Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Parallels® RAS Management Portal is a modern web-based configuration and administration console designed for Parallels RAS administrators using a desktop/laptop computer or a mobile device to carry out configurations and day-to-day activities.
Parallels RAS Management Portal provides administrators with ability to:
Centrally deploy, manage, and configure essential Parallels RAS components such as RD Session Hosts, Connection Brokers and Secure Gateways.
Publish various resources from RD Session Hosts.
Configure FSLogix Profile Container settings.
Configure printing and scanning settings.
Manage SSL certificates.
Configure connection settings and MFA (Google Authenticator or other Time-based One-time Password (TOTP) apps such as Microsoft Authenticator).
Monitor and manage user sessions.
Manage administrative accounts and sessions
Configure mailbox.
Manage your license.
Contact support and provide necessary system reports.
Note: More features and capabilities that are currently available in the desktop-based Parallels RAS Console will be included in Parallels RAS Management Portal in future releases until it becomes the main management tool for Parallels RAS. Management of Azure Virtual Desktop capabilities included in Parallels RAS Management Portal are experimental and expected to be released in upcoming versions.
RAS Management Portal can run in any modern web browser supporting HTML5 except for Internet Explorer.
Make sure your Windows Server has the following updates installed (RAS Management Portal depends on them):
Windows Server 2012 R2: KB2999226
Newer versions of Windows Server do not require any specific updates.
The web service listens to web requests on the following ports by default:
HTTPS: 20443
HTTP: 20080
The following table lists the Parallels RAS 19 release history. Parallels RAS documentation is updated for every release. This guide refers to the latest Parallels RAS 19 release from the table below. If you are using a newer Parallels RAS release or version, please download the current version of the guide from https://www.parallels.com/products/ras/resources/.
19.0
Initial release
07/27/2022
19.0
Update 1
08/31/2022
19.0
Hotfix 1
09/16/2022
19.0
Hotfix 2
09/30/2022
19.0
Hotfix 3
10/14/2022
19.1
Update 2
11/15/2022
19.2
Update 3
07/06/2023
19.3
Initial release
10/17/2023
19.4
Update 2
06/08/2024
To open RAS Management Portal on the machine where you've installed the RAS Web Administration Service, navigate to Apps > Parallels and click Parallels RAS Management Portal.
To log in to RAS Management Portal from a remote computer, enter the following URL in a web browser:
https://<server-address>:20443
The <server-address> is the FQDN or IP address of the server where the RAS Web Administration Service is installed. By default, port 20443 is used for HTTPS connections. You can change the port number if needed as described in Configure RAS Web Administration Service.
On the Welcome page, enter your RAS administrator username and password and click Sign in.
Before you begin, you may need to configure the RAS Web Administration Service as described below:
In RAS Management Portal, click the "User" icon in the upper right-hand corner and choose Configure Management Portal.
You will be asked to sign in again. Note that the RAS Web Administration Service must be running on the local server for this sign in to work. This is necessary to prevent users from remote servers to enter the RAS Web Administration Service configuration pages.
Enter the username and password of a member of local administrators or domain administrators and click Sign in.
The RAS Management Portal Configuration page opens.
In the RAS Farm Address field, specify the RAS Farm address that this RAS Management Portal will manage. This is the RAS Connection Broker address installed in the Farm.
In the Advanced Settings section, specify the following:
Certificate: A certificate to use for this connection. Click Upload to select a certificate.
Certificate Password: The certificate password.
Port: The port number on which RAS Management Portal listens for connections. The default port is 20443. This port number is chosen not to conflict with RAS Secure Gateway ports. You can change it to 443 (if possible), in which case the port number doesn't need to be included in the connection URL. You can also change it to any custom port. For example, the default "URL": "https://*:20443" can be changed to "URL": "http://*:20080".
Admin Session Timeout: The timeout after which the admin session will be disconnected.
Polling Interval: The interval at which RAS Management Portal will update the information displayed in it. You can increase this number up to 30 seconds if you have a large number of admins working at the same time and/or if you have a large number of hosts, sessions, etc.
Click Save when done.
To add an administrator account to a Parallels RAS Farm:
Navigate to Farm Settings > Administrators > Accounts.
