Configuring Remote Desktop settings in Windows Azure Portal cause role status to change, why?

You may have seen that enabling remote access from Windows Azure management portal, you roles changes status as “waiting for host..” or “updating…” or something in between. Here is some information why it happens:

 

Configuring remote desktop via Azure management portal sends a new service configuration to your role instances. If you don’t want to be recycled when this happens, make sure you don’t cancel the Changing event when remote desktop configuration settings change. If you don’t handle this event you shouldn’t see any recycling. The Portal only turns off listening for new RDP connections if all roles have remote desktop disabled.

 

If you need granular remote desktop access control then you can change configuration as:

• Turn on and off RDP as a whole via Microsoft.WindowsAzure.Plugins.RemoteForwarder.Enabled,
• turn on and off RDP for a specific role via Microsoft.WindowsAzure.Plugins.RemoteAccess.Enabled.
• Making any one of the non-enabled RemoteAccess settings blank will prevent user creation at first. If remote access is enabled you can create remote access users later.

 

Because all of the operation of the remote desktop feature relies on configuration settings, any change to how remote desktop behaves requires a configuration change. When remote desktop settings are modified on the Portal a new service configuration file is generated with the updated remote desktop settings and then applied to the deployment. That’s why you see your roles change to the Updating state.

 

What you can do is:

• Enable RDP only when needed and disable it.
• Enable RDP from the start of your deployment and create user as and when needed.

 

Thanks to Windows Azure Team to providing this information.