If you have setup a Remote Desktop Server (RDS) farm, you will know how to manage the monthly patches, but if you are managing someone else’s RDS farm you will likely be confused.
The nut of the problem is that from Server 2016 on, you can no longer directly install patches on a Remote Desktop Server Host. There is a process you need to go through. Fortunately that process is not too challenging.
- Log into your Remote Desktop Server Gateway
- Launch SERVER MANAGER and wait for it to completely finishing loading
- Click on REMOTE DESKTOP SERVICES in the menu on the left
- Click COLLECTIONS
- RIGHT click on one of your RDS servers (in the HOST SERVERS section) and select DO NOT ALLOW NEW CONNECTIONS
- Wait for all users to log out of that RDS host
- Remote into that host USING A DOMAIN ADMIN ACCOUNT and run Window Update. If you have problems signing in using Remote Desktop (even as a Domain Admin):
- use HYPER-V Manager to sign into the RDS box (as if you were at a physical console)
- access the VM in admin mode by running mstsc.exe /admin
- When complete go back to your RDSG Server, right click on that same server and select ALLOW NEW CONNECTION
- Repeat this process for each of the servers in your RDS farm