I needed some research to find out how to configure a WindowsAzure web role manually to activate Remote Desktop.

Here are the settings:

ServiceDefinition.csdef:

 <WebRole>
   ...
   <Imports>
     <Import moduleName="RemoteAccess" />
     <Import moduleName="RemoteForwarder" />
   </Imports>
 </WebRole>

Each role of the deployments which needs RDP requires the module “RemoteAccess”. Only one role needs to import the module “RemoteForwarder”.

ServiceConfiguration.cscfg

 <Role name="WorkerRole">
   <Instances count="2" />
   <ConfigurationSettings>
     ...
     <Setting name="Microsoft.WindowsAzure.Plugins.RemoteAccess.Enabled" value="true" />
     <Setting name="Microsoft.WindowsAzure.Plugins.RemoteAccess.AccountUsername" value="jimoneil" />
     <Setting name="Microsoft.WindowsAzure.Plugins.RemoteAccess.AccountEncryptedPassword" value="ENC_PASSWORD" />
     <Setting name="Microsoft.WindowsAzure.Plugins.RemoteAccess.AccountExpiration" value="2011-01-27T23:59:59.0000000-05:00" />
    <Setting name="Microsoft.WindowsAzure.Plugins.RemoteForwarder.Enabled" value="true" />
   </ConfigurationSettings>
   <Certificates>
     <Certificate name="Microsoft.WindowsAzure.Plugins.RemoteAccess.PasswordEncryption"
                  thumbprint="CERTIFIKATE_THUMBPRINT"
                  thumbprintAlgorithm="sha1" />
   </Certificates>
 </Role>

“RemoteForwarder” only needs to be activiated for the forwarder role. Follow the link below for a generate password how-to. The thumbprint can be found in the management portal.

Links