From 1d0e1d173f7dfc2c690daf9ac58914ed3e61aee3 Mon Sep 17 00:00:00 2001
From: vfedosevich <devnull@localhost>
Date: Thu, 19 Feb 2015 06:12:30 -0800
Subject: [PATCH] Local admins for rds collections

---
 .../RemoteDesktopServicesProxy.cs             | 160 +++++++++++-
 .../RemoteDesktopServicesController.cs        |  92 ++++++-
 .../esRemoteDesktopServices.asmx.cs           |  16 +-
 .../IRemoteDesktopServices.cs                 |   4 +
 .../Windows2012.cs                            | 237 +++++++++++++++++-
 .../RemoteDesktopServicesProxy.cs             | 229 +++++++++++++++++
 .../RemoteDesktopServices.asmx.cs             |  66 +++++
 .../ESModule_ControlsHierarchy.config         |   1 +
 .../App_Data/WebsitePanel_Modules.config      |   1 +
 .../WebsitePanel_SharedResources.ascx.resx    |   3 +
 .../WebsitePanel/RDS/AddRDSServer.ascx.cs     |   7 +-
 .../RDSCreateCollection.ascx.resx             |   9 +
 .../RDSLocalAdmins.ascx.resx                  | 123 +++++++++
 .../RDS/AssignedRDSServers.ascx.cs            |   2 +-
 .../WebsitePanel/RDS/RDSCreateCollection.ascx |  25 +-
 .../WebsitePanel/RDS/RDSLocalAdmins.ascx.cs   |  63 +++++
 .../RDS/RDSLocalAdmins.ascx.designer.cs       | 105 ++++++++
 .../WebsitePanel/RDS/RdsLocalAdmins.ascx      |  45 ++++
 .../RDSCollectionTabs.ascx.resx               |   3 +
 .../UserControls/RDSCollectionTabs.ascx.cs    |   1 +
 .../WebsitePanel.Portal.Modules.csproj        |   9 +
 21 files changed, 1177 insertions(+), 24 deletions(-)
 create mode 100644 WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/App_LocalResources/RDSLocalAdmins.ascx.resx
 create mode 100644 WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/RDSLocalAdmins.ascx.cs
 create mode 100644 WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/RDSLocalAdmins.ascx.designer.cs
 create mode 100644 WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/RdsLocalAdmins.ascx

diff --git a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Client/RemoteDesktopServicesProxy.cs b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Client/RemoteDesktopServicesProxy.cs
index de6146ef..af25ea50 100644
--- a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Client/RemoteDesktopServicesProxy.cs
+++ b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Client/RemoteDesktopServicesProxy.cs
@@ -114,6 +114,10 @@ namespace WebsitePanel.EnterpriseServer {
         
         private System.Threading.SendOrPostCallback RestartRdsServerOperationCompleted;
         
+        private System.Threading.SendOrPostCallback GetRdsCollectionLocalAdminsOperationCompleted;
+        
+        private System.Threading.SendOrPostCallback SaveRdsCollectionLocalAdminsOperationCompleted;
+        
         /// <remarks/>
         public esRemoteDesktopServices() {
             this.Url = "http://localhost:9002/esRemoteDesktopServices.asmx";
@@ -245,6 +249,12 @@ namespace WebsitePanel.EnterpriseServer {
         /// <remarks/>
         public event RestartRdsServerCompletedEventHandler RestartRdsServerCompleted;
         
+        /// <remarks/>
+        public event GetRdsCollectionLocalAdminsCompletedEventHandler GetRdsCollectionLocalAdminsCompleted;
+        
+        /// <remarks/>
+        public event SaveRdsCollectionLocalAdminsCompletedEventHandler SaveRdsCollectionLocalAdminsCompleted;
+        
         /// <remarks/>
         [System.Web.Services.Protocols.SoapDocumentMethodAttribute("http://smbsaas/websitepanel/enterpriseserver/GetRdsCollection", RequestNamespace="http://smbsaas/websitepanel/enterpriseserver", ResponseNamespace="http://smbsaas/websitepanel/enterpriseserver", Use=System.Web.Services.Description.SoapBindingUse.Literal, ParameterStyle=System.Web.Services.Protocols.SoapParameterStyle.Wrapped)]
         public RdsCollection GetRdsCollection(int collectionId) {
@@ -1216,15 +1226,17 @@ namespace WebsitePanel.EnterpriseServer {
         
         /// <remarks/>
         [System.Web.Services.Protocols.SoapDocumentMethodAttribute("http://smbsaas/websitepanel/enterpriseserver/RemoveRdsServerFromOrganization", RequestNamespace="http://smbsaas/websitepanel/enterpriseserver", ResponseNamespace="http://smbsaas/websitepanel/enterpriseserver", Use=System.Web.Services.Description.SoapBindingUse.Literal, ParameterStyle=System.Web.Services.Protocols.SoapParameterStyle.Wrapped)]
-        public ResultObject RemoveRdsServerFromOrganization(int rdsServerId) {
+        public ResultObject RemoveRdsServerFromOrganization(int itemId, int rdsServerId) {
             object[] results = this.Invoke("RemoveRdsServerFromOrganization", new object[] {
+                        itemId,
                         rdsServerId});
             return ((ResultObject)(results[0]));
         }
         
         /// <remarks/>
-        public System.IAsyncResult BeginRemoveRdsServerFromOrganization(int rdsServerId, System.AsyncCallback callback, object asyncState) {
+        public System.IAsyncResult BeginRemoveRdsServerFromOrganization(int itemId, int rdsServerId, System.AsyncCallback callback, object asyncState) {
             return this.BeginInvoke("RemoveRdsServerFromOrganization", new object[] {
+                        itemId,
                         rdsServerId}, callback, asyncState);
         }
         
@@ -1235,16 +1247,17 @@ namespace WebsitePanel.EnterpriseServer {
         }
         
         /// <remarks/>
-        public void RemoveRdsServerFromOrganizationAsync(int rdsServerId) {
-            this.RemoveRdsServerFromOrganizationAsync(rdsServerId, null);
+        public void RemoveRdsServerFromOrganizationAsync(int itemId, int rdsServerId) {
+            this.RemoveRdsServerFromOrganizationAsync(itemId, rdsServerId, null);
         }
         
         /// <remarks/>
-        public void RemoveRdsServerFromOrganizationAsync(int rdsServerId, object userState) {
+        public void RemoveRdsServerFromOrganizationAsync(int itemId, int rdsServerId, object userState) {
             if ((this.RemoveRdsServerFromOrganizationOperationCompleted == null)) {
                 this.RemoveRdsServerFromOrganizationOperationCompleted = new System.Threading.SendOrPostCallback(this.OnRemoveRdsServerFromOrganizationOperationCompleted);
             }
             this.InvokeAsync("RemoveRdsServerFromOrganization", new object[] {
+                        itemId,
                         rdsServerId}, this.RemoveRdsServerFromOrganizationOperationCompleted, userState);
         }
         
@@ -2140,6 +2153,91 @@ namespace WebsitePanel.EnterpriseServer {
             }
         }
         