Right-click anywhere in the list and choose Add.
Specify the new account properties.
Note that at the time of this writing, only a Root administrator can be added in the Management Portal.
In the System notifications drop-down list, select Email to send all system notifications to the specified email address, or select None to disable email system notifications for this account.
Click Create to create the account.
To modify an account, click the account name and then click Edit.
To delete an account, right-click it and choose Delete.
To see current administrative RAS sessions, navigate to Farm Settings > Administrators > Sessions.
To log off a session, right-click it and choose Log off session.
A mailbox configuration in a RAS Farm is used to send invitation emails to users to join a Parallels RAS Farm and to send event notifications to other email addresses. A Farm can have just one mailbox configured.
To configure a mailbox:
Navigate to Farm Settings > Mailbox.
Click Edit and specify the following:
Mail server: Enter the mailbox server name. For example, mail.company.com:500
TLS / SSL: Choose whether to use the TLS/SSL protocol.
SMTP server requires authentication: Select this option if your SMTP server requires authentication. If it does, also type the username and password in the fields provided.
Sender information: Enter the email address.
Click Save.
All navigations in the RAS Management Portal start from the sidebar on the left, which lists management categories. The Site category is selected by default.
The following table lists all available categories that can be managed in the RAS Management Portal. The Root Administrator can see and manage all categories. Administrators of other types (Power, Custom) may need permissions to see a particular category.
Site
Displays the current Site overview.
Infrastructure
RAS infrastructure management, including RD Sessions Hosts, VDI, Gateways, Connection Broker, etc.
Sessions
Session management.
Publishing
Publishing and published resources management.
Monitoring
RAS Performance Monitor.
Site Settings
Connection, authentication, FSLogix, Universal printing and scanning.
Help and Support
Help and support.
Farm Settings
Displayed at the bottom of the sidebar on the left, this category manages global Farm settings, such as Administrators, Mailbox, Licensing.
Each category is described in detail later in this guide.
Some categories and actions in the RAS Management Portal may not be viewed or allowed depending on the Admin permissions configured in the desktop RAS Console. For the information about how to configure administrator permissions, please refer to the Parallels RAS Administrator's Guide. In the guide, look for the Administrator Account Permissions topic. The guide is available on the Parallels website at https://www.parallels.com/products/ras/resources/.
Some categories have subcategories (namely Infrastructure and Site Settings). When you selected a category, the right side of the RAS Management Portal may include one or more additional panes where you can select a subcategory.
Some components have their settings and information grouped by functionality (e.g. General, Properties, Sessions, etc.). When you view component properties, a navigation bar is displayed in the middle allowing you to browse these settings. When you select an item in the navigation bar, the settings are displayed in the right pane.
As you select categories, subcategories, individual items, a breadcrumb trail is displayed at the top of the page to show where you are. To take one or more steps back, click a link in the trail.
The page header includes the following items:
The Farm and the current Site names. If you have more than one Site, you can select one from the drop-down list. The RAS Management Portal will switch to that site allowing you to manage the Site components.
The "User" icon is a drop-down list with the following items: Current user name (e.g. Administrator); About (opens the About dialog); Give feedback (takes you to a web page where you can give feedback to Parallels); Configure Management Portal, Logout (logs you out).
Apply All Changes: This button applies changes that you've made in the RAS Management Portal to Farm components. When you create or modify components and objects, the changes are not applied to Farm components automatically and don't have any effect on the Site or Farm. When you click the Apply All Changes button, the changes are applied across the Farm or Site. Note that you shouldn't always click this button every time you make a change. If you are working on a task that requires multiple changes in different areas, complete all of them and then click the Apply All Changes button, so all changes are applied together.
When you open a view where you can modify some settings, the view is normally read-only. To enable editing, click the Edit button in the upper right-hand corner. The button name changes to Save. When done editing, click Save. To discard the changes, click Cancel.
Please note that an object that is opened for editing by an admin cannot be edited by another admin at the same time. If you try to enable editing for such an object, you will get an error with the name of the admin who has the object locked.
Some views (specifically lists) have a toolbar in the upper right-hand corner from which you can execute actions. To see a toolbar item name, hover over it with the mouse. The standard items (icons) on the toolbar are the following:
Show filter: Specify a filter to show only the entries that match it.
