Microsoft Readies Preview of Improved Remote Desktop Services

Remote Desktop Services (RDS), a Windows Server capability for virtual desktop infrastructure (VDI) scenarios, will soon get Azure Active Directory (AD) support, a more secure architecture and HTML5 browser access support.

Microsoft announced the improvements this week, indicating that all would be "in preview soon," though the company did not specify a release date.

New RDS security protections will be enabled by coming Azure AD support. Organizations will be able to impose multifactor authentication, an identity verification scheme that uses phone calls or text messages to secondarily confirm a user's identity. They'll also get conditional access support, which might be used to affirm a device's compliance status with IT policies before granting access.

Microsoft's video showed that users logged into an application will be able to quickly switch to other applications with the new RDS security approach. RDS also will get access to the Microsoft Security Graph service.

Microsoft is contending that an architectural change will add security to the service. Specifically, the RDS Gateway and Web roles aren't Internet facing anymore and thus subject to attack. Here's how Scott Manchester, principal group program manager for Remote Desktop Services, described it:

With the modern infrastructure roles, we isolate the infrastructure components from the Application and Desktop Host, and the infrastructure roles, like the Gateway and RD Web, and the rest of the infrastructure, are no longer joined to the domain. And because of this, now we can support multitenant deployments. And notice one other change. There's no RDVH role now. We've brought those same capabilities for VDI management directly into the Connection Broker. And we've also added a new role, Diagnostics. This new role collects information on the health of the deployment and can be used to troubleshoot end-to-end connectivity problems. And finally the Application and Desktop Host no longer requires open inbound ports. They establish an outbound connection to the infrastructure using Port 443.

This new "modern infrastructure" for RDS was illustrated by this slide:

[Click on image for larger view.] Coming Remote Desktop Services architectural change. (Source: Microsoft video.)

The architectural changes will help RDS hosters better serve multiple tenants, Manchester added. They can use cloud infrastructure such as Microsoft Azure, as well as hybrid deployments where the Application and Desktop Host role gets located on the organization's premises.

RDS can also be accessed via HTML5 browsers with the new approach, in addition to RDS applications. The new browser-based access can be used to support remote access to resources by travelers. It also supports kiosk worker types of scenarios.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.


  • 2020 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss. (Now updated with COVID-19-related event changes.)

  • Nvidia Buys Chip Maker Arm for $40 Billion

    Nvidia has entered into a "definitive agreement" to acquire U.K.-based chip design company Arm Ltd. from the SoftBank Group in a stock-and-cash deal valued at $40 billion.

  • The 2020 Microsoft Product Roadmap

    From the next major update to Windows 10 to the next generations of .NET and PowerShell, here's what's on tap from Microsoft this year.

  • Oracle, Not Microsoft, Wins TikTok Buyout Bid

    Oracle's proposal to acquire TikTok's U.S. social media operations emerged victorious over the weekend, putting an end to Microsoft's competing buyout bid.