+        /// <remarks/>
+        [System.Web.Services.Protocols.SoapDocumentMethodAttribute("http://smbsaas/websitepanel/enterpriseserver/GetRdsCollectionLocalAdmins", RequestNamespace="http://smbsaas/websitepanel/enterpriseserver", ResponseNamespace="http://smbsaas/websitepanel/enterpriseserver", Use=System.Web.Services.Description.SoapBindingUse.Literal, ParameterStyle=System.Web.Services.Protocols.SoapParameterStyle.Wrapped)]
+        public OrganizationUser[] GetRdsCollectionLocalAdmins(int itemId) {
+            object[] results = this.Invoke("GetRdsCollectionLocalAdmins", new object[] {
+                        itemId});
+            return ((OrganizationUser[])(results[0]));
+        }
+        
+        /// <remarks/>
+        public System.IAsyncResult BeginGetRdsCollectionLocalAdmins(int itemId, System.AsyncCallback callback, object asyncState) {
+            return this.BeginInvoke("GetRdsCollectionLocalAdmins", new object[] {
+                        itemId}, callback, asyncState);
+        }
+        
+        /// <remarks/>
+        public OrganizationUser[] EndGetRdsCollectionLocalAdmins(System.IAsyncResult asyncResult) {
+            object[] results = this.EndInvoke(asyncResult);
+            return ((OrganizationUser[])(results[0]));
+        }
+        
+        /// <remarks/>
+        public void GetRdsCollectionLocalAdminsAsync(int itemId) {
+            this.GetRdsCollectionLocalAdminsAsync(itemId, null);
+        }
+        
+        /// <remarks/>
+        public void GetRdsCollectionLocalAdminsAsync(int itemId, object userState) {
+            if ((this.GetRdsCollectionLocalAdminsOperationCompleted == null)) {
+                this.GetRdsCollectionLocalAdminsOperationCompleted = new System.Threading.SendOrPostCallback(this.OnGetRdsCollectionLocalAdminsOperationCompleted);
+            }
+            this.InvokeAsync("GetRdsCollectionLocalAdmins", new object[] {
+                        itemId}, this.GetRdsCollectionLocalAdminsOperationCompleted, userState);
+        }
+        
+        private void OnGetRdsCollectionLocalAdminsOperationCompleted(object arg) {
+            if ((this.GetRdsCollectionLocalAdminsCompleted != null)) {
+                System.Web.Services.Protocols.InvokeCompletedEventArgs invokeArgs = ((System.Web.Services.Protocols.InvokeCompletedEventArgs)(arg));
+                this.GetRdsCollectionLocalAdminsCompleted(this, new GetRdsCollectionLocalAdminsCompletedEventArgs(invokeArgs.Results, invokeArgs.Error, invokeArgs.Cancelled, invokeArgs.UserState));
+            }
+        }
+        
+        /// <remarks/>
+        [System.Web.Services.Protocols.SoapDocumentMethodAttribute("http://smbsaas/websitepanel/enterpriseserver/SaveRdsCollectionLocalAdmins", RequestNamespace="http://smbsaas/websitepanel/enterpriseserver", ResponseNamespace="http://smbsaas/websitepanel/enterpriseserver", Use=System.Web.Services.Description.SoapBindingUse.Literal, ParameterStyle=System.Web.Services.Protocols.SoapParameterStyle.Wrapped)]
+        public ResultObject SaveRdsCollectionLocalAdmins(OrganizationUser[] users, int itemId) {
+            object[] results = this.Invoke("SaveRdsCollectionLocalAdmins", new object[] {
+                        users,
+                        itemId});
+            return ((ResultObject)(results[0]));
+        }
+        
+        /// <remarks/>
+        public System.IAsyncResult BeginSaveRdsCollectionLocalAdmins(OrganizationUser[] users, int itemId, System.AsyncCallback callback, object asyncState) {
+            return this.BeginInvoke("SaveRdsCollectionLocalAdmins", new object[] {
+                        users,
+                        itemId}, callback, asyncState);
+        }
+        
+        /// <remarks/>
+        public ResultObject EndSaveRdsCollectionLocalAdmins(System.IAsyncResult asyncResult) {
+            object[] results = this.EndInvoke(asyncResult);
+            return ((ResultObject)(results[0]));
+        }
+        
+        /// <remarks/>
+        public void SaveRdsCollectionLocalAdminsAsync(OrganizationUser[] users, int itemId) {
+            this.SaveRdsCollectionLocalAdminsAsync(users, itemId, null);
+        }
+        
+        /// <remarks/>
+        public void SaveRdsCollectionLocalAdminsAsync(OrganizationUser[] users, int itemId, object userState) {
+            if ((this.SaveRdsCollectionLocalAdminsOperationCompleted == null)) {
+                this.SaveRdsCollectionLocalAdminsOperationCompleted = new System.Threading.SendOrPostCallback(this.OnSaveRdsCollectionLocalAdminsOperationCompleted);
+            }
+            this.InvokeAsync("SaveRdsCollectionLocalAdmins", new object[] {
+                        users,
+                        itemId}, this.SaveRdsCollectionLocalAdminsOperationCompleted, userState);
+        }
+        
+        private void OnSaveRdsCollectionLocalAdminsOperationCompleted(object arg) {
+            if ((this.SaveRdsCollectionLocalAdminsCompleted != null)) {
+                System.Web.Services.Protocols.InvokeCompletedEventArgs invokeArgs = ((System.Web.Services.Protocols.InvokeCompletedEventArgs)(arg));
+                this.SaveRdsCollectionLocalAdminsCompleted(this, new SaveRdsCollectionLocalAdminsCompletedEventArgs(invokeArgs.Results, invokeArgs.Error, invokeArgs.Cancelled, invokeArgs.UserState));
+            }
+        }
+        
         /// <remarks/>
         public new void CancelAsync(object userState) {
             base.CancelAsync(userState);
@@ -3237,4 +3335,56 @@ namespace WebsitePanel.EnterpriseServer {
             }
         }
     }
+    
+    /// <remarks/>
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("wsdl", "2.0.50727.3038")]
+    public delegate void GetRdsCollectionLocalAdminsCompletedEventHandler(object sender, GetRdsCollectionLocalAdminsCompletedEventArgs e);
+    
+    /// <remarks/>
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("wsdl", "2.0.50727.3038")]
+    [System.Diagnostics.DebuggerStepThroughAttribute()]
+    [System.ComponentModel.DesignerCategoryAttribute("code")]
+    public partial class GetRdsCollectionLocalAdminsCompletedEventArgs : System.ComponentModel.AsyncCompletedEventArgs {
+        
+        private object[] results;
+        
+        internal GetRdsCollectionLocalAdminsCompletedEventArgs(object[] results, System.Exception exception, bool cancelled, object userState) : 
+                base(exception, cancelled, userState) {
+            this.results = results;
+        }
+        
+        /// <remarks/>
+        public OrganizationUser[] Result {
+            get {
+                this.RaiseExceptionIfNecessary();
+                return ((OrganizationUser[])(this.results[0]));
+            }
+        }
+    }
+    
+    /// <remarks/>
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("wsdl", "2.0.50727.3038")]
+    public delegate void SaveRdsCollectionLocalAdminsCompletedEventHandler(object sender, SaveRdsCollectionLocalAdminsCompletedEventArgs e);
+    
+    /// <remarks/>
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("wsdl", "2.0.50727.3038")]
+    [System.Diagnostics.DebuggerStepThroughAttribute()]
+    [System.ComponentModel.DesignerCategoryAttribute("code")]
+    public partial class SaveRdsCollectionLocalAdminsCompletedEventArgs : System.ComponentModel.AsyncCompletedEventArgs {
+        
+        private object[] results;
+        
+        internal SaveRdsCollectionLocalAdminsCompletedEventArgs(object[] results, System.Exception exception, bool cancelled, object userState) : 
+                base(exception, cancelled, userState) {
+            this.results = results;
+        }
+        
+        /// <remarks/>
+        public ResultObject Result {
+            get {
+                this.RaiseExceptionIfNecessary();
+                return ((ResultObject)(this.results[0]));
+            }
+        }
+    }
 }
diff --git a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/RemoteDesktopServices/RemoteDesktopServicesController.cs b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/RemoteDesktopServices/RemoteDesktopServicesController.cs
index 84b73099..04da46cb 100644
--- a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/RemoteDesktopServices/RemoteDesktopServicesController.cs
+++ b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer.Code/RemoteDesktopServices/RemoteDesktopServicesController.cs
@@ -168,9 +168,9 @@ namespace WebsitePanel.EnterpriseServer
             return RemoveRdsServerFromCollectionInternal(itemId, rdsServer, rdsCollection);
         }
 