Select columns: Select table columns to display or hide.
Add: Add a new entry. For example, add a new Gateway or RD Session Host, etc.
Refresh: Refresh the view.
Ellipsis: The ellipsis menu may have different items in different types of views. Some items have a corresponding toolbar items (e.g. Add, Refresh).
Other items may be present depending on the view you are in. For example, Show running processes and Show sessions.
When you add a component to a Farm, a wizard usually opens which takes you through a series of pages where you specify component settings and options. A wizard has the usual Next and Back navigation buttons, and the Cancel button that closes the wizard and cancels the operation.
Clicking some menu and navigation bar items brings up a modal dialog. These are usually items that require you to confirm an action or enter additional information.
All objects (components) in the RAS Management Portal have properties. To view these properties, you select a category and a subcategory and click the object name in the list. This opens a view where object properties are displayed with its own navigation bar from which you can configure the object, perform actions. and view additional information.
This topic describes how to configure existing FSLogix Profile Containers to be managed by Parallels RAS. FSLogix Profile Container configuration defines how and where the profile is redirected. Normally, you configure profiles through registry settings and GPO. Parallels RAS gives you the ability to configure profiles from the Parallels RAS Console or RAS Management Portal without using external tools.
Before you configure FSLogix Profile Containers in Parallels RAS, make note of the following:
You don't have to change the profiles themselves; existing profiles stay the same.
You can keep using your existing FSLogix Profile Container locations, such as SMB network shares or Cloud Cache.
Perform the following preliminary steps:
Back up your existing profiles. It is highly unlikely that profile data can be lost or corrupted, but it is best practice to have a valid backup prior to any change in profile configuration.
Turn off the GPO configuration of FSLogix Profile Containers. This step is important because you cannot have both GPO and Parallels RAS management of FSLogix profiles enabled at the same time.
Before configuring FSLogix profiles for a server in a RAS Farm, make sure there are no user sessions running on the server. As a suggestion, you can make the transition in a maintenance window out of working hours.
To configure existing FSLogix Profile Containers in Parallels RAS, you need to replicate your existing GPO to the FSLogix configuration in Parallels RAS. This can be done in the Parallels RAS Console or the Parallels Management Portal.
To configure profiles in the RAS Management Portal:
Navigate to Infrastructure > RD Session Hosts.
Click a host in the list and then click Properties.
In the middle pane, click User Profile.
In the Location of profile disks list box, specify existing SMB or cloud cache locations where you keep your FSLogix profiles. Also, specify the profile disk format, allocation type, and default size.
In the middle pane, click Users and Groups, Folders, and Advanced items to configure the rest of FSLogix settings you may have on your servers, such as user exclusions, folder exclusions, and others.
Please note that at the time of this writing RAS Management Portal can only be used to configure RD Session Hosts to use FSLogix Profile Containers. For other host types, please use the desktop-based RAS Console (described below).
To configure profiles in the RAS Console:
Open the User profiles tab on a host, Site defaults, or Template Properties dialog.
In the Location of profile disks list box, specify existing SMB or cloud cache locations where you keep your FSLogix profiles. Also, specify the profile disk format, allocation type, and default size.
Click the Additional settings button and configure the rest of FSLogix settings you may have on your servers, such as user exclusions, folder exclusions, and others.
When performing steps in the previous section, do not configure multiple (or all) servers in a RAS farm right away. Begin with a single server (e.g. an RD Session Host) and then test it with a single user connection. After that, configure some other servers and test the same user logging in to multiple servers consecutively to confirm the profile is loaded and personalization is retained irrespective of a session host. If all is good, configure other host, host pools, or Site defaults.
Your RAS users can now connect to Parallels RAS using pre-existing FSLogix Profile Containers, which are now managed centrally through Parallels RAS.
Printer redirection enables users to redirect a print job from a remote application or desktop to their local printer, which can be connected to the user's computer or be a local network printer attached via an IP address. RAS Universal Printing simplifies the printing process and solves most printer driver issues by eliminating the need for a remote server to have a printer driver for a specific local printer on the client side. Therefore, a user can print regardless of which printer they have installed locally, and the RAS administrator doesn't have to install a printer driver for each printer connected to the local network.
