Honestly, the cloud was supposed to kill the traditional remote desktop services server. That was the narrative back in 2018. Everyone said everything would move to SaaS, and we’d all just live in a browser window. It didn’t happen. Not even close. If you’re running a business that handles complex data, legacy accounting software, or high-security dental records, you probably realized pretty fast that Chrome isn't a replacement for a full Windows environment.
A Remote Desktop Services (RDS) server is basically the backbone for companies that need control. It's about centralizing your apps. Instead of installing your ERP software on fifty different laptops and praying no one loses one in a coffee shop, you put it on one beefy server. Users log in. They see their desktop. They do their work. The data never actually leaves the building—or the secure data center. It's elegant, but it’s also a massive pain if you don't know how the licensing works.
The Microsoft RDS Architecture: It’s Not Just One Box
When people talk about a remote desktop services server, they usually think of one physical machine in a closet. In a tiny office, maybe. But for anything real, you're looking at a multi-role architecture.
The RD Session Host is the heavy lifter. This is where the actual apps live and where the CPU cycles get burned. But you can't just open a port to the internet and call it a day—that’s how you get hit with ransomware in about twelve minutes. You need the RD Gateway. Think of the Gateway as the bouncer. It wraps everything in SSL (HTTPS) so your users don't need a clunky VPN just to check an invoice. Then there's the RD Connection Broker. If you have two or three session hosts, the Broker is the traffic cop that remembers where a user's session was if their Wi-Fi cuts out.
It’s complex. It really is. But this complexity provides a level of "granular" control that you just don't get with basic TeamViewer or LogMeIn setups. You’re managing the environment, not just the connection.
Why You’re Probably Overpaying for Licensing
Licensing is where everyone gets a headache. Microsoft uses Client Access Licenses (CALs). You’ve got two choices: Per User or Per Device.
If your staff has a desktop at work, a laptop at home, and a tablet for the road, you go Per User. Period. If you try to license those devices individually, you'll go broke. However, if you run a shift-based business—like a factory or a call center where three different people share one physical kiosk—Per Device licensing is a lifactor. Most people screw this up because the "Per User" tracking in the RD Licensing Manager is notoriously flaky about reporting, whereas "Per Device" is strict.
I’ve seen companies get audited by Microsoft because they thought "standard" Windows Server CALs covered the remote desktop part. They don't. You need the base CAL and the RDS CAL. It feels like double-dipping. It basically is. But that’s the cost of entry for a legal, supported environment.
The Security Nightmare Nobody Wants to Talk About
Let’s be real: an exposed remote desktop services server is a giant "Kick Me" sign for hackers. If you leave Port 3389 open to the world, you’re basically inviting a brute-force attack.
Modern RDS deployments have to use Multi-Factor Authentication (MFA). Since Microsoft doesn't bake a "simple" MFA switch into the old-school RDS interface, most experts use third-party integrations like Duo or Azure AD (now Microsoft Entra) Application Proxy. By putting an Entra proxy in front of your RDS, you get the benefit of "Conditional Access." This means if a login attempt comes from a country where you don't have employees, the server doesn't even respond. It stays dark.
Performance Bottlenecks and the "Graphics Problem"
Ever tried to run Photoshop or a 3D CAD program over a remote desktop? It usually sucks.
Standard RDS servers use the CPU to "draw" the screen. It’s laggy. However, if you’re doing heavy lifting, you need RemoteFX (which is being phased out for DDA) or Discrete Device Assignment. This lets you take a physical GPU—like an NVIDIA Tesla or a Quadro—and pass its power directly to the virtual sessions.
- RAM is cheap, but IOPS are expensive. If your server is running on old-school spinning hard drives, your users will hate you.
- Bandwidth matters less than latency. A 100Mbps connection with high "jitter" feels worse than a steady 10Mbps connection.
- Printing is the devil. Seriously. Redirecting a local printer from a home office to a remote server is the leading cause of IT support tickets. Using a "Universal Print Driver" is the only way to stay sane.
Comparing RDS to Azure Virtual Desktop (AVD)
You can't talk about a remote desktop services server without mentioning AVD. Microsoft is pushing everyone toward Azure. AVD is basically "RDS as a Service."
The big difference? Windows 10/11 Multi-session. Traditionally, an RDS server runs on Windows Server. It looks like Windows, but some apps act weird on a Server OS. AVD allows multiple people to log into a single Windows 11 machine. It feels more "native" to the user. But, and this is a big "but," the costs can spiral. With an on-premise RDS server, you bought the hardware. You own it. With Azure, the meter is always running. For a lot of mid-sized firms, that monthly bill becomes a jump-scare.
Real-World Example: The Accounting Firm Pivot
Take a mid-sized accounting firm in Chicago. They had 40 employees all trying to use a legacy version of QuickBooks that doesn't play nice with the "Cloud" version. During tax season, they can't afford a single second of lag.
They didn't go to the cloud. They built a localized remote desktop services server cluster using NVMe storage and 10Gbps networking. Why? Because the data stayed on their local NVMe drives. Opening a 2GB company file took three seconds. Over a pure cloud connection, that same file took nearly a minute to sync. In their world, those seconds are billable. They used a hardware firewall to create a "VPN-only" tunnel for remote workers, ensuring that the RDS roles were never truly "public." It’s a hybrid approach that people often overlook because it isn't "trendy."
Setting Up Your First Server: The Checklist
If you're actually going to build this, don't just wing it.
- Hardware Sizing: Allow at least 2GB of RAM per "standard" office user. If they use Teams or Chrome with 50 tabs, make it 4GB.
- The "Profile" Issue: Use FSLogix. It’s a tool Microsoft acquired that handles user profiles. Instead of "copying" a user's desktop folders every time they log in, it mounts a virtual disk. It makes logins nearly instant.
- Certificates: Buy a real SSL certificate. Don't use self-signed ones. Your users will get "Your connection is not private" warnings, and they will call you. Every. Single. Day.
- Solid State Everything: Do not build an RDS server on RAID 10 spinning disks. You will regret it the moment the third person opens Outlook.
Moving Forward with RDS
The remote desktop services server isn't a relic. It’s a tool for specific, high-performance, high-security needs. It’s about keeping your data under your roof while giving your team the freedom to work from a beach—or, more likely, their living room.
✨ Don't miss: Tesla Accident With Truck: What Really Happened With Those Underride Crashes
Actionable Next Steps
If you're ready to move beyond basic remote access, start by auditing your current app stack. Are your most critical apps "web-native," or do they require a local install? If it's the latter, RDS is your best path.
First, look at your existing Windows Server licensing. If you already have Software Assurance, you might already have rights to some of these features. Second, don't build it all on one box. Even if you're a small shop, splitting the Gateway/Web Access role from the Session Host role makes it way easier to troubleshoot when things inevitably go sideways. Finally, download FSLogix immediately. It is the single most important "quality of life" improvement you can give to your users and yourself. It turns a "clunky" remote experience into something that feels like a local PC.
Avoid the temptation to go "all-cloud" just because of the hype. Calculate your three-year TCO (Total Cost of Ownership). Often, a well-configured, on-premise or co-located RDS server will save you tens of thousands of dollars compared to an equivalent Azure or AWS monthly subscription. Keep your hardware fast, your licensing legal, and your Gateway locked down with MFA. That's the recipe for a remote work setup that actually works.