-        public static ResultObject RemoveRdsServerFromOrganization(int rdsServerId)
+        public static ResultObject RemoveRdsServerFromOrganization(int itemId, int rdsServerId)
         {
-            return RemoveRdsServerFromOrganizationInternal(rdsServerId);
+            return RemoveRdsServerFromOrganizationInternal(itemId, rdsServerId);
         }
 
         public static ResultObject UpdateRdsServer(RdsServer rdsServer)
@@ -268,6 +268,16 @@ namespace WebsitePanel.EnterpriseServer
             return RestartRdsServerInternal(itemId, fqdnName);
         }
 
+        public static List<OrganizationUser> GetRdsCollectionLocalAdmins(int itemId)
+        {
+            return GetRdsCollectionLocalAdminsInternal(itemId);
+        }
+
+        public static ResultObject SaveRdsCollectionLocalAdmins(OrganizationUser[] users, int itemId)
+        {
+            return SaveRdsCollectionLocalAdminsInternal(users, itemId);
+        }
+
         private static RdsCollection GetRdsCollectionInternal(int collectionId)
         {
             var collection = ObjectUtils.FillObjectFromDataReader<RdsCollection>(DataProvider.GetRDSCollectionById(collectionId));
@@ -300,6 +310,61 @@ namespace WebsitePanel.EnterpriseServer
             return collection;
         }
 
+        private static List<OrganizationUser> GetRdsCollectionLocalAdminsInternal(int itemId)
+        {
+            var result = new List<OrganizationUser>();
+            Organization org = OrganizationController.GetOrganization(itemId);
+            
+            if (org == null)
+            {
+                return result;
+            }
+            
+            var rds = GetRemoteDesktopServices(GetRemoteDesktopServiceID(org.PackageId));            
+
+            var organizationUsers = OrganizationController.GetOrganizationUsersPaged(itemId, null, null, null, 0, Int32.MaxValue).PageUsers;
+            var organizationAdmins = rds.GetRdsCollectionLocalAdmins(org.OrganizationId);
+
+            return organizationUsers.Where(o => organizationAdmins.Select(a => a.ToLower()).Contains(o.SamAccountName.ToLower())).ToList();
+        }
+
+        private static ResultObject SaveRdsCollectionLocalAdminsInternal(OrganizationUser[] users, int itemId)
+        {
+            var result = TaskManager.StartResultTask<ResultObject>("REMOTE_DESKTOP_SERVICES", "SAVE_LOCAL_ADMINS");
+
+            try
+            {                
+                Organization org = OrganizationController.GetOrganization(itemId);
+
+                if (org == null)
+                {
+                    result.IsSuccess = false;
+                    result.AddError("", new NullReferenceException("Organization not found"));
+                    return result;
+                }
+
+                var rds = GetRemoteDesktopServices(GetRemoteDesktopServiceID(org.PackageId));
+                rds.SaveRdsCollectionLocalAdmins(users.Select(u => u.AccountName).ToArray(), org.OrganizationId);
+            }
+            catch (Exception ex)
+            {
+                throw TaskManager.WriteError(ex);
+            }
+            finally
+            {
+                if (!result.IsSuccess)
+                {
+                    TaskManager.CompleteResultTask(result);
+                }
+                else
+                {
+                    TaskManager.CompleteResultTask();
+                }
+            }
+
+            return result;
+        }
+
         private static RdsCollectionSettings GetRdsCollectionSettingsInternal(int collectionId)
         {
             var collection = ObjectUtils.FillObjectFromDataReader<RdsCollection>(DataProvider.GetRDSCollectionById(collectionId));
@@ -960,11 +1025,12 @@ namespace WebsitePanel.EnterpriseServer
                     rds.AddSessionHostFeatureToServer(rdsServer.FqdName);
                 }
 
+                rds.MoveRdsServerToTenantOU(rdsServer.FqdName, org.OrganizationId);
                 DataProvider.AddRDSServerToOrganization(itemId, serverId);
             }
             catch (Exception ex)
             {
-                result.AddError("REMOTE_DESKTOP_SERVICES_ADD_RDS_SERVER_TO_ORGANIZATION", ex);
+                throw TaskManager.WriteError(ex);
             }
             finally
             {
@@ -981,17 +1047,29 @@ namespace WebsitePanel.EnterpriseServer
             return result;
         }
 
-        private static ResultObject RemoveRdsServerFromOrganizationInternal(int rdsServerId)
+        private static ResultObject RemoveRdsServerFromOrganizationInternal(int itemId, int rdsServerId)
         {
-            var result = TaskManager.StartResultTask<ResultObject>("REMOTE_DESKTOP_SERVICES", "REMOVE_RDS_SERVER_FROM_ORGANIZATION");
+            var result = TaskManager.StartResultTask<ResultObject>("REMOTE_DESKTOP_SERVICES", "REMOVE_RDS_SERVER_FROM_ORGANIZATION");            
 
             try
             {
+                Organization org = OrganizationController.GetOrganization(itemId);
+
+                if (org == null)
+                {
+                    result.IsSuccess = false;
+                    result.AddError("", new NullReferenceException("Organization not found"));
+                    return result;
+                }
+
+                var rdsServer = ObjectUtils.FillObjectFromDataReader<RdsServer>(DataProvider.GetRDSServerById(rdsServerId));
+                var rds = GetRemoteDesktopServices(GetRemoteDesktopServiceID(org.PackageId));
+                rds.RemoveRdsServerFromTenantOU(rdsServer.FqdName, org.OrganizationId);
                 DataProvider.RemoveRDSServerFromOrganization(rdsServerId);
             }
             catch (Exception ex)
             {
-                result.AddError("REMOTE_DESKTOP_SERVICES_REMOVE_RDS_SERVER_FROM_ORGANIZATION", ex);
+                throw TaskManager.WriteError(ex);
             }
             finally
             {
@@ -1542,7 +1620,7 @@ namespace WebsitePanel.EnterpriseServer
 
                 foreach (var server in servers)
                 {
-                    RemoveRdsServerFromOrganization(server.Id);
+                    RemoveRdsServerFromOrganization(itemId, server.Id);
                 }
             }
             catch (Exception ex)
diff --git a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer/esRemoteDesktopServices.asmx.cs b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer/esRemoteDesktopServices.asmx.cs
index e60b9cf0..9cbd8c42 100644
--- a/WebsitePanel/Sources/WebsitePanel.EnterpriseServer/esRemoteDesktopServices.asmx.cs
+++ b/WebsitePanel/Sources/WebsitePanel.EnterpriseServer/esRemoteDesktopServices.asmx.cs
@@ -189,9 +189,9 @@ namespace WebsitePanel.EnterpriseServer
         }
 
         [WebMethod]
-        public ResultObject RemoveRdsServerFromOrganization(int rdsServerId)
+        public ResultObject RemoveRdsServerFromOrganization(int itemId, int rdsServerId)
         {
-            return RemoteDesktopServicesController.RemoveRdsServerFromOrganization(rdsServerId);
+            return RemoteDesktopServicesController.RemoveRdsServerFromOrganization(itemId, rdsServerId);
         }
 
