Set Up a Remote Desktop Connection for a Role in Windows Azure
Updated: December 5, 2013
After you create a cloud service that is running your application, you can remotely access a role instance to configure settings in the virtual machine or troubleshoot issues. To enable remote desktop connections for role instances, you must ensure that you have created and uploaded the appropriate certificates, encrypt the password for the user account that is created, import the necessary modules, and deploy the package.
Create and upload a hosted service certificate
To use a remote desktop connection with a role instance, you must create a Personal Information Exchange (.pfx) certificate and upload it to the Windows Azure Management Portal. After the certificate is uploaded to the Management Portal, you can add the information about the certificate to the service model and encrypt the password for the user account that you use to access the role instance.
Encrypt the password
To use a remote desktop connection, a user account is created that you define in the service configuration file. The password for the user account must be encrypted for security purposes. You create a service certificate in one of several ways and then use that certificate to encrypt the password that is used for the remote desktop connection.
Import the RemoteAccess and RemoteForwarder modules and add values to the service configuration
To enable a remote desktop connection for a role, you must add Import elements to the service definition file that imports the RemoteAccess and RemoteForwarder modules into the service model. When these modules are added to the service definition file, configuration settings are automatically added to the service configuration file. You must add values to these settings to complete the configuration of the remote desktop connection.
One role in an application that implements a remote desktop connection must import the RemoteForwarder module. The two modules work together to enable the remote desktop connections to role instances.
|If you have multiple roles defined in the service model, it does not matter which role you add the RemoteForwarder module to, but you must add it to only one of the role definitions.|
After the modules are imported into a role, you must add values for the RemoteAccess, RemoteForwarder, and Certificate elements to the service configuration.
Deploy the package to the Management Portal
At this point in the process, you can deploy the package to the cloud service if you do not have any additional configurations to make.
Remotely access a running role instance
You can remotely connect to a role instance by using the Management Portal, or you can remotely connect to a role instance from your local computer. An easy way to make this connection from a local computer is to use a Remote Desktop Protocol file with the appropriate settings to make the remote desktop connection.