We will guide you through a remote desktop session host configuration in Windows Server 2019, covering pre-requisites, installation, configuration after deployment, and best practices.
What Is a RDP Session Host (RDSH)?
The Remote Desktop Session Host role enables a server to host the full Windows desktop or Windows-based applications for Remote Desktop Protocol Services users. In a scenario where a user logs in to a server with the RDSH role, they can use the desktop environment or published applications as if running on a local machine. It’s commonly utilized for:
- Centralized app and desktop delivery
- Multi-user terminal sessions
- Cost-effective remote worker solutions
Prerequisites for RDSH Installation on Server 2019
As we proceed with the configuration, ensure you have the following:
1. System Requirements
- Windows Server 2019 Standard or Datacenter
- At least 8GB RAM (16GB+ recommended for multiple sessions)
- Static IP Address
- Domain-joined server (for centralized management)
2. Administrative Rights
You need to log in with a user account that has Administrator rights.
3. Firewall & Network
Enable TCP ports 3389 (RDP) and the others used by RDS roles. Disable or configure third-party firewalls.Step-by-
Step: Install and Configure Remote Desktop Session Host on Server 2019
Step-1: Install the Remote Desktop Services Role
- Open Server Manager.
- Press “Join Roles & Features”.
- Press through the “Before You Begin” page & select Role-based or feature-based configuration.
- Choose your local server from the list of servers.
- Under Server Roles, choose Remote Desktop Services.
- Under Role Services, choose:
- Remote Desktop Session Host
- (Optional: Remote Desktop Licensing, Gateway, etc.)
- Click Next, and then Install.
- Reboot the server during installation.
Step-2: Add the Server to a Remote Desktop Deployment (Optional)
If you are using a full RDS deployment (with Connection Broker, Web Access, etc.):
- Go to Server Manager > Remote Desktop Services.
- Click Quick Start or Standard Deployment.
- Choose Session-based desktop deployment.
- Join your current server as the Session Host.
Step-3: Configure User Access
To allow users to access the Session Host:
- Go to System Properties > Remote tab.
- Select Allow remote connections to this computer.
- Click Select Users > Add.
- Add domain or local users/groups who should access RDP.
Note: Administrators are allowed by default.
Step-4: Set Up Licensing (Important for Production)
Without proper licensing, your RDSH server will only allow temporary use.
- Install the Remote Desktop Licensing role via Server Manager.
- Open RD Licensing Manager.
- Activate the server.
- Install your RDS CALs (Client Access Licenses).
- Plans, point your assembly Host to the license server:
- Run gpedit.msc →
- Navigate to Computer Configuration > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Licensing
- Set Use the specified Remote Desktop license servers.
- Set License mode to Per User or Per Device.
Step-5: Configure Remote Desktop Session Host Settings
Now that everything is installed, configure session limits, timeouts, and profiles.
1. Session Time Limits
- Run gpedit.msc
- Navigate to:
Computer (PC) Configuration > Admin Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Session Time Limits
- Set policies like:
- Set time limit for active but idle sessions
- Set time limit for disconnected sessions
- Set policies like:
2. User Profile Disks (Optional)
If you want user data and settings to roam with them:
- Use Group Policy or FSLogix to manage profile containers.
3. Restrict Users to a Single Session
- Useful in shared environments:
- Group Policy >
- Useful in shared environments:
Desktop Configuration > Admin Templates > Windows Components > Remote Desktop Services > RD Session Host > Connections
- Enable Restrict users to a single session.
Security Best Practices
To protect your RDSH environment:
1. Use Network Level Authentication (NLA)
- Allows authentication prior to full RDP session establishment.
- Found at System > Remote Settings > Enable NLA.
2. Establish Strong Password Policies
- Require password complexity and change intervals through Group Policy
3. Restrict User Permissions
- Do not grant excessive admin rights to RDS users
4. Audit RDP Logs
- Display logins through Event Viewer (Event ID 4624, 4625)
5. Utilize SSL Certificates
- Configure RDS to use an SSL cert to encrypt, especially when accessed over the internet.
Performance Optimization Tips
- Enable RemoteFX compression to conserve bandwidth.
- Use SSDs or NVMe for better disk I/O.
- Disable any unnecessary background services.
- Set the latest drivers for display & network.
- Allocate sufficient RAM & CPU to the server, based on the number of simultaneous users expected.
Troubleshooting Common RDSH Issues
| Issue | Solution |
|---|---|
| Users can’t connect via RDP | Check firewall, user permissions, licensing, and IP config |
| License server not recognized | Reconfigure Group Policy licensing settings |
| Sessions not disconnecting after timeout | Review and adjust session limit policies |
| Profiles not loading correctly | Check permissions on profile directories or use FSLogix |
| Black screen on login | Update display drivers, check group policies |
Final Thoughts
Installing Remote Desktop Session Host on Windows Server 2019 gives you a flexible and scalable solution to publish remote desktops and applications to users across your company. Regardless of whether you are operating a small shop or a large enterprise, having RDSH correctly set up in your environment equals offering a secure, fast, and simple-to-use experience. By following this guide, you will be well on your way to offering remote access in an effective and secure manner and in line with current IT security best practices.
