SQL, it should not be required.
By providing sqlserver name, the deployment will complete but the script has errors loged for configuring the computer group for sql.
Should we check the sqlserver parameter is provided or not before running the SetupGroups in the SetupCB function?
partial revert commit 4216303 that implements managed disk.
From @mmarch on November 25, 2016 22:9
https://github.com/Azure/azure-quickstart-templates/blob/master/rds-deployment/azuredeploy.json has its adAssetLocation set to https://raw.githubusercontent.com/Azure/AzureStack-QuickStart-Templates/master/ad-non-ha, which is a cross-repo reference
Copied from original issue: mmarch/rds-templates#2
I am running into an issue with Windows Virtual Desktop - Provision a host pool in Azure Resource Manager Marketplace
When you set Specify domain to join to yes the OU path I am entering is failing validation and I cannot continue. This same exact OU path worked about a month ago.
Domain to Join: adbyo.acexamplecompany.sandbox.ac
OU Path: OU=Win10Multi,OU=WVD,OU=Servers,OU=Endpoints,OU=AC Example Company,DC=adbyo,DC=acexamplecompany,DC=sandbox,DC=ac
It looks like it is because spaces are not supported for OU names because this DN passes validation.
OU=Win10Multi,OU=WVD,OU=Servers,OU=Endpoints,OU=ACExampleCompany,DC=adbyo,DC=acexamplecompany,DC=sandbox,DC=ac
From @mmarch on November 25, 2016 23:5
Need automated check-in validation and CI tests to prevent regressions.
Copied from original issue: mmarch/rds-templates#9
documentation: add additional documentation for Azure sql db creation and odbc connection string
will update readme.md and odbcstring and examples to create azure sql db
From @mmarch on November 25, 2016 22:57
Predefined list with A- and D-series only (v1)
Copied from original issue: mmarch/rds-templates#7
From @mmarch on November 28, 2016 17:16
for ease of use
Copied from original issue: mmarch/rds-templates#10
From @mmarch on March 6, 2017 20:15
This always leads to validation errors - dns names and storage account names cannot have uppercase letters or dashes '-'.
See Azure/azure-quickstart-templates Issue #2990, and #12.
Per Best Practices guidelines for Resources: domainNameLabels should use uniquestring(resourceGroup().id) instead in all cases.
Copied from original issue: mmarch/rds-templates#35
template is invalid. hardcoded resource name "loadbalancer" in the template, should be based on the parameter parameter("loadbalancer")
parameter file for deployment rds-deployment-uber/azuredeploy.parameters.json missing.
This repository misses the license file.
The severity of that varies from project to project, but my goal here is to attract some attention.
If it's not a problem, this issue can be closed.
I'm leaving it here just in case: https://help.github.com/articles/adding-a-license-to-a-repository/.
Thanks.
From @mmarch on November 25, 2016 22:14
rds-deployment has inboundNatRule in load balancer for RDP port 3389 open directly to gateway/rdweb vm
Copied from original issue: mmarch/rds-templates#3
From @cnicholson on March 16, 2017 0:45
Copied from original issue: mmarch/rds-templates#39
From @mmarch on February 2, 2017 23:21
It makes sense to deploy RDSH servers in their own separate RG, so that they can be created, managed, and deleted all together (including their associated resources, like NICs, disks, etc.).
Copied from original issue: mmarch/rds-templates#28
the Deploy to Azure points the wrong url, and it doesn't contain any resources.
rds-deployment-ha-broker/scripts/RdcbHaPostConfig.ps1 calling Get-ADDomain which is not installed by default on windows 2012.
27 $domainNetbios = (Get-ADDomain -Current LocalComputer).NetBIOSName
fix rds-update-certificate/Scripts/Script.ps1 rdgw wmi query for rap
script calling get-wmiobject with -computername but is logging 80040005
changing to invoke-command
From @cnicholson on January 30, 2017 19:47
AD template uses "adLoadBalancer" . rdgwLoadBalancer is consistent.
Copied from original issue: mmarch/rds-templates#22
From @cnicholson on January 30, 2017 19:52
deployment FQDN is the one that is set in "Deployment Properties" dialog and is what is used in the published RDP file to connect to the RDGW.
Also noticed that the SSL certificate on the RDGW VM has the wrong name. It is currently the name of the public IP address connected directly to the VM rather than the name on the RDGWLB public IP.
Copied from original issue: mmarch/rds-templates#23
From @cnicholson on January 30, 2017 20:43
and perhaps other things that are on the ToDo list after the deployment is done.