         [WebMethod]
@@ -313,5 +313,17 @@ namespace WebsitePanel.EnterpriseServer
         {
             return RemoteDesktopServicesController.RestartRdsServer(itemId, fqdnName);
         }
+
+        [WebMethod]
+        public List<OrganizationUser> GetRdsCollectionLocalAdmins(int itemId)
+        {
+            return RemoteDesktopServicesController.GetRdsCollectionLocalAdmins(itemId);
+        }
+
+        [WebMethod]
+        public ResultObject SaveRdsCollectionLocalAdmins(OrganizationUser[] users, int itemId)
+        {
+            return RemoteDesktopServicesController.SaveRdsCollectionLocalAdmins(users, itemId);
+        }
     }
 }
diff --git a/WebsitePanel/Sources/WebsitePanel.Providers.Base/RemoteDesktopServices/IRemoteDesktopServices.cs b/WebsitePanel/Sources/WebsitePanel.Providers.Base/RemoteDesktopServices/IRemoteDesktopServices.cs
index 807dabd6..86448293 100644
--- a/WebsitePanel/Sources/WebsitePanel.Providers.Base/RemoteDesktopServices/IRemoteDesktopServices.cs
+++ b/WebsitePanel/Sources/WebsitePanel.Providers.Base/RemoteDesktopServices/IRemoteDesktopServices.cs
@@ -73,5 +73,9 @@ namespace WebsitePanel.Providers.RemoteDesktopServices
         string GetRdsServerStatus(string serverName);
         void ShutDownRdsServer(string serverName);
         void RestartRdsServer(string serverName);
+        void SaveRdsCollectionLocalAdmins(List<string> users, string organizationId);
+        List<string> GetRdsCollectionLocalAdmins(string organizationId);
+        void MoveRdsServerToTenantOU(string hostName, string organizationId);
+        void RemoveRdsServerFromTenantOU(string hostName, string organizationId);
     }
 }
diff --git a/WebsitePanel/Sources/WebsitePanel.Providers.TerminalServices.Windows2012/Windows2012.cs b/WebsitePanel/Sources/WebsitePanel.Providers.TerminalServices.Windows2012/Windows2012.cs
index 07cd3f64..a9ebf044 100644
--- a/WebsitePanel/Sources/WebsitePanel.Providers.TerminalServices.Windows2012/Windows2012.cs
+++ b/WebsitePanel/Sources/WebsitePanel.Providers.TerminalServices.Windows2012/Windows2012.cs
@@ -47,6 +47,8 @@ using System.Management;
 using System.Management.Automation;
 using System.Management.Automation.Runspaces;
 using System.Collections.ObjectModel;
+using System.DirectoryServices;
+using System.Security.Cryptography.X509Certificates;
 
 
 namespace WebsitePanel.Providers.RemoteDesktopServices
@@ -63,7 +65,9 @@ namespace WebsitePanel.Providers.RemoteDesktopServices
         private const string Users = "users";
         private const string RdsGroupFormat = "rds-{0}-{1}";
         private const string RdsModuleName = "RemoteDesktopServices";
-        private const string AddNpsString = "netsh nps add np name=\"\"{0}\"\" policysource=\"1\" processingorder=\"{1}\" conditionid=\"0x3d\" conditiondata=\"^5$\" conditionid=\"0x1fb5\" conditiondata=\"{2}\" conditionid=\"0x1e\" conditiondata=\"UserAuthType:(PW|CA)\" profileid=\"0x1005\" profiledata=\"TRUE\" profileid=\"0x100f\" profiledata=\"TRUE\" profileid=\"0x1009\" profiledata=\"0x7\" profileid=\"0x1fe6\" profiledata=\"0x40000000\"";        
+        private const string AddNpsString = "netsh nps add np name=\"\"{0}\"\" policysource=\"1\" processingorder=\"{1}\" conditionid=\"0x3d\" conditiondata=\"^5$\" conditionid=\"0x1fb5\" conditiondata=\"{2}\" conditionid=\"0x1e\" conditiondata=\"UserAuthType:(PW|CA)\" profileid=\"0x1005\" profiledata=\"TRUE\" profileid=\"0x100f\" profiledata=\"TRUE\" profileid=\"0x1009\" profiledata=\"0x7\" profileid=\"0x1fe6\" profiledata=\"0x40000000\"";
+        private const string WspAdministratorsGroupName = "WSPAdministrators";
+        private const string RdsServersOU = "RDSServers";        
 
         #endregion
 
@@ -497,7 +501,6 @@ namespace WebsitePanel.Providers.RemoteDesktopServices
                 //Remove security group
 
                 ActiveDirectoryUtils.DeleteADObject(GetComputerGroupPath(organizationId, collectionName));
-
                 ActiveDirectoryUtils.DeleteADObject(GetUsersGroupPath(organizationId, collectionName));
             }
             catch (Exception e)
@@ -949,6 +952,109 @@ namespace WebsitePanel.Providers.RemoteDesktopServices
 
         #endregion
 
+        #region Local Admins
+
+        public void SaveRdsCollectionLocalAdmins(List<string> users, string organizationId)
+        {
+            if (!CheckAdminsGroup(organizationId))
+            {
+                CreateAdminsGroup(organizationId);
+            }
+
+            var orgPath = GetOrganizationPath(organizationId);
+            var orgEntry = ActiveDirectoryUtils.GetADObject(orgPath);
+            var existingAdmins = ActiveDirectoryUtils.GetGroupObjects(WspAdministratorsGroupName, "user", orgEntry);
+            var adminsGroupPath = GetWspAdminsGroupPath(organizationId);
+
+            foreach (string userPath in existingAdmins)
+            {
+                ActiveDirectoryUtils.RemoveObjectFromGroup(userPath, adminsGroupPath);
+            }
+            
+            foreach (var user in users)
+            {
+                var userPath = GetUserPath(organizationId, user);
+
+                if (ActiveDirectoryUtils.AdObjectExists(userPath))
+                {
+                    var userObject = ActiveDirectoryUtils.GetADObject(userPath);
+                    var samName = (string)ActiveDirectoryUtils.GetADObjectProperty(userObject, "sAMAccountName");                    
+                    ActiveDirectoryUtils.AddObjectToGroup(userPath, adminsGroupPath);
+                }
+            }
+        }
+
+        public List<string> GetRdsCollectionLocalAdmins(string organizationId)
+        {
+            var adminsGroupPath = GetWspAdminsGroupPath(organizationId);
+            var orgPath = GetOrganizationPath(organizationId);
+            var orgEntry = ActiveDirectoryUtils.GetADObject(orgPath);
+            var rdsAdmins = ActiveDirectoryUtils.GetGroupObjects(WspAdministratorsGroupName, "user", orgEntry);
+            var rootPath = GetRootOUPath();
+            var rootEntry = ActiveDirectoryUtils.GetADObject(rootPath);
+
+            var collectionUsers = ActiveDirectoryUtils.GetGroupObjects(organizationId, "user", rootEntry);
+            var orgAdmins = collectionUsers.Intersect(rdsAdmins);
+            var result = new List<string>();
+
+            foreach (var admin in orgAdmins)
+            {
+                var userObject = ActiveDirectoryUtils.GetADObject(admin);
+                var samName = (string)ActiveDirectoryUtils.GetADObjectProperty(userObject, "sAMAccountName");
+                result.Add(samName);
+            }            
+
+            return result;
+        }
+
+        private bool CheckAdminsGroup(string organizationId)
+        {
+            var adminsGroupPath = GetWspAdminsGroupPath(organizationId);
+            return ActiveDirectoryUtils.AdObjectExists(adminsGroupPath);
+        }
+
+        private void CreateAdminsGroup(string organizationId)
+        {
+            var adminsRootGroupPath = GetWspAdminsRootGroupPath(organizationId);
+            ActiveDirectoryUtils.CreateGroup(adminsRootGroupPath, WspAdministratorsGroupName);
+
+            string groupPath = string.Format("WinNT://{0}/{1}/{2},group", ServerSettings.ADRootDomain, PrimaryDomainController, WspAdministratorsGroupName);
+
+            using (var userGroup = new DirectoryEntry(groupPath))
+            {
+                string localAdministratorsPath = string.Format("WinNT://{0}/{1},group", PrimaryDomainController, "Administrators");
+
+                using (DirectoryEntry group = new DirectoryEntry(localAdministratorsPath))
+                {
+                    group.Invoke("Add", groupPath);
+                    group.CommitChanges();
+                }
+            }
+        }
+
+        #endregion
+
+        #region SSL
+
+        public void InstallCertificate(byte[] certificate, string password, string hostName)
+        {
+            var x509Cert = new X509Certificate2(certificate, password, X509KeyStorageFlags.Exportable);                            
+        }   
+     
+        private string CopyCertificateFile(byte[] certificate, string hostName)
+        {
+            var destinationPath = string.Format("\\{0}\\c$\\remoteCert.pfx", hostName);
+
+            return destinationPath;
+        }
+
+        private void DeleteCertificate(string path)
+        {
+
+        }
+
+        #endregion
+
         private void AddRdsServerToDeployment(Runspace runSpace, RdsServer server)
         {
             Command cmd = new Command("Add-RDserver");
@@ -1104,6 +1210,63 @@ namespace WebsitePanel.Providers.RemoteDesktopServices
             return installationResult;
         }
 
