Tenant on-premises components

Applies to: Windows Server (Semi-Annual Channel), Windows Server 2019, Windows Server 2016

The following information describes the on-premises components that make up the desktop hosting deployment.


To access the hosted desktops and applications, the users must use Remote Desktop clients that support Remote Desktop Protocol (RDP) 7.1 or higher. In particular, the client must support Remote Desktop Gateway and Remote Desktop Connection Broker. To deliver applications to the local desktop, the client must also support the RemoteApp feature. To achieve highest gateway scale, the client must support the pure HTTP transport connections to RD Gateway.

Additional information:
What's new in Windows Server 2012 R2 Remote Desktop Gateway
Microsoft Remote Desktop Clients
Remote Desktop app for Windows in Microsoft Store
Microsoft Remote Desktop - Android Apps on Google Play
Mac App Store - Microsoft Remote Desktop
Microsoft Remote Desktop in the App Store

Active Directory Domain Services

Some larger and more sophisticated tenants may choose to host an Active Directory Domain Services (AD DS) server on their premises. In this case, the AD DS server in the tenant's environment will typically be a replica of AD DS server that is on the tenant's premises. This is supported by creating a virtual network in the tenant's environment and using the Azure VPN to create a site-to-site connection from the tenant's on-premises network to the tenant's virtual network in the Azure data center.

Additional information:
Microsoft Azure Virtual Network Overview
Create a resource manager VNet with a Site-to-Site VPN connection using the Azure Portal