To configure Universal Printing, navigate to Site Settings > Universal Printing.
By default, Parallels RAS renames printers using the following pattern: %PRINTERNAME% for %USERNAME% by Parallels
. For example, let's say a user named Alice has a local printer named Printer1. When Alice launches a remote application or desktop, her printer is named Printer1 for Alice by Parallels
.
You can change the default printer renaming pattern by specifying a new pattern in the Printer rename pattern field. To see the predefined variables that you can use, click the Add variable button. The variables are:
%CLIENTNAME% —
the name of the client computer.
%PRINTERNAME%
— the name of a printer on the client side.
%SESSIONID%
— RAS session ID.
%USERNAME%
— the name of the user connected to RAS.
<2X Universal Printer>
— This is a legacy mode where only one printer object will be created in the RDP session.
You can also use some other characters in a printer renaming pattern. For example, you can define the following commonly used pattern:
Client/%CLIENTNAME%#/%PRINTERNAME%
.
Using the above pattern (and the user named Alice from the earlier example), a local printer will be named Client/Alice's Computer#/Printer1
You can specify a different printer renaming pattern for each server in the Servers in Site list.
Note: Redirected printers are only accessible by the administrator and the user who redirected the printer.
When client-defined printers are redirected to a remote session, it takes time and impacts overall session establishing time. To improve user experience, you can reuse previously created user's printers. To do so, set the Printer retention option to Enable printer retention optimization.
A system administrator can control the list of client-side printer drivers which should be allowed or denied the Universal Printing redirection privileges.
Using this functionality you can:
Avoid server resource overloading by non-useful printer redirection. Since the majority of users choose to redirect all local printers (this is default setting), a large number of redirected devices is created on the server which are not really used. It's mostly related to various paperless printers like PDFCreator, Microsoft XPS Writer, or various FAX devices.
Avoid server instability with certain printers. There are some printers that might create server instability (spooler service component) and as the result deny printing services as a whole for all connected users. It is very important that the administrator has the ability to include such drivers to the "deny" list to continue running printing services.
To specify printer drivers in the Drivers section:
In the Mode drop-down list, select which printers should be allowed redirection from the following options:
Allow redirection of printers using any driver|: (default) This option places no limitation on the type of driver a printer is using to use redirection privileges.
Allow redirection of printers using one of the listed drivers: Select this option and add the "allowed" drivers to the list. To add a driver, click the plus-sign icon and type the driver name.
Don't allow redirection of printers that use one of the listed drivers: This is probably the most useful option in the context of this feature. The printers that use drivers specified in the list will be denied redirection privileges. All other printers will be allowed to use redirection.
To delete a printer driver from the list, click the minus-sign icon.
Please make a note of the following:
When adding a printer driver to the list, type the printer driver name, NOT the printer name.
The driver names comparison is case insensitive and requires full match (no partial names, no wildcards).
The settings that you specify on this tab affect the entire Site (not an individual server).
Fonts need to be embedded so when printing a document using Universal Printing the document is copied to the local spooler of the client machine to be printed. If the fonts are not present on the client machine the print out would not be correct.
Excluding fonts from embedding: To exclude a specific font type from being embedded, select it in the list. To add one or more fonts, slick the plus-sign icon.
Auto install fonts: To automatically install a specific font type on servers and clients, click the plus-sign icon in the Auto install fonts section.
Note: By default, fonts added to the auto install list will be excluded from the embedding list because the fonts would be installed on the Windows clients, therefore there is no need for them to be embedded.
In the navigation bar, select General and specify the following:
Enable Host in site: Enable or disable the host. A disabled host cannot serve published resources to users. When you disable a host, its name becomes grayed out in the main list.
Host: Specifies the host name.
Description: Specifies the host description.
Change direct address: Select this option if you need to change the direct address that Parallels Client uses to establish a direct connection with the RD Session Host.
If you would like to configure user profiles for the host based on the FSLogix technology, select FSLogix in the Technology drop-drown list and specify the settings according to your needs. For the information about how to configure FSLogix Profile Container in Parallels RAS, see FSLogix Profile Container.