+        public void MoveRdsServerToTenantOU(string hostName, string organizationId)
+        {
+            var tenantComputerGroupPath = GetTenantComputerGroupPath(organizationId);
+
+            if (!ActiveDirectoryUtils.AdObjectExists(tenantComputerGroupPath))
+            {
+                ActiveDirectoryUtils.CreateGroup(GetOrganizationPath(organizationId), RdsServersOU);
+            }
+
+            hostName = hostName.ToLower().Replace(string.Format(".{0}", ServerSettings.ADRootDomain.ToLower()), "");
+            var computerPath = GetComputerPath(hostName, true);                                
+
+            if(!ActiveDirectoryUtils.AdObjectExists(computerPath))
+            {
+                computerPath = GetComputerPath(hostName, false);
+            }
+
+            if (ActiveDirectoryUtils.AdObjectExists(computerPath))
+            {
+                var computerObject = ActiveDirectoryUtils.GetADObject(computerPath);
+                var samName = (string)ActiveDirectoryUtils.GetADObjectProperty(computerObject, "sAMAccountName");
+
+                if (!ActiveDirectoryUtils.IsComputerInGroup(samName, RdsServersOU))
+                {                    
+                    DirectoryEntry group = new DirectoryEntry(tenantComputerGroupPath);
+                    group.Invoke("Add", computerObject.Path);
+
+                    group.CommitChanges();                    
+                }
+            }            
+        }
+
+        public void RemoveRdsServerFromTenantOU(string hostName, string organizationId)
+        {
+            var tenantComputerGroupPath = GetTenantComputerGroupPath(organizationId);
+            hostName = hostName.ToLower().Replace(string.Format(".{0}", ServerSettings.ADRootDomain.ToLower()), "");
+            var tenantComputerPath = GetTenantComputerPath(hostName, organizationId);
+
+            var computerPath = GetComputerPath(hostName, true);
+
+            if (!ActiveDirectoryUtils.AdObjectExists(computerPath))
+            {
+                computerPath = GetComputerPath(hostName, false);
+            }
+
+            if (ActiveDirectoryUtils.AdObjectExists(computerPath))
+            {
+                var computerObject = ActiveDirectoryUtils.GetADObject(computerPath);
+                var samName = (string)ActiveDirectoryUtils.GetADObjectProperty(computerObject, "sAMAccountName");
+
+                if (ActiveDirectoryUtils.IsComputerInGroup(samName, RdsServersOU))
+                {
+                    ActiveDirectoryUtils.RemoveObjectFromGroup(computerPath, tenantComputerGroupPath);
+                }
+            }
+        }
+
         public bool CheckSessionHostFeatureInstallation(string hostName)
         {
             bool isInstalled = false;
@@ -1300,6 +1463,31 @@ namespace WebsitePanel.Providers.RemoteDesktopServices
             AppendOUPath(sb, RootOU);
             AppendDomainPath(sb, RootDomain);
 
+            return sb.ToString();
+        }                       
+
+        internal string GetWspAdminsRootGroupPath(string organizationId)
+        {
+            StringBuilder sb = new StringBuilder();            
+            AppendProtocol(sb);
+            AppendDomainController(sb);
+            AppendOUPath(sb, organizationId);    
+            AppendOUPath(sb, RootOU);
+            AppendDomainPath(sb, RootDomain);
+
+            return sb.ToString();
+        }
+
+        internal string GetWspAdminsGroupPath(string organizationId)
+        {
+            StringBuilder sb = new StringBuilder();            
+            AppendProtocol(sb);
+            AppendDomainController(sb);
+            AppendCNPath(sb, WspAdministratorsGroupName);
+            AppendOUPath(sb, organizationId);
+            AppendOUPath(sb, RootOU);
+            AppendDomainPath(sb, RootDomain);
+
             return sb.ToString();
         }
 
@@ -1310,7 +1498,7 @@ namespace WebsitePanel.Providers.RemoteDesktopServices
             AppendProtocol(sb);
             AppendDomainController(sb);
             AppendCNPath(sb, GetUsersGroupName(collection));
-            AppendOUPath(sb, organizationId);
+            AppendOUPath(sb, organizationId);            
             AppendOUPath(sb, RootOU);
             AppendDomainPath(sb, RootDomain);
 
@@ -1331,6 +1519,18 @@ namespace WebsitePanel.Providers.RemoteDesktopServices
             return sb.ToString();
         }
 
+        private string GetRootOUPath()
+        {
+            StringBuilder sb = new StringBuilder();
+            // append provider
+            AppendProtocol(sb);
+            AppendDomainController(sb);                        
+            AppendOUPath(sb, RootOU);
+            AppendDomainPath(sb, RootDomain);
+
+            return sb.ToString();
+        }
+
         private string GetOrganizationPath(string organizationId)
         {
             StringBuilder sb = new StringBuilder();
@@ -1349,7 +1549,7 @@ namespace WebsitePanel.Providers.RemoteDesktopServices
             StringBuilder sb = new StringBuilder();
             // append provider
             AppendProtocol(sb);
-            AppendDomainController(sb);
+            AppendDomainController(sb);            
             AppendCNPath(sb, objName);
             if (domainController)
             {
@@ -1365,6 +1565,35 @@ namespace WebsitePanel.Providers.RemoteDesktopServices
             return sb.ToString();
         }
 
+        private string GetTenantComputerPath(string objName, string organizationId)
+        {
+            StringBuilder sb = new StringBuilder();
+            
+            AppendProtocol(sb);
+            AppendDomainController(sb);
+            AppendCNPath(sb, objName);
+            AppendCNPath(sb, RdsServersOU);
+            AppendOUPath(sb, organizationId);
+            AppendOUPath(sb, RootOU);
+            AppendDomainPath(sb, RootDomain);
+
+            return sb.ToString();
+        }
+
+        internal string GetTenantComputerGroupPath(string organizationId)
+        {
+            StringBuilder sb = new StringBuilder();
+            
+            AppendProtocol(sb);
+            AppendDomainController(sb);
+            AppendCNPath(sb, RdsServersOU);
+            AppendOUPath(sb, organizationId);
+            AppendOUPath(sb, RootOU);
+            AppendDomainPath(sb, RootDomain);
+
+            return sb.ToString();
+        }        
+
         private static void AppendCNPath(StringBuilder sb, string organizationId)
         {
             if (string.IsNullOrEmpty(organizationId))
diff --git a/WebsitePanel/Sources/WebsitePanel.Server.Client/RemoteDesktopServicesProxy.cs b/WebsitePanel/Sources/WebsitePanel.Server.Client/RemoteDesktopServicesProxy.cs
index 33b741df..2c3cfeed 100644
--- a/WebsitePanel/Sources/WebsitePanel.Server.Client/RemoteDesktopServicesProxy.cs
+++ b/WebsitePanel/Sources/WebsitePanel.Server.Client/RemoteDesktopServicesProxy.cs
@@ -89,6 +89,14 @@ namespace WebsitePanel.Providers.RemoteDesktopServices {
         
         private System.Threading.SendOrPostCallback RestartRdsServerOperationCompleted;
         
