Concurrent Azure Bastion Sessions

Question

I am not able to use more than 2 concurrent connection for RDP through Azure Bastion service. By default it should be 25 [ https://learn.microsoft.com/en-us/azure/bastion/bastion-overview#limits ]. Azure servers only support 2 concurrent RDP sessions in reality, and these MUST be from two different user profiles, so I was unable to have more than 1 Bastion session per user profile on the Virtual Machine.

Any way I can achieve multiple concurrent connection like we used to have back then in Win Server 2003 remote terminals?

Answer 1

Although it is true that with the Azure Bastion can support up to 25 concurrent RDP, this is still dependent on the Azure Virtual Machines.

Azure servers only support 2 concurrent RDP sessions by default, and these MUST be from two different user profiles, hence the reason you will be unable to have more than 1 Bastion session per user profile on the Virtual Machine.

This behavior I believe is by design and is exclusive to Azure Servers from Windows 2012 R2 and above.

A Remote Desktop Service (RDS) license for your virtual machine server would need to be acquired for multiple concurrent sessions on the server, however, a workaround exists but this would last for about 120 days.

You would need to take the following steps:

• Open up your Server Manager and select the Add roles and features option.
• Select next and then select the Remote Desktop Services installation option.
• Go ahead to select the Multipoint Services option.
• Click on next and ensure you select the Restart the destination server automatically if required option and then Deploy.

This should restart your virtual machine server.

• After the restart, on the Server Manager dashboard, select the Tools option, Remote Desktop Services and then the Remote Desktop Licensing Manager.
• Right-click on your server name and Activate Server.
• Let your Connection method be the Automatic connection.
• Fill out the Company Information.
• On the License Program, select the Services Provider License Agreement
• Supply your license number, it could be any 7 digit number of your choice.
• For your product Version and License Type, select your Server version and select the RDS Per User CAL as your license type.
• Under Quantity, provide the number of licenses ( users) you need.

Once this is completed and you have set up the required number of user profiles, you should be able to have concurrent Bastion sessions on par with the number of user profiles set up on your server.

Answer 2

Yes, we are only able to create one session per user. As far as I know, we only have one live RDP connection per one user at a simultaneous time.

Also, because we cannot interact with the Bastion host directly, we are currently unable to configure RDP session policies as we do with Group Policy on-premises. Also, from Sam's answer here, this is the limit imposed by Windows Server on remote administration, you can only have 2 administrators connecting to a server to manage it at once. If you have interested in it, you may have a look at Azure RemoteApp like his answer.