Professional Documents
Culture Documents
Virtual Desktop Infrastructure (Khanh - Com.vn)
Virtual Desktop Infrastructure (Khanh - Com.vn)
Domain Controller (vit tt DC) Certificate Authority Server (vit tt CA Server) Hyper-V server: cha cc my o, trn Hyper-V server cn ci t thm dch v Remote Desktop Virtualization Host (RDVH Server) Remote Desktop Connection Broker(vit tt RDCB Server): lm nhim v tng hp ngun ti nguyn t cc Hyper-V server v nh hng truy xut n cc ti nguyn ny Remote Desktop Session Host (vit tt RDSH Server): Tip nhn traffic RDP v nh hng li n my o do RDCB cung cp Remote Desktop Web Access (vit tt RDWeb Server): Cung cp giao din Web cho User truy cp
C ch hot ng: Khi User truy xut vo RDWeb Server, RDWeb Server s truy vn RDCB ly danh sch nhng ti nguyn m user c php s dng, trong trng hp ny l my o ca user. Khi User kch hot my o (traffic RDP), traffic ny s c RDSH Server tip nhn, RDSH server truy vn RDCB tm ra my o tng ng v nh hng li traffic ny vo my o.
Http://NhatNghe.com/forum
TRUNG TM O TO MNG MY TNH NHT NGH I TC O TO CA MICROSOFT TI VIT NAM 105 B Huyn Thanh Quan, Q3, TP. HCM Tel: 3.9322.735 0913.735.906 Fax: 3.9322.734 www.nhatnghe.com
II Thc hin: Ty theo m hnh thc t m s Server vt l c th khc nhau, l tng nht l mi dch v c ci trn mt server vt l! Tuy nhin do hn ch ca thit b, bi lab ny c trin khai trn 1 server vt l duy nht. Bi Lab s gm nhng mc chnh sau: Ci t Domain Ci t Certificate Authority (CA) Ci t Hyper-V To v cu hnh my o Ci t cc dch v Cu hnh RD Web Access Server chy SSL Cu hnh RD Connection Broker Khai Bo Client Kim tra 1 - Ci t Domain: Thc hin ti my Domain Main Controller B1: t IP: IP: 192.168.x.y / 24 x: s phng my, y: s th t my, v d: 192.168.3.1/24 Gateway: hi ging vin (hoc trng) DNS: 192.168.x.y B2: Chy lnh DCPromo B3: Mn hnh Welcome, chn Next
TRUNG TM O TO MNG MY TNH NHT NGH I TC O TO CA MICROSOFT TI VIT NAM 105 B Huyn Thanh Quan, Q3, TP. HCM Tel: 3.9322.735 0913.735.906 Fax: 3.9322.734 www.nhatnghe.com
B5: Mn hnh Chose a Deployment Configuration, chn Creat a new domain in a new forest, chn Next
Http://NhatNghe.com/forum
TRUNG TM O TO MNG MY TNH NHT NGH I TC O TO CA MICROSOFT TI VIT NAM 105 B Huyn Thanh Quan, Q3, TP. HCM Tel: 3.9322.735 0913.735.906 Fax: 3.9322.734 www.nhatnghe.com
B6: Mn hnh Name the Forest Root Domain, nhp tn Domain (hi ging vin), trong bi lab ny ta dung tn domain l NhatNghe.Local, chn Next
B7: Mn hnh Set Forest Functional Level, chn Windows Server 2008 R2, chn Next
TRUNG TM O TO MNG MY TNH NHT NGH I TC O TO CA MICROSOFT TI VIT NAM 105 B Huyn Thanh Quan, Q3, TP. HCM Tel: 3.9322.735 0913.735.906 Fax: 3.9322.734 www.nhatnghe.com
B8: Mn hnh Additional Domain Controller Option, chn ci t DNS, chn Next , Chn Yes
Http://NhatNghe.com/forum
TRUNG TM O TO MNG MY TNH NHT NGH I TC O TO CA MICROSOFT TI VIT NAM 105 B Huyn Thanh Quan, Q3, TP. HCM Tel: 3.9322.735 0913.735.906 Fax: 3.9322.734 www.nhatnghe.com