+        private System.Threading.SendOrPostCallback SaveRdsCollectionLocalAdminsOperationCompleted;
+        
+        private System.Threading.SendOrPostCallback GetRdsCollectionLocalAdminsOperationCompleted;
+        
+        private System.Threading.SendOrPostCallback MoveRdsServerToTenantOUOperationCompleted;
+        
+        private System.Threading.SendOrPostCallback RemoveRdsServerFromTenantOUOperationCompleted;
+        
         /// <remarks/>
         public RemoteDesktopServices() {
             this.Url = "http://localhost:9003/RemoteDesktopServices.asmx";
@@ -184,6 +192,18 @@ namespace WebsitePanel.Providers.RemoteDesktopServices {
         /// <remarks/>
         public event RestartRdsServerCompletedEventHandler RestartRdsServerCompleted;
         
+        /// <remarks/>
+        public event SaveRdsCollectionLocalAdminsCompletedEventHandler SaveRdsCollectionLocalAdminsCompleted;
+        
+        /// <remarks/>
+        public event GetRdsCollectionLocalAdminsCompletedEventHandler GetRdsCollectionLocalAdminsCompleted;
+        
+        /// <remarks/>
+        public event MoveRdsServerToTenantOUCompletedEventHandler MoveRdsServerToTenantOUCompleted;
+        
+        /// <remarks/>
+        public event RemoveRdsServerFromTenantOUCompletedEventHandler RemoveRdsServerFromTenantOUCompleted;
+        
         /// <remarks/>
         [System.Web.Services.Protocols.SoapHeaderAttribute("ServiceProviderSettingsSoapHeaderValue")]
         [System.Web.Services.Protocols.SoapDocumentMethodAttribute("http://smbsaas/websitepanel/server/CreateCollection", RequestNamespace="http://smbsaas/websitepanel/server/", ResponseNamespace="http://smbsaas/websitepanel/server/", Use=System.Web.Services.Description.SoapBindingUse.Literal, ParameterStyle=System.Web.Services.Protocols.SoapParameterStyle.Wrapped)]
@@ -1483,6 +1503,177 @@ namespace WebsitePanel.Providers.RemoteDesktopServices {
             }
         }
         