Copied from original issue: mmarch/rds-templates#25
rds-update-certificate / Scripts / Script.ps1 issues with trusted cert.
not able to rdp due to gateway config in rdp file.
'gatewayhostname' not set to cert subject name in rdp file.
cert subject jagilber.com
drivestoredirect:s:*
redirectdrives:i:1
session bpp:i:32
prompt for credentials on client:i:1
server port:i:3389
allow font smoothing:i:1
promptcredentialonce:i:1
videoplaybackmode:i:1
audiocapturemode:i:1
gatewayusagemethod:i:1
gatewayprofileusagemethod:i:1
gatewaycredentialssource:i:0
full address:s:broker.eastus.cloudapp.azure.com
gatewayhostname:s:rdsdepha3.eastus.cloudapp.azure.com
workspace id:s:broker.rdsdepha3.lab
use redirection server name:i:1
loadbalanceinfo:s:tsv://MS Terminal Services Plugin.1.Desktop_Collecti
use multimon:i:1
alternate full address:s:broker.eastus.cloudapp.azure.com
redirectclipboard:i:1
redirectprinters:i:1
redirectcomports:i:0
redirectsmartcards:i:1
devicestoredirect:s:*
drivestoredirect:s:*
redirectdrives:i:1
session bpp:i:32
prompt for credentials on client:i:1
server port:i:3389
allow font smoothing:i:1
promptcredentialonce:i:1
videoplaybackmode:i:1
audiocapturemode:i:1
gatewayusagemethod:i:1
gatewayprofileusagemethod:i:1
gatewaycredentialssource:i:0
full address:s:broker.rdsdepha3.lab
gatewayhostname:s:gateway.jagilber.com
workspace id:s:broker.rdsdepha3.lab
use redirection server name:i:1
loadbalanceinfo:s:tsv://MS Terminal Services Plugin.1.Desktop_Collecti
use multimon:i:1
alternate full address:s:broker.rdsdepha3.lab
testing fixes
From @mmarch on November 25, 2016 22:32
rds-deployment calls ad creation template which creates a loadbalancer, and then creates another one of its own
This is redundant and unnecessary.
Copied from original issue: mmarch/rds-templates#5
From @cnicholson on January 30, 2017 20:42
Apparently this was added for Azure Stack test automation. This should be added outside of the template.
Copied from original issue: mmarch/rds-templates#24
add missing rds-deployment-ha-broker/azuredeploy.parameters.json parameter file for deployment
documentation: RDS-Templates / rds-deployment-ha-gateway / azuredeploy.parameters.json
issue:
rds-deployment installs 1 rd gateway.
deploying rds-deployment-ha-gateway with default value of '2' for 'numberOfWebGwInstances' will deploy 2 additional instances of remote desktop gateway. this will give a total of 3 rd gateways.
setting value to '1' for numberOfWebGwInstances will deploy 1 additional rd gateway so that the total will be 2 rd gateways.
changing default value from 2 to 1
change from:
"numberOfWebGwInstances": {
"value": 2
},
change to:
"numberOfWebGwInstances": {
"value": 1
},
is it possible to get the templates updated for server 2019 deployments?
From @mmarch on November 25, 2016 22:45
https://github.com/Azure/azure-quickstart-templates/tree/master/201-vm-domain-join
https://github.com/Azure/azure-quickstart-templates/tree/master/201-vm-domain-join-existing
this is said to work faster than domain join via dsc
Copied from original issue: mmarch/rds-templates#6
From @fberson on December 1, 2016 14:49
The naming os computer hostnames and azure VM names is not very consistent and does not allow customers to add a custom prefix. I would like to suggest introduce 3 new variables to be able to provide the prefix for each of the three roles, as an example for RD Gateway:
"gatewayHostNamePrefix": {
"type": "string",
"defaultValue": "RDGW-",
"metadata": {
"description": "Hostname prefix for RD Gateway Servers"
}
Use those to construct the computername like below
"osProfile": {
"computerName": "[concat(parameters(' gatewayHostNamePrefix'),'0', copyindex(1))]",
And use the same convention for the VM names in Azure as well to make things consistent
"type": "Microsoft.Compute/virtualMachines",
"name": "[concat(parameters(gatewayHostNamePrefix'),'0', copyindex(1))]",
Copied from original issue: mmarch/rds-templates#13
From @Haley-Rowland on February 23, 2017 19:3
Allow resources to be deployed in a different region than the resource group in which they're deployed. Default should be resourcegroup().location, but give users ability to change this.
