Sean Wallbridge
I had a customer ask me about this the other day and I thought it might be useful to have a quick discussion about the differences between these two desktop access technologies.
While we are all rushing to embrace the Cloud (Hello O365!) there is still a lot of need by a lot of organizations to share/access “desktops” for whatever reason:
- Provide shared access to expensive software
- Provide access to user’s internal desktop
- Provide access to shared desktop resources
- And so on and so forth …
Microsoft provides three common technologies to respond to this type of need:
- Remote Desktop Services (RDS), commonly referred to as “terminal services”
- Remote Web Access/Remote Web Workplace (Server 2012/R2 Essentials, older Small Business Server products); also implemented as RDS Gateway on Server 2008 and newer
- Virtual Desktop Infrastructure (VDI) – okay, this is a stretch but included because of the whole shared resources aspect
I’m going to discuss RDS and RWA/RWW as VDI doesn’t really fit for the small businesses that I normally deal with due to the inherent cost and complexity of VDI.
OK, so just what is RDS? This is pretty simple, RDS is the technology that provides users with access to a “desktop” or “published applications” that are all hosted on a Windows Server. Access is provided using an RDP connection (Remote Desktop Protocol) from a PC, tablet or phone or via an HTTPS connection (with RDP tunnelled over HTTPS) when using published applications. The salient point here is that the desktop or the published applications as hosted on a server. In other words, users are sharing the underlying server as opposed to being a single user on a Windows PC. A user may see his or her desktop and assume they are the only user on the system but that is not the case, many users could be on the system at the same time.
RWA/RWW is a nice web frontend provided by Server 2012/R2 Essentials machines and older SBS servers that provides, amongst other things, published access to PC’s on the local network along with the Essentials or SBS server. While the connection used is the same tunnelled RDP over HTTPS as discussed with an RDS Server, the connection itself is to a single Windows Professional PC which can only support a single user connection at a time. So, while an RDS Server can provide connections for multiple users at once, RWA/RWW can only connect a single user to any given PC at any given time. RWA/RWW cannot connect two or more users at once to any Windows PC as Windows Professional does not support multiple user connections (multi-user access). RWA/RWW can pass users through to an RDS Server on the network if one exists.
So, in simple terms, RWA/RWW is just a gateway technology while RDS is an actual multi-user sharing technology.
For small businesses that need to provide some kind of “shared access” to expensive software or remote user access to software that does not play “nice” across the Internet (think applications like QuickBooks or Sage50), an RWA/RWW configuration that allows connection to one or more PC’s with the application might be the answer. However, you must keep in mind that only one user can connect to a given PC at any time. If you have multiple users that need to access the application at the same time then you would need to provide multiple PC’s that can be accessed via RWA/RWW. This is not a “bad” thing if users are actually connecting to their own dedicated PC (as in the have a desktop machine in the office and a laptop or tablet for the road) but can get pretty crazy if you are simply trying to maintain a “pool” of machines for users to connect to. RWA/RWW does not provide any sort of “director” to point users at a currently unused machine so users would need to try each machine in turn to find one that is actually available.
RDS Servers, on the other hand, are built to support access by multiple users at the same time; the upper number of users that can be supported by a given server is limited only by resources available on the server itself (RAM, processor, disk, etc). If you need to make access available to more than a few users then RDS is probably the much better way to go. But keep in mind that you have to license software for the maximum number of users you will support on an RDS server, you cannot install a single copy of Office, as an example, on an RDS server that will support up to 30 users; you have to license for 30 users.
So, there you have it. In the end you use RDP (in some fashion) to access desktops over RWA/RWW or RDS so the access technology is the same. But the technologies used to provide the accessed services are quite different. You need to define what your requirements and goals are in order to make the decision which technology is the one that will work for your organization.
Very well done! Thank you for publishing.
Thanks very much for this. Hard to find info like this on TechNet…..
Thanks, Tom! Glad it was helpful!
Robert
I’m I am basically looking for a replacement for Remote Web Workplace that came on 2003 Small Business Server. The users want a simple choose the desktop the third currently using the web interface like Remote Web Workplace.
Whats the best way to make this transition?
Hi, Cole:
I’m not sure exactly what you are asking for but I’ll make a stab. If you have migrated off of SBS2003 to just a regular server without any sort of “pre-built” RDP publishing then you have a few choices you can look at. First of all you could investigate setting up Remote Desktop Services Gateway functionality within your network which can provide a “proxied” gateway access to your internal RDP desktops. RWW in SBS2003 relied on an early version of this technology and the operation is somewhat similar. It can be a bit tricky to set up and if you don’t have the necessary server resources available it can become costly to implement. But it is all part and parcel of the Microsoft server stack so if you have Windows Server you have the capability.
Second, you can look at published proxied access through something like a SonicWALL SRA device (lots of users requiring concurrent access to desktops and internal resources) or the “Virtual Office” features of a SonicWALL UTM firewall (a few users requiring access). In this case the device is configured to provide proxied access to internal resources; the proxy essentially runs RDP on the SRA or firewall. The experience is not the same as with RWW but is still similar in concept and you have similar levels of control (who gets to see what).
There are other vendors who provide similar capabilities, I guess it all comes down to what you want and what you are willing to spend. Hope this helps.
Robert