After you have installed Royal Server, you should check Configure Royal Server now to review the default installation settings and adapt them to your needs. Although this post seems a bit long, you can leave everything default – except the Worker Account.
Attention: Make sure you configure the Worker Account, otherwise Royal Server is not able to connect to remote machines!
The Royal Server Configuration Tool enables you to check the status and health of Royal Server. You can configure installed components and manage your licenses with it.
After the Royal ServerConfiguration Tool has been launched, it is strongly recommended to set a Worker Account. Royal Server is running as a Windows Service and as such is using the Local System account. But for the commands Royal Server is executing, a Worker Account is used. It is vital, that this account has network access rights, otherwise Royal Server is unable to manage your servers.
Configuration of the port Royal Server is using
If checked, Royal Server compresses the traffic to save bandwidth.
Set it to “On” if you need the communication between Royal TS/X and Royal Server to be encrypted. You have to select a pre-installed suitable certificate from the list or create a self-signed certificate with a single click.
If you want to restrict access to Royal Server, you can check “Require Authentication”. If checked, Royal Server only accepts requests from users who are members of the local group “Royal Server Users” (which will be created automatically on installation). By default, the setup puts the local Administrator in this group. In addition, you need to setup and assign this credential in the Royal TS/X Royal Server object. To improve performance when authentication is required, configure the Royal Server caching time (default is 5 minutes).
Block IPs after unsuccessful login attempts
Since Royal Server might be attacked if reachable in the internet, you can configure a blocking mechanism to block IPs that unsuccessfully tried to login too often.
By default, Royal Server logs all Errors to the Windows Event log. A special log with the name “Royal Server Log” has been created automatically.
You can also specify that Royal Server should log in a file and chose a different logging level.
Additionally you can enable Request/Response logging where full requests and responses are logged. For each request, two files will be generated: a
<guid>_request.xml and a
Attention: This setting is producing a huge number of files and it is generally recommended to only turn it on for debugging purposes.
In the permissions tab you can check which accounts are allowed to work with Royal Server. When Royal Server is first started, it creates the Windows group “Royal Server Users” which contains all Windows accounts that are allowed. Use the Windows management tools or PowerShell to configure this group. The Royal Server Configuration Tool shows you the currently configured accounts:
Click on Refresh to reload the view, Configure… loads the Windows UI to manage the users of this group.
Attention: Loading the users of Windows groups is potentially slow since it might contain multiple hierarchies in an active directory. Unless all users are loaded, Royal Server denies all queries. This can be checked in the logfile on Loglevel WARN.
Especially during a beta period, we will frequently deliver new versions of Royal Server (and Royal TS/X). Having “Check for Updates” enabled, notifies you when a new version is available. “Include Beta Releases” is taking beta releases into account as well. We recommend to always stay up to date.
Remark: Since we don’t expect you to have the Royal Server Configuration Tool open all the time, this update check is also included in Royal TS/X. This way you also get notified if there is a newer version of Royal Server available.
Royal Server is designed to be very extensible – because we have big plans for further features. Royal Server offers functionality through components – right now, we have the “Management Connections”, the “Secure Gateway” and the “Document Store” components.
By default, a “Standard Free License (3 Pack)” is installed which allows you to manage 3 servers. Since version 2 of Royal Server we do not license by server anymore but just offer the following licenses which simplifies it alot and also aligns with Royal TS/X licenses:
For detailed information about licensing check out our Royal Server V2 FAQs.
Royal Server is keeping track of the servers you manage in the case you only have the “Standard Free License (3 Pack)” installed. In the Server Pool configuration, you can delete previously managed servers to free up licenses. This panel shows the number of managed servers you have licensed, how many are used already and how many free licenses are available. The column “Last Accessed” shows the last timestamp Royal Server accessed this server (this information is stored in memory and is not immediately available after the service was started).
Each server that should be managed by Royal Server needs to have two basic things configured:
Most of the Management Connection modules are based on WMI. To enable the proper configuration for remote WMI calls, you need to execute the Enable-PSRemoting command in an elevated PowerShell console.
In case the Windows Firewall is enabled the following two rules must be enabled: “Windows Management Instrumentation (WMI-In)” and “Windows Management Instrumentation (DCOM-In)”.
For the above two steps, we have also prepared a PowerShell script (in
Last but not least, you need to make sure you specify proper credentials when you configure a management connection (such as Windows Events or Windows Services) in Royal TS/X. In most scenarios, a user account who is member of the local administrators group is used. For low privilege environments a number of steps are necessary to grant non-administrative users the required rights.
Royal Server is now configured and waiting for requests. As next and last step, you need to install the latest version of Royal TS/X:
Configure your Royal Server object in our clients apps and you are good to go.
Here is a list of blogposts that configure different connection types:
Using Royal TS/X to access Royal Server
Hyper-V management with Royal TS/X and Royal Server
Terminal Services management with Royal TS/X and Royal Server
Windows Events management
Windows Processes management
Windows Services management
PowerShell scripts executed via Royal Server
View clean & dirty server reboots – using Templates