Enable Remote Desktop Connection for a Role in Azure Cloud Services (classic)
Important
Cloud Services (classic) is now deprecated for all customers as of September 1st, 2024. Any existing running deployments will be stopped and shut down by Microsoft and the data will be permanently lost starting October 2024. New deployments should use the new Azure Resource Manager based deployment model Azure Cloud Services (extended support).
Remote Desktop enables you to access the desktop of a role running in Azure. You can use a Remote Desktop connection to troubleshoot and diagnose problems with your application while it runs.
You can enable a Remote Desktop connection in your role during development by including the Remote Desktop modules in your service definition. Alternatively, you can choose to enable Remote Desktop through the Remote Desktop extension. The preferred approach is to use the Remote Desktop extension, as you can enable Remote Desktop even after the application is deployed without having to redeploy your application.
Configure Remote Desktop from the Azure portal
The Azure portal uses the Remote Desktop Extension approach so you can enable Remote Desktop even after the application is deployed. The Remote Desktop setting for your cloud service allows you to enable Remote Desktop, change the local Administrator account used to connect to the virtual machines, the certificate used in authentication and set the expiration date.
Select Cloud Services, select the name of the cloud service, and then select Remote Desktop.
Choose whether you want to enable Remote Desktop for an individual role or for all roles, then change the value of the switcher to Enabled.
Fill in the required fields for user name, password, expiry, and certificate.
Warning
All role instances will be restarted when you first enable Remote Desktop and select OK (checkmark). To prevent a reboot, the certificate used to encrypt the password must be installed on the role. To prevent a restart, upload a certificate for the cloud service and then return to this dialog.
In Roles, select the role you want to update or select All for all roles.
When you finish your configuration updates, select Save. It takes a few moments before your role instances are ready to receive connections.
Remote into role instances
Once Remote Desktop is enabled on the roles, you can initiate a connection directly from the Azure portal:
Select Instances to open the Instances settings.
Choose a role instance that has Remote Desktop configured.
Select Connect to download a Remote Desktop Protocol (RDP) file for the role instance.
Choose Open and then Connect to start the Remote Desktop connection.
Note
If your cloud service is sitting behind an NSG, you may need to create rules that allow traffic on ports 3389 and 20000. Remote Desktop uses port 3389. Cloud Service instances are load balanced, so you can't directly control which instance to connect to. The RemoteForwarder and RemoteAccess agents manage RDP traffic and allow the client to send an RDP cookie and specify an individual instance to connect to. The RemoteForwarder and RemoteAccess agents require that port 20000 is open, which may be blocked if you have an NSG.