B10: Mn hnh Directory Services Restore Mode Administrator Password, in Password nh sau: P@ssword vo c 2 , chn Next
B11: Mn hnh Sumary, chn Next Hon tt qu trnh nng cp, chn Finish, chn restart now To 2 user: U1, U2 c password nh sau: P@ssword To Group G1 (Global), a U1 v U2 vo group G1 Tt Internet Explorer Enhanced Security Configuration (trong Server manager, mc Configure IE ESC)
TRUNG TM O TO MNG MY TNH NHT NGH I TC O TO CA MICROSOFT TI VIT NAM 105 B Huyn Thanh Quan, Q3, TP. HCM Tel: 3.9322.735 0913.735.906 Fax: 3.9322.734 www.nhatnghe.com
2 Ci t Certificate Authority (CA): Thc hin ti my CA B1: Click biu tng Server Manager cnh Start Menu B2: Click phi mc Role, chn add role
B3: Mn hnh Before You Begin, chn skip this page by default ( ln sau khng hin ra na), chn next B4: Mn hnh Select Server Role, chn Active Directory Certificate Services, chn Next
Http://NhatNghe.com/forum
TRUNG TM O TO MNG MY TNH NHT NGH I TC O TO CA MICROSOFT TI VIT NAM 105 B Huyn Thanh Quan, Q3, TP. HCM Tel: 3.9322.735 0913.735.906 Fax: 3.9322.734 www.nhatnghe.com
B6: Mn hnh Select Role Services, chn Certification Authority v Certification Authority Web Enrollent, chn Add required role services, chn next
TRUNG TM O TO MNG MY TNH NHT NGH I TC O TO CA MICROSOFT TI VIT NAM 105 B Huyn Thanh Quan, Q3, TP. HCM Tel: 3.9322.735 0913.735.906 Fax: 3.9322.734 www.nhatnghe.com
B9: Mn hnh Setup Private Key, chn Creat a New private key
Http://NhatNghe.com/forum
TRUNG TM O TO MNG MY TNH NHT NGH I TC O TO CA MICROSOFT TI VIT NAM 105 B Huyn Thanh Quan, Q3, TP. HCM Tel: 3.9322.735 0913.735.906 Fax: 3.9322.734 www.nhatnghe.com
B11: Mn hnh Configure CA Name, ghi nh tn CA c khai bo dng Common Name for this CA, chn Next
B12: Cc mnh hnh cn li chn Next ly gi tr mc nh v hon tt qu trnh ci t 3 Ci t Hyper-V: Thc hin ti my Hyper-V B1: Trong Server Manager, chn add role B2: Chn Hyper-V, chn Next
B3: Mn hnh Introduction to Hyper-V, chn next B4: Mn hnh Creat Virtual Networks, chn card mng ang c, chn next
10
TRUNG TM O TO MNG MY TNH NHT NGH I TC O TO CA MICROSOFT TI VIT NAM 105 B Huyn Thanh Quan, Q3, TP. HCM Tel: 3.9322.735 0913.735.906 Fax: 3.9322.734 www.nhatnghe.com
Sau khi my restart, logon vo bng User Administrator hon tt qu trnh ci t 4 To v cu hnh my o: B1: Vo Administrator Tools, m Hyper-V Manager B2: Click phi vo Server va ci t Hyper-V, chn New, chn Virtual Machine
B3: Mn hnh Before You Begin, chn Next B4: Mn hnh Specify Name and Location, in tn my o vo Name. Qui nh t tn cho my o: Mx.Domain Name, vi x l s th t my vt l. V d: M01.NhatNghe.Local, chn Next
Http://NhatNghe.com/forum
11
TRUNG TM O TO MNG MY TNH NHT NGH I TC O TO CA MICROSOFT TI VIT NAM 105 B Huyn Thanh Quan, Q3, TP. HCM Tel: 3.9322.735 0913.735.906 Fax: 3.9322.734 www.nhatnghe.com
B7:Mn hnh Connect Virtual Hard Disk, chn Use exiting Virtual Hard disk, Browse n file my o c cung cp, chn Finish Lu : Trong trng hp khng c sn file my o th chn Creat Virtual Hard Disk, sau phi tin hnh ci t h iu hnh cho my o.