+        /// <remarks/>
+        [System.Web.Services.Protocols.SoapHeaderAttribute("ServiceProviderSettingsSoapHeaderValue")]
+        [System.Web.Services.Protocols.SoapDocumentMethodAttribute("http://smbsaas/websitepanel/server/SaveRdsCollectionLocalAdmins", RequestNamespace="http://smbsaas/websitepanel/server/", ResponseNamespace="http://smbsaas/websitepanel/server/", Use=System.Web.Services.Description.SoapBindingUse.Literal, ParameterStyle=System.Web.Services.Protocols.SoapParameterStyle.Wrapped)]
+        public void SaveRdsCollectionLocalAdmins(string[] users, string organizationId) {
+            this.Invoke("SaveRdsCollectionLocalAdmins", new object[] {
+                        users,
+                        organizationId});
+        }
+        
+        /// <remarks/>
+        public System.IAsyncResult BeginSaveRdsCollectionLocalAdmins(string[] users, string organizationId, System.AsyncCallback callback, object asyncState) {
+            return this.BeginInvoke("SaveRdsCollectionLocalAdmins", new object[] {
+                        users,
+                        organizationId}, callback, asyncState);
+        }
+        
+        /// <remarks/>
+        public void EndSaveRdsCollectionLocalAdmins(System.IAsyncResult asyncResult) {
+            this.EndInvoke(asyncResult);
+        }
+        
+        /// <remarks/>
+        public void SaveRdsCollectionLocalAdminsAsync(string[] users, string organizationId) {
+            this.SaveRdsCollectionLocalAdminsAsync(users, organizationId, null);
+        }
+        
+        /// <remarks/>
+        public void SaveRdsCollectionLocalAdminsAsync(string[] users, string organizationId, object userState) {
+            if ((this.SaveRdsCollectionLocalAdminsOperationCompleted == null)) {
+                this.SaveRdsCollectionLocalAdminsOperationCompleted = new System.Threading.SendOrPostCallback(this.OnSaveRdsCollectionLocalAdminsOperationCompleted);
+            }
+            this.InvokeAsync("SaveRdsCollectionLocalAdmins", new object[] {
+                        users,
+                        organizationId}, this.SaveRdsCollectionLocalAdminsOperationCompleted, userState);
+        }
+        
+        private void OnSaveRdsCollectionLocalAdminsOperationCompleted(object arg) {
+            if ((this.SaveRdsCollectionLocalAdminsCompleted != null)) {
+                System.Web.Services.Protocols.InvokeCompletedEventArgs invokeArgs = ((System.Web.Services.Protocols.InvokeCompletedEventArgs)(arg));
+                this.SaveRdsCollectionLocalAdminsCompleted(this, new System.ComponentModel.AsyncCompletedEventArgs(invokeArgs.Error, invokeArgs.Cancelled, invokeArgs.UserState));
+            }
+        }
+        
+        /// <remarks/>
+        [System.Web.Services.Protocols.SoapHeaderAttribute("ServiceProviderSettingsSoapHeaderValue")]
+        [System.Web.Services.Protocols.SoapDocumentMethodAttribute("http://smbsaas/websitepanel/server/GetRdsCollectionLocalAdmins", RequestNamespace="http://smbsaas/websitepanel/server/", ResponseNamespace="http://smbsaas/websitepanel/server/", Use=System.Web.Services.Description.SoapBindingUse.Literal, ParameterStyle=System.Web.Services.Protocols.SoapParameterStyle.Wrapped)]
+        public string[] GetRdsCollectionLocalAdmins(string organizationId) {
+            object[] results = this.Invoke("GetRdsCollectionLocalAdmins", new object[] {
+                        organizationId});
+            return ((string[])(results[0]));
+        }
+        
+        /// <remarks/>
+        public System.IAsyncResult BeginGetRdsCollectionLocalAdmins(string organizationId, System.AsyncCallback callback, object asyncState) {
+            return this.BeginInvoke("GetRdsCollectionLocalAdmins", new object[] {
+                        organizationId}, callback, asyncState);
+        }
+        
+        /// <remarks/>
+        public string[] EndGetRdsCollectionLocalAdmins(System.IAsyncResult asyncResult) {
+            object[] results = this.EndInvoke(asyncResult);
+            return ((string[])(results[0]));
+        }
+        
+        /// <remarks/>
+        public void GetRdsCollectionLocalAdminsAsync(string organizationId) {
+            this.GetRdsCollectionLocalAdminsAsync(organizationId, null);
+        }
+        
+        /// <remarks/>
+        public void GetRdsCollectionLocalAdminsAsync(string organizationId, object userState) {
+            if ((this.GetRdsCollectionLocalAdminsOperationCompleted == null)) {
+                this.GetRdsCollectionLocalAdminsOperationCompleted = new System.Threading.SendOrPostCallback(this.OnGetRdsCollectionLocalAdminsOperationCompleted);
+            }
+            this.InvokeAsync("GetRdsCollectionLocalAdmins", new object[] {
+                        organizationId}, this.GetRdsCollectionLocalAdminsOperationCompleted, userState);
+        }
+        
+        private void OnGetRdsCollectionLocalAdminsOperationCompleted(object arg) {
+            if ((this.GetRdsCollectionLocalAdminsCompleted != null)) {
+                System.Web.Services.Protocols.InvokeCompletedEventArgs invokeArgs = ((System.Web.Services.Protocols.InvokeCompletedEventArgs)(arg));
+                this.GetRdsCollectionLocalAdminsCompleted(this, new GetRdsCollectionLocalAdminsCompletedEventArgs(invokeArgs.Results, invokeArgs.Error, invokeArgs.Cancelled, invokeArgs.UserState));
+            }
+        }
+        
+        /// <remarks/>
+        [System.Web.Services.Protocols.SoapHeaderAttribute("ServiceProviderSettingsSoapHeaderValue")]
+        [System.Web.Services.Protocols.SoapDocumentMethodAttribute("http://smbsaas/websitepanel/server/MoveRdsServerToTenantOU", RequestNamespace="http://smbsaas/websitepanel/server/", ResponseNamespace="http://smbsaas/websitepanel/server/", Use=System.Web.Services.Description.SoapBindingUse.Literal, ParameterStyle=System.Web.Services.Protocols.SoapParameterStyle.Wrapped)]
+        public void MoveRdsServerToTenantOU(string hostName, string organizationId) {
+            this.Invoke("MoveRdsServerToTenantOU", new object[] {
+                        hostName,
+                        organizationId});
+        }
+        
+        /// <remarks/>
+        public System.IAsyncResult BeginMoveRdsServerToTenantOU(string hostName, string organizationId, System.AsyncCallback callback, object asyncState) {
+            return this.BeginInvoke("MoveRdsServerToTenantOU", new object[] {
+                        hostName,
+                        organizationId}, callback, asyncState);
+        }
+        
+        /// <remarks/>
+        public void EndMoveRdsServerToTenantOU(System.IAsyncResult asyncResult) {
+            this.EndInvoke(asyncResult);
+        }
+        
+        /// <remarks/>
+        public void MoveRdsServerToTenantOUAsync(string hostName, string organizationId) {
+            this.MoveRdsServerToTenantOUAsync(hostName, organizationId, null);
+        }
+        
+        /// <remarks/>
+        public void MoveRdsServerToTenantOUAsync(string hostName, string organizationId, object userState) {
+            if ((this.MoveRdsServerToTenantOUOperationCompleted == null)) {
+                this.MoveRdsServerToTenantOUOperationCompleted = new System.Threading.SendOrPostCallback(this.OnMoveRdsServerToTenantOUOperationCompleted);
+            }
+            this.InvokeAsync("MoveRdsServerToTenantOU", new object[] {
+                        hostName,
+                        organizationId}, this.MoveRdsServerToTenantOUOperationCompleted, userState);
+        }
+        
+        private void OnMoveRdsServerToTenantOUOperationCompleted(object arg) {
+            if ((this.MoveRdsServerToTenantOUCompleted != null)) {
+                System.Web.Services.Protocols.InvokeCompletedEventArgs invokeArgs = ((System.Web.Services.Protocols.InvokeCompletedEventArgs)(arg));
+                this.MoveRdsServerToTenantOUCompleted(this, new System.ComponentModel.AsyncCompletedEventArgs(invokeArgs.Error, invokeArgs.Cancelled, invokeArgs.UserState));
+            }
+        }
+        
+        /// <remarks/>
+        [System.Web.Services.Protocols.SoapHeaderAttribute("ServiceProviderSettingsSoapHeaderValue")]
+        [System.Web.Services.Protocols.SoapDocumentMethodAttribute("http://smbsaas/websitepanel/server/RemoveRdsServerFromTenantOU", RequestNamespace="http://smbsaas/websitepanel/server/", ResponseNamespace="http://smbsaas/websitepanel/server/", Use=System.Web.Services.Description.SoapBindingUse.Literal, ParameterStyle=System.Web.Services.Protocols.SoapParameterStyle.Wrapped)]
+        public void RemoveRdsServerFromTenantOU(string hostName, string organizationId) {
+            this.Invoke("RemoveRdsServerFromTenantOU", new object[] {
+                        hostName,
+                        organizationId});
+        }
+        
+        /// <remarks/>
+        public System.IAsyncResult BeginRemoveRdsServerFromTenantOU(string hostName, string organizationId, System.AsyncCallback callback, object asyncState) {
+            return this.BeginInvoke("RemoveRdsServerFromTenantOU", new object[] {
+                        hostName,
+                        organizationId}, callback, asyncState);
+        }
+        
+        /// <remarks/>
+        public void EndRemoveRdsServerFromTenantOU(System.IAsyncResult asyncResult) {
+            this.EndInvoke(asyncResult);
+        }
+        
+        /// <remarks/>
+        public void RemoveRdsServerFromTenantOUAsync(string hostName, string organizationId) {
+            this.RemoveRdsServerFromTenantOUAsync(hostName, organizationId, null);
+        }
+        
+        /// <remarks/>