RE Quickstart template behavior questions.txt
Copied from original issue: mmarch/rds-templates#32
rds-deployment/rds-update-certificate/scripts/Script.ps1 removing external dependency on gallery script
set-rdpublishedname.ps1
reasons:
submitting PR after final testing
From @mmarch on February 2, 2017 23:29
rds-update-rdsh-collection template should be copying the source image (the template VHD) to the new storage account (currently when it creates new RDSH VMs it places cloned VHDs in the same storage account where the source VHD is).
This template: 201-vm-custom-image-new-storage-account - does that. It's a matter of running the ImageTransfer.ps1 script in a VM (and we do have infra VMs available, e.g. broker VM, where this can run).
Copied from original issue: mmarch/rds-templates#29
From @mmarch on November 23, 2016 18:12
Copied from original issue: mmarch/rds-templates#1
From @mmarch on November 25, 2016 22:9
https://github.com/Azure/azure-quickstart-templates/blob/master/rds-deployment/azuredeploy.json has its adAssetLocation set to https://raw.githubusercontent.com/Azure/AzureStack-QuickStart-Templates/master/ad-non-ha, which is a cross-repo reference
Copied from original issue: mmarch/rds-templates#2
Existing vnet doesn't always work, since it assumes the vnet is in the same ResourceGroup as the current deployment, which isn't possible with Azure Marketplace deployment and doesn't work with typical ExpressRoute setups (where the ExpressRoute is all by itself in a resource group).
Behavior should model the one here:
https://github.com/Azure/azure-quickstart-templates/tree/master/101-vm-from-user-image
where...
when testing script in session nuget dialog is being displayed
changing from:
# verify NuGet package
$nuget = get-packageprovider nuget
if (-not $nuget -or ($nuget.Version -lt 2.8.5.22))
{
log "installing nuget package..."
install-packageprovider -name NuGet -minimumversion 2.8.5.201 -force
}
changing to:
# verify NuGet package
$nuget = get-packageprovider nuget -Force
if (-not $nuget -or ($nuget.Version -lt 2.8.5.22))
{
log "installing nuget package..."
install-packageprovider -name NuGet -minimumversion 2.8.5.201 -force
}
From @mmarch on November 25, 2016 23:3
Currently we create WS2012R2 domain controller with rds-deployment.
https://github.com/Azure/azure-quickstart-templates/blob/master/active-directory-new-domain/azuredeploy.json has storageProfile/imageReference/sku hardcoded to '2012-R2-Datacenter'
Copied from original issue: mmarch/rds-templates#8
From @mmarch on March 15, 2017 21:53
Change all templates to use Azure Managed Disks, this will simplify things since there is no need to manage storage accounts anymore.
Copied from original issue: mmarch/rds-templates#37
modify rds-deployment/scripts/art-rds-deployment-test.ps1 validation script for changes from commit 4216303 where parameter names were modified.
From @mmarch on November 25, 2016 22:26
External AD-creation templates that we use from our templates (Azure/active-directory-new-domain, and AzureStack/ad-non-ha) create their own loadbalancer and open RDP 3389 to domain controller vm
Copied from original issue: mmarch/rds-templates#4
even provided invalid connection string, the deployment still reports successful, but the actual HA connection broker configuration failed. Should it throw errors to show deployment failed?
From @mmarch on March 15, 2017 22:18
Need a parameter to specify which resource group the existing VNET belongs to.
"... the VNET is expected to be in the same RG as the other resources. In most of deployments this is not the case. "
"... current requirement of the Basic RDS Template with Existing AD, is that the VNET resides in the same Resource Group. This limitation came up in earlier discussion and we already identified this as something that we need to change going forward."
Copied from original issue: mmarch/rds-templates#38
From @ChristianMontoya on February 2, 2017 23:14
We might be relying on a separate .json file for NIC creation, but we just need to ensure that we don't set any dnsProperties for the NICs so that they will be set to inherit DNS servers from the VNET.
Copied from original issue: mmarch/rds-templates#27
rds-deployment/rds-update-certificate/scripts/Script.ps1 removing external dependency on gallery script
new-impersonateuser.ps1
reasons:
submitting PR after final testing
From @fberson on December 1, 2016 14:59
The RD Session Collection High availability adds additional VM’s with the RD Gateway and RD Web Access role, if I specify 2 as the numberOfWebGwInstances it creates 2 additional VM’s. I think this will confuse users as they would probably expect that 1 additional VM would be created because there already is 1 VM with those roles created using the RDS farm deployment template.
I would suggest to change the name of the first RD Gateway server to have that created with a postfix -01 and that this templates adds an RD Gateway server with postfix -02, also see #13
Copied from original issue: mmarch/rds-templates#19
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.