12
TRUNG TM O TO MNG MY TNH NHT NGH I TC O TO CA MICROSOFT TI VIT NAM 105 B Huyn Thanh Quan, Q3, TP. HCM Tel: 3.9322.735 0913.735.906 Fax: 3.9322.734 www.nhatnghe.com
B8: Tr v mn hnh chnh ca Hyper-V Manager, click phi vo my o va to, chn connect
B9: Chn biu tng Power On khi ng my o, Logon vo my o bng quyn Local Admin
B10: t IP cho my o IP: 192.168.x.100+y / 24, vi x l s phng, y l s my vt l, v d: 192.168.3.101/24 Gateway: hi ging vin (hoc trng) Prefer DNS:tr v my vt l
Http://NhatNghe.com/forum
13
TRUNG TM O TO MNG MY TNH NHT NGH I TC O TO CA MICROSOFT TI VIT NAM 105 B Huyn Thanh Quan, Q3, TP. HCM Tel: 3.9322.735 0913.735.906 Fax: 3.9322.734 www.nhatnghe.com
B11: M Windows Explorer, click phi vo biu tng My Computer, chn Properties, chn Change Settings, chn change
B12: Mn hnh Computer Name/Domain Changes in Computer Name: Mx, vi x l s th t my vt l, v d: M01 Dng Member of, chn Domain, in tn domain ca my vt l, v d: NhatNghe.Local Chn Ok
14
TRUNG TM O TO MNG MY TNH NHT NGH I TC O TO CA MICROSOFT TI VIT NAM 105 B Huyn Thanh Quan, Q3, TP. HCM Tel: 3.9322.735 0913.735.906 Fax: 3.9322.734 www.nhatnghe.com
B14: Logon vo my o bng Domain Admin B15: Tip theo ta s thc hin cc cng vic sau trn my o: Bt ch Remote Desktop Bt ch RPC Cho Group G1 c quyn Remote vo my o Cho php my lm chc nng RD Virtualization Host server c php kch hot RPC trn my o To rule trn Firewall ca my o chy Remote Desktop
Cc thao tc trn s c thc hin bng mt file script c tn ConfigureVirtualMachine.ps1 (download ti: http://go.microsoft.com/fwlink/?LinkId=184804, chn copy code, lu li vi tn Configure-VirtualMachine.ps1) ti th mc gc a C: Lin h ging vin c file script ny (nu cn) B16: M Power Shell B17: G lnh Set-ExecutionPolicy remotesigned force B18: G lnh CD \ B19: G lnh .\Configure-VirtualMachine.ps1 RDVHost NhatNghe\Server01 RDUsers NhatNghe\G1 Lu : Nh chnh li tn my (my lm chc nng RD Virtualization Host), tn domain, tn Group cho ph hp (phn t )
Http://NhatNghe.com/forum
15
TRUNG TM O TO MNG MY TNH NHT NGH I TC O TO CA MICROSOFT TI VIT NAM 105 B Huyn Thanh Quan, Q3, TP. HCM Tel: 3.9322.735 0913.735.906 Fax: 3.9322.734 www.nhatnghe.com
B20: Shutdown my o 5 Ci t cc dch v: Remote Remote Remote Remote Desktop Session Host Desktop Virtualization Host Desktop Connection Broker Desktop Web Access
Lu : Bi lab ny ci t tt c cc dch v trn cng mt server, khi trin khai thc t cn ci t cc dch v trn theo nhng server c hoch nh. B1: Logon vo my vt l bng quyn Domian Admin B2: M Server manager, chn Add Role, chn Remote Desktop Services, chn Next 2 ln B3: Mn hnh Select Role Services, chn: Remote Desktop Session Host Remote Desktop Virtualization Host Remote Desktop Connection Broker Remote Desktop Web Access Chn add require role services, chn next
16
TRUNG TM O TO MNG MY TNH NHT NGH I TC O TO CA MICROSOFT TI VIT NAM 105 B Huyn Thanh Quan, Q3, TP. HCM Tel: 3.9322.735 0913.735.906 Fax: 3.9322.734 www.nhatnghe.com
B5: Mn hnh Specify Authentication Method, chn Require Network level authentication, chn next
B6: Mn hnh Specify Licensing Mode, chn Configure Later, chn Next
B7: mn hnh Select User Groups Add thm group G1, chn next
B8: Mn hnh Configure Client chn next Chn next cho tt c cc mn hnh sau ly theo cu hnh mc nh chn Install Restart li my, sau Logon vo bng domain admin hon tt qu trnh ci t
Http://NhatNghe.com/forum 17
TRUNG TM O TO MNG MY TNH NHT NGH I TC O TO CA MICROSOFT TI VIT NAM 105 B Huyn Thanh Quan, Q3, TP. HCM Tel: 3.9322.735 0913.735.906 Fax: 3.9322.734 www.nhatnghe.com