+        public void RemoveRdsServerFromTenantOUAsync(string hostName, string organizationId, object userState) {
+            if ((this.RemoveRdsServerFromTenantOUOperationCompleted == null)) {
+                this.RemoveRdsServerFromTenantOUOperationCompleted = new System.Threading.SendOrPostCallback(this.OnRemoveRdsServerFromTenantOUOperationCompleted);
+            }
+            this.InvokeAsync("RemoveRdsServerFromTenantOU", new object[] {
+                        hostName,
+                        organizationId}, this.RemoveRdsServerFromTenantOUOperationCompleted, userState);
+        }
+        
+        private void OnRemoveRdsServerFromTenantOUOperationCompleted(object arg) {
+            if ((this.RemoveRdsServerFromTenantOUCompleted != null)) {
+                System.Web.Services.Protocols.InvokeCompletedEventArgs invokeArgs = ((System.Web.Services.Protocols.InvokeCompletedEventArgs)(arg));
+                this.RemoveRdsServerFromTenantOUCompleted(this, new System.ComponentModel.AsyncCompletedEventArgs(invokeArgs.Error, invokeArgs.Cancelled, invokeArgs.UserState));
+            }
+        }
+        
         /// <remarks/>
         public new void CancelAsync(object userState) {
             base.CancelAsync(userState);
@@ -2070,4 +2261,42 @@ namespace WebsitePanel.Providers.RemoteDesktopServices {
     /// <remarks/>
     [System.CodeDom.Compiler.GeneratedCodeAttribute("wsdl", "2.0.50727.3038")]
     public delegate void RestartRdsServerCompletedEventHandler(object sender, System.ComponentModel.AsyncCompletedEventArgs e);
+    
+    /// <remarks/>
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("wsdl", "2.0.50727.3038")]
+    public delegate void SaveRdsCollectionLocalAdminsCompletedEventHandler(object sender, System.ComponentModel.AsyncCompletedEventArgs e);
+    
+    /// <remarks/>
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("wsdl", "2.0.50727.3038")]
+    public delegate void GetRdsCollectionLocalAdminsCompletedEventHandler(object sender, GetRdsCollectionLocalAdminsCompletedEventArgs e);
+    
+    /// <remarks/>
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("wsdl", "2.0.50727.3038")]
+    [System.Diagnostics.DebuggerStepThroughAttribute()]
+    [System.ComponentModel.DesignerCategoryAttribute("code")]
+    public partial class GetRdsCollectionLocalAdminsCompletedEventArgs : System.ComponentModel.AsyncCompletedEventArgs {
+        
+        private object[] results;
+        
+        internal GetRdsCollectionLocalAdminsCompletedEventArgs(object[] results, System.Exception exception, bool cancelled, object userState) : 
+                base(exception, cancelled, userState) {
+            this.results = results;
+        }
+        
+        /// <remarks/>
+        public string[] Result {
+            get {
+                this.RaiseExceptionIfNecessary();
+                return ((string[])(this.results[0]));
+            }
+        }
+    }
+    
+    /// <remarks/>
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("wsdl", "2.0.50727.3038")]
+    public delegate void MoveRdsServerToTenantOUCompletedEventHandler(object sender, System.ComponentModel.AsyncCompletedEventArgs e);
+    
+    /// <remarks/>
+    [System.CodeDom.Compiler.GeneratedCodeAttribute("wsdl", "2.0.50727.3038")]
+    public delegate void RemoveRdsServerFromTenantOUCompletedEventHandler(object sender, System.ComponentModel.AsyncCompletedEventArgs e);
 }
diff --git a/WebsitePanel/Sources/WebsitePanel.Server/RemoteDesktopServices.asmx.cs b/WebsitePanel/Sources/WebsitePanel.Server/RemoteDesktopServices.asmx.cs
index 33a76548..32d6533d 100644
--- a/WebsitePanel/Sources/WebsitePanel.Server/RemoteDesktopServices.asmx.cs
+++ b/WebsitePanel/Sources/WebsitePanel.Server/RemoteDesktopServices.asmx.cs
@@ -563,5 +563,71 @@ namespace WebsitePanel.Server
                 throw;
             }
         }
+
+        [WebMethod, SoapHeader("settings")]
+        public void SaveRdsCollectionLocalAdmins(List<string> users, string organizationId)
+        {
+            try
+            {
+                Log.WriteStart("'{0}' SaveRdsCollectionLocalAdmins", ProviderSettings.ProviderName);
+                RDSProvider.SaveRdsCollectionLocalAdmins(users, organizationId);
+                Log.WriteEnd("'{0}' SaveRdsCollectionLocalAdmins", ProviderSettings.ProviderName);
+            }
+            catch (Exception ex)
+            {
+                Log.WriteError(String.Format("'{0}' SaveRdsCollectionLocalAdmins", ProviderSettings.ProviderName), ex);
+                throw;
+            }
+        }
+
+        [WebMethod, SoapHeader("settings")]
+        public List<string> GetRdsCollectionLocalAdmins(string organizationId)
+        {
+            try
+            {
+                Log.WriteStart("'{0}' GetRdsCollectionLocalAdmins", ProviderSettings.ProviderName);
+                var result = RDSProvider.GetRdsCollectionLocalAdmins(organizationId);
+                Log.WriteEnd("'{0}' GetRdsCollectionLocalAdmins", ProviderSettings.ProviderName);
+
+                return result;
+            }
+            catch (Exception ex)
+            {
+                Log.WriteError(String.Format("'{0}' GetRdsCollectionLocalAdmins", ProviderSettings.ProviderName), ex);
+                throw;
+            }
+        }
+
+        [WebMethod, SoapHeader("settings")]
+        public void MoveRdsServerToTenantOU(string hostName, string organizationId)
+        {
+            try
+            {
+                Log.WriteStart("'{0}' MoveRdsServerToTenantOU", ProviderSettings.ProviderName);
+                RDSProvider.MoveRdsServerToTenantOU(hostName, organizationId);
+                Log.WriteEnd("'{0}' MoveRdsServerToTenantOU", ProviderSettings.ProviderName);
+            }
+            catch (Exception ex)
+            {
+                Log.WriteError(String.Format("'{0}' MoveRdsServerToTenantOU", ProviderSettings.ProviderName), ex);
+                throw;
+            }
+        }
+
+        [WebMethod, SoapHeader("settings")]
+        public void RemoveRdsServerFromTenantOU(string hostName, string organizationId)
+        {
+            try
+            {
+                Log.WriteStart("'{0}' RemoveRdsServerFromTenantOU", ProviderSettings.ProviderName);
+                RDSProvider.RemoveRdsServerFromTenantOU(hostName, organizationId);
+                Log.WriteEnd("'{0}' RemoveRdsServerFromTenantOU", ProviderSettings.ProviderName);
+            }
+            catch (Exception ex)
+            {
+                Log.WriteError(String.Format("'{0}' RemoveRdsServerFromTenantOU", ProviderSettings.ProviderName), ex);
+                throw;
+            }
+        }
     }
 }
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/App_Data/ESModule_ControlsHierarchy.config b/WebsitePanel/Sources/WebsitePanel.WebPortal/App_Data/ESModule_ControlsHierarchy.config
index beadb444..f4e2aa27 100644
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/App_Data/ESModule_ControlsHierarchy.config
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/App_Data/ESModule_ControlsHierarchy.config
@@ -151,4 +151,5 @@
   <Control key="rds_edit_collection" general_key="rds_collections" />
   <Control key="rds_edit_collection_settings" general_key="rds_collections" />
   <Control key="rds_collection_user_sessions" general_key="rds_collections" />
+  <Control key="rds_collection_local_admins" general_key="rds_collections" />
 </Controls>
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/App_Data/WebsitePanel_Modules.config b/WebsitePanel/Sources/WebsitePanel.WebPortal/App_Data/WebsitePanel_Modules.config
index 80078941..b78fd5a1 100644
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/App_Data/WebsitePanel_Modules.config
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/App_Data/WebsitePanel_Modules.config
@@ -579,6 +579,7 @@
       <Control key="view_deleted_user" src="WebsitePanel/ExchangeServer/OrganizationDeletedUserGeneralSettings.ascx" title="OrganizationDeletedUserGeneralSettings" type="View" />
       <Control key="deleted_user_memberof" src="WebsitePanel/ExchangeServer/OrganizationDeletedUserMemberOf.ascx" title="DeletedUserMemberOf" type="View" />
       <Control key="rds_application_edit_users" src="WebsitePanel/RDS/RDSEditApplicationUsers.ascx" title="RDSEditApplicationUsers" type="View" />
+      <Control key="rds_collection_local_admins" src="WebsitePanel/RDS/RDSLocalAdmins.ascx" title="RDSLocalAdmins" type="View" />
       <Control key="rds_edit_collection" src="WebsitePanel/RDS/RDSEditCollection.ascx" title="RDSEditCollection" type="View" />
       <Control key="rds_edit_collection_settings" src="WebsitePanel/RDS/RDSEditCollectionSettings.ascx" title="RDSEditCollectionSettings" type="View" />
       <Control key="rds_collection_user_sessions" src="WebsitePanel/RDS/RDSUserSessions.ascx" title="RDSUserSessions" type="View" />
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/App_GlobalResources/WebsitePanel_SharedResources.ascx.resx b/WebsitePanel/Sources/WebsitePanel.WebPortal/App_GlobalResources/WebsitePanel_SharedResources.ascx.resx
index 92c1740b..2a64f5b2 100644
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/App_GlobalResources/WebsitePanel_SharedResources.ascx.resx
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/App_GlobalResources/WebsitePanel_SharedResources.ascx.resx
@@ -5644,6 +5644,9 @@
   <data name="ERROR.REMOTEAPPUSERS_NOT_UPDATED" xml:space="preserve">
     <value>Remote application users not updated</value>
   </data>
+  <data name="ERROR.RDSSERVER_NOT_ASSIGNED" xml:space="preserve">
+    <value>RDS server not assigned to organization</value>
+  </data>
   <data name="ERROR.REMOTE_DESKTOP_SERVICES_LOG_OFF_USER