Setting up RDP to a Windows Azure Instance: Part 2

In my last post, Setting up RDP to a Windows Azure Instance: Part 1, I explained how to setup Remote Desktop into the Cloud using Visual Studio 2010.

However, the cloud isn’t for Developers alone, we have to think of our IT Pro counterparts. This post will explain how to setup and configure RDP access to the Cloud without using Developer Tools.

Creating a Self-Signed Certificate with IIS7(.5)

1. Open IIS, Double-Click on Server Certificates.


2. In the Actions menu on the right, Select “Create Self-Signed Certificate…”.


3. Specify a Friendly Name for the Certificate.


4. Ensure the new Certificate has been created.


Using the Windows Azure Service Management API

So I said I was going to use the Service Management API and I am, however I am going to cheat a little bit by using the Windows Azure Service Management CmdLets [which is a convenient PowerShell Snap-in created by Ryan Dunn (@dunnry)].

Upload-Windows-Azure-Management-Certificate-For-APIBefore we can interact with the Service Management API we must upload a Management Certificate [which is similar to he process outlined in my previous post on Exporting and Uploading a Certificate to Windows Azure]. The Management Certificates are uploaded from within the Windows Azure Platform Portal as seen in this picture to the right.

Management Certificates are used by Visual Studio to interact with the Windows Azure Platform. The Management Certificate paired with the Subscription ID are used to Authenticate Access to the Windows Azure APIs.

Now that we’ve covered the Management Certificates, lets fire up the Windows PowerShell ISE.

Using the Windows Azure Service Management CmdLets

If you haven’t already done so download the Windows Azure Service Management CmdLets.

First you will have to tell PowerShell you would like to use the snap-in, use the following snippet of code to add the Azure Management Tools Snap-in.

Add-PSSnapin AzureManagementToolsSnapIn

If you’d like to list all the Commands that are included in the Windows Azure Management Snap-in simply execute this line of code:

Get-Command -PSSnapIn AzureManagementToolsSnapIn

We’re going to be using the Add-Certificate command to add a Certificate to our Hosted Service. First lets take a look at some of the examples of how to use this command by executing:

Get-Help Add-Certificate

As you can see there are a few options for running the Add-Certificate Command, I’ve chosen this format:

Add-Certificate -ServiceName RDP2Azure 
-CertificateToDeploy (gi <path-to-cert>\azurefest-RDP.cer) 
-Subscription ID ********-****-****-****-************ 
-Certificate (gi cert:\CurrentUser\My\<thumbprint>)

There are two “Certificate” Arguments which can be confusing especially when they accept different values. CertificateToDeploy is the newly created Certificate which will be used to encrypt the password for our RDP Connection, this argument accepts a file as a parameter. The Certificate argument is the Management Certificate that is being leveraged to Authenticate the transaction. When you run the Script the result should look like this:


You’ll also notice that the Certificate has been uploaded to the Windows Azure Platform Portal.


Configuring RDP in the Windows Azure Platform Portal

Now that we’ve created the Certificate needed to encrypt the RDP password, and we’ve used the Azure Service Management API to upload the Certificate to our hosted Service. Now it’s time to configure our RDP Connection in the Windows Azure Platform Portal.

RDP-To-Azure-ConfigureTo Configure our RDP Access, Select the Role you wish to configure the RDP access for. Then in the Ribbon check off the Enable checkbox, then click on the Configure Button in the Remote Access Group.


Set your username and password for the RDP Connection. Select the Certificate you wish to use to encrypt the password, then select an expiration date for the connection.

Once you’ve finished these steps you will be able to select an instance and Connect to the Cloud.

**Note: I’ll be creating one last entry to review the process of opening up the RDP File to gain access to an Instance running on Windows Azure.






This post was considered the IT Pro explanation for how to grant access to RDP in the Cloud. These skills are transferrable to Development as well if you don’t have Visual Studio.  I will create one final post which explains how to manually create the XML nodes that Visual Studio creates in the Cloud Service Configuration file auto-magically using it’s UI. This manual creation is intended for Open Source Developers or Developers that like to understand how the underlying pieces of the Visual Studio Tools Operate.

This post also appears on SyntaxC4's Blog.

Setting up RDP to a Windows Azure Instance: Part 1

In my previous post, Export & Upload a Certificate to an Azure Hosted Service, I outlined some of the common tasks which are necessary to RDP into a Windows Azure Hosted Instance. In this post I will outline how to use the tools in Visual Studio to setup the RDP Configuration values.

Part 2 of this Series will outline how to Configure the RDP Manually, using IIS, Powershell and the Service Management API. One final post will outline how to get the RPD Connection launched.

Using Visual Studio to RDP to an Azure Instance

If you’re a Developer, this is most likely the simplest process for you. The following steps explain the process of setting up RDP to the Cloud, so a number of Development Processes, including building out your Website are *not* covered.