6 Cu hnh RD Web Access Server chy SSL: Thc hin ti my RD Web Access B1: M Internet Information Services manager trong Administrative tools, double click Server Certificates
B3: in thng tin xin certificate, lu phn common name phi in tn y ca RD Web Access (server01.nhatnghe.local), chn next
18
TRUNG TM O TO MNG MY TNH NHT NGH I TC O TO CA MICROSOFT TI VIT NAM 105 B Huyn Thanh Quan, Q3, TP. HCM Tel: 3.9322.735 0913.735.906 Fax: 3.9322.734 www.nhatnghe.com
B4: Chn CA ci t, dng Friendly Name t tn cho Certificate l SSL, chn Finish
B4: Tr v mn hnh chnh ca IIS Manager, chn mc Sites/ Default Website, chn mc Binding, chn Add Lu : Nu h thng cu hnh sn SSL th b qua bc ny
B5: Dng Type chn https, dng SSL Certifiacte chn certifiacte xin bc trc. Chn OK
Http://NhatNghe.com/forum
19
TRUNG TM O TO MNG MY TNH NHT NGH I TC O TO CA MICROSOFT TI VIT NAM 105 B Huyn Thanh Quan, Q3, TP. HCM Tel: 3.9322.735 0913.735.906 Fax: 3.9322.734 www.nhatnghe.com
7 - Cu hnh RD Web Access Server kt ni n RD Connection Broker: Thc hin ti RD Web Access B1: Vo administrative Tools/ Remote Desktop Services, chy Remote Desktop Web Access Configuration, chn Continue
20
TRUNG TM O TO MNG MY TNH NHT NGH I TC O TO CA MICROSOFT TI VIT NAM 105 B Huyn Thanh Quan, Q3, TP. HCM Tel: 3.9322.735 0913.735.906 Fax: 3.9322.734 www.nhatnghe.com
B3: Chn An RD Connection Broker Server, in tn y ca Connection Server vo dng Source Name, chn Ok, chn Sign Out, ng IE
8 Cu hnh RD Connection Broker : Thc hin ti RD Connection Broker Server B1: Vo Administrative Tools/ Remote Desktop Services, chn Remote Desktop Connection Manager, chn Specify dng Digital Certificate
Http://NhatNghe.com/forum
21
TRUNG TM O TO MNG MY TNH NHT NGH I TC O TO CA MICROSOFT TI VIT NAM 105 B Huyn Thanh Quan, Q3, TP. HCM Tel: 3.9322.735 0913.735.906 Fax: 3.9322.734 www.nhatnghe.com
B2: Chn Sign with a digital certificate, chn select, chn certificate c tn SSL ( xin nhng bc trc), chn OK
B3: Chn mc Configure Virtual Desktop ( gc trn phi mn hnh chnh), chn next
22
TRUNG TM O TO MNG MY TNH NHT NGH I TC O TO CA MICROSOFT TI VIT NAM 105 B Huyn Thanh Quan, Q3, TP. HCM Tel: 3.9322.735 0913.735.906 Fax: 3.9322.734 www.nhatnghe.com
Http://NhatNghe.com/forum
23
TRUNG TM O TO MNG MY TNH NHT NGH I TC O TO CA MICROSOFT TI VIT NAM 105 B Huyn Thanh Quan, Q3, TP. HCM Tel: 3.9322.735 0913.735.906 Fax: 3.9322.734 www.nhatnghe.com
24
TRUNG TM O TO MNG MY TNH NHT NGH I TC O TO CA MICROSOFT TI VIT NAM 105 B Huyn Thanh Quan, Q3, TP. HCM Tel: 3.9322.735 0913.735.906 Fax: 3.9322.734 www.nhatnghe.com
9 Khai Bo Client: Thc hin ti my Domain Controller B1: nh lnh DSA.MSC, click phi vo User U1, chn Properties
B2: Vo Tab Personal Virtual Desktop, chn Assign a personal virtual desktop to this user, dng computer name chn tn my o ph hp, chn OK
Http://NhatNghe.com/forum
25
TRUNG TM O TO MNG MY TNH NHT NGH I TC O TO CA MICROSOFT TI VIT NAM 105 B Huyn Thanh Quan, Q3, TP. HCM Tel: 3.9322.735 0913.735.906 Fax: 3.9322.734 www.nhatnghe.com
10 Kim tra: Thc hin ti my Client B1: M IE, https://server01.nhatnghe.local/RDWeb, in Username (U1) v Password tng ng
B2: Double click biu tng My Desktop, chn Connect, nhp li Username (U1) v Password tng ng
26
TRUNG TM O TO MNG MY TNH NHT NGH I TC O TO CA MICROSOFT TI VIT NAM 105 B Huyn Thanh Quan, Q3, TP. HCM Tel: 3.9322.735 0913.735.906 Fax: 3.9322.734 www.nhatnghe.com
Kt qu s kt ni c vo my o .
Http://NhatNghe.com/forum
27