Now you can now use remote desktop to access the virtual machine running your Windows Azure role (Web, worker or the new VM role).
Assuming you have the latest Azure SDK 1.4, here are the steps necessary to use remote desktop in Azure:
1. Obtain (or create) a Personal Information Exchange certificate.
2. Upload the certificate to the Hosted Service in Windows Azure.
3. Using Visual Studio, publish your Azure role and configure the virtual machines for remote desktop connections (using the certificate).
4. Connect to the virtual machine once the instance is deployed and running.
1. Creating the certificate
There are a couple of ways to create a PFX certificate.
you can do this via your Visual Studio while creating a project.
2. Create the Hosted Service and Upload the Certificate
At this point, you are ready to create the hosted service and upload you certificate that will allow remote desktop connections. In this example, the hosted service and certificate will be created using the Windows Azure Portal.
Create the Hosted Service
Sign into the Windows Azure Portal (windows.azure.com) using your Windows Live ID (assuming you have a Windows Azure account). Once logged in, request to create a new hosted service. When you create the hosted service in Azure, you are not yet deploying code into the cloud. You just need to create the hosted service shell to hold the new certificate. So, when you create the service, make sure you select the "Do not deploy" radio button (shown below) on the Create a New Hosted Service entry form
2. Upload the certificate
With the hosted service created (but the application role(s) not yet deployed), upload the certificate you created in step 1. In the Hosted Services listing, click on the Certificates folder listed under your new hosted service and then click on the Add Certificate button that displays on the top of the portal page (see example below)
certificate file and private key password .When you browse to the location of the certificate in your filesystem, you will notice the portal UI constrains your selection to .pfx file types
Once you select your PFX file and enter your password, it takes only a few seconds for the Windows Azure Portal to create and associate you certificate to your hosted service. The certificate should now be listed under Certificates for the hosted service.
3. Create the Role(s) and configure the Virtual Machine
Create your Cloud Project
Now the Azure host environment is prepped for remote desktop enabled roles. The next task is to create your role(s) and configure the virtual machine instances than run those roles for remote desktop connections. For example sake, I created a new cloud project with a single Web role
Once your application has been constructed and tested and is ready to be deployed, right click on the cloud project and request to Publish... the project from the resulting menu (just as you normally would for any Azure Cloud application.
When the Deploy Windows Azure project window comes up, select/enter your hosted service credentials, deployment environment (the new hosted service you just created in the last step), the deployment label and then, importantly, click on the "Configure Remote Desktop connection" link shown at the bottom of the window (see below).
Configure Remote Desktop Configuration
In the prompt that results, check the "Enable connection for all roles" checkbox. Then select the certificate used for the remote connection . Complete the entries in the Remote Desktop Configuration dialog. Enter the username and password that you want to use to authenticate when you make a remote desktop connections into the virtual machine that will host your role(s). The password must meet certain complexity requirements (it must contain a combination of capital letters, lower case letters, and numbers or symbols - the window will tell you if your password does not comply). Also indicate the account expiration date. After this date specified, remote desktop connections will be blocked. This allows deployers/administrators to establish a small window of time whereby developers can remote in and configure/check on the roles, but then lock them out after things are running properly.
Hit the OK button on the Remote Desktop Configuration dialog window and then again on the Deploy Windows Azure project window to complete the deployment.
4. Make a Remote Desktop Connection
As always, it takes Visual Studio and Azure a few minutes to deploy and start your role(s). Once your role(s) is up and running, you should now be able to remote desktop into the virtual machine running your instance(s). First, you might notice that if you click on your roles listed in the Hosted Services display, the Azure portal indicates those that are are remote-desktop enabled via the Remote Access icons and indicators now enabled at the top of the page (see below)
You can use the Enable checkbox to instantly turn off remote desktop connections. Use the configure button to change the username, password, expiration time or certificate used as part of the connection.
When you click on one of the remote-desktop-enabled role instances, the Connect icon becomes enabled in the portal display.
You might be wondering why you have to select a role instance? Remember, you make a remote desktop connection to a virtual machine running a role and there may be (and probably will be) several instances for any role. Pick the instance whose virtual machine you want to connect.
To make a remote desktop connection, having picked one of the role instances, simply click the Connect icon in the portal icon bar at the top of the display. This causes a few pop-ups to appear. First a File Download popup (the Remote Desktop Connection file) appears. Push the Open button on this prompt
Next comes a security warning. Push the Connect button on this prompt (since your certificate is not signed).
Finally, you are prompted to sign-in to the virtual machine through the Windows Security popup. Enter the username and password you created in step 3 above (when you configured your role for remote desktop connections) and press OK to login remotely. Importantly, when you first login, proceed your username with a "\" indicating no Domain
A final security alert window requires you acknowledge the warning by pushing the Yes button.
Once authenticated, you should be be provided with a remote desktop screen just as if you connected to server in your data center. The tip off that you are connected to Azure can be seen both in the remote desktop window's label (note the GUID and URL) and the background image that indicates the copy of Windows "is not genuine".