Visual Studio 2010 Cloud Service Project

1. Welcome to the Start Screen.


2. Create a New Cloud Service Project.


3. Select the Required Projects for the Solution.


Publish the Application to Windows Azure

1. [Time Lapsed: Build Application] Right-Click on Cloud Service Project and select Publish.


2. Choose your Hosted Service and Storage Account to Deploy to.


3. Configure Remote Desktop connections.


4. Create a Certification (this is used to encrypt the credentials).


5. Create a Username and Password for the RPD Connection.


6. Export and Upload the Certificate to the Hosted Service.


7. Press OK on both the Remote Desktop Setup and Publish Dialog boxes. This will begin the Publish Process.


Next Steps

This concludes the configuration of RDP into a Windows Azure Instance using Visual Studio 2010. The next step would be to connect to the Windows Azure instance. I will be posting another entry to cover the steps to connect, however it will be after I complete my next entry on how to Manually Configure the RDP Connection.

This post also appears on SyntaxC4's Blog.

Export &amp; Upload a Certificate to an Azure Hosted Service

Last night I started doing some research into the new features of the Windows Azure SDK 1.3 for a future blog series which I’ve been thinking about lately. The first step was to figure out what was installed on the default Windows Azure image, in order to determine what would need to be installed for my Proof of Concept.

There are two ways to set up the RDP connection into an Azure instance: a developer centric approach, which is configured in Visual Studio, and an IT centric approach which is configured through the [new] Windows Azure Platform Portal. I had thought it might be cool if this functionality was available using the Service Management API, however this is not publicly exposed [which probably is a good thing].

To minimize content repetition I decided to split the export and upload process to this blog post.

Exporting a Certificate

1. Open the Certificate (From Visual Studio Dialog, IIS or Certificate Snap-in in MMC)


2. Navigate to the Details Tab. Click on Copy to File…


3. Start the Export Process.


4. Select “Yes, export the private key”.


5. Click Next.


6. Provide a password to protect the private key.


7. Browse to a path to save the .pfx file.


8. Save the file.


9. Finish the Wizard.



Setting up a Windows Azure Hosted Service

If you’d like to see a more detailed explanation of this, I released some videos with Barry Gervin in my last entry, “Post #AzureFest Follow-up Videos”.

1. Create New Hosted Service.


2. Fill out the Creation Form.


Setting up a Windows Azure Storage Service

The Visual Studio Tools will not allow you to deploy a project without setting up a Storage Service.

1. Create a New Storage Service.


2. Fill out the Creation Form.


Upload the Certificate

1. Select the Certificates folder under the Hosted Service to RDP into. Click Add Certificate.


2. Browse to the Certificate (saved in last section).


3. Enter the Password for the Certificate.


4. Ensure the Certificate is Uploaded.


Moving Forward

This entry overviewed some of the common setup steps between Setting up RDP using Visual Studio, and Manual Configuration. In the Manual Configuration post I will overview how to use the Service Management API to install the Certificate to the server (instead of the Portal as described above).

Happy Clouding!

This post also appears on SyntaxC4's Blog.

AzureFest Follow-Up Links &amp; Videos

Cory Fowler stands beside the big screen in Microsoft Canada's MPR roomThis past Saturday December 11th, Microsoft and ObjectSharp hosted AzureFest, a community event to raise interest and learn a little bit about Microsoft’s cloud platform, Windows Azure.

My colleague Cory Fowler gave an introductory run down on the Azure platform and pricing, and then demonstrated for those in attendance how to go about Creating an Account and Deploying an Azure Application.

The best part, is that our good friends at Microsoft Canada offered $25 in User Group Funding for each person in attendance that followed along on their laptop to activate an azure account and deploy the sample application.

Now Held Over!

The even better part, is that MS Canada is extending the offer until December 31st online for anybody that goes through this process to activate and deploy a sample application online. We’ve got the instructions for you here and it will take you approximately 15 minutes to go through the videos and deploy the sample.

  1. Download the application package that you’ll need for the deployment here.
  2. Create an Azure Introductory Account (5 minutes). You’ll need
    • a Windows Live id. (if you don’t have one, click here for instructions)
    • a Valid Credit Card (don’t worry, in step 4 we’ll show you how to shut down your instance before you get charged).
    • navigate to and follow along with these instructions
      Signing up for Windows Azure
  3. Deploy the Nerd Dinner Application (8 minutes)
    • follow along with these instructions
      Deploying the Nerd Dinner Package to Azure
    • email a screenshot of your deployed application showing the URL and the name of your user group to
    • Specify TVBug, Metro Toronto .NET UG, CTTDNUG, Architecture UG, East of Toronto .NET UG, Markham .NET UG, etc.
  4. Tear down to the application to avoid any further charges (2 minutes)
    • Tearing down a Windows Azure Service

Here are the slides from Azure Fest

Stay tuned here for the next part of our video blogs where we will review:

  • Deploying a SQL Database to Azure
  • Installing the Azure Tools for Visual Studio and SDK
  • Deploying ASP.NET Applications from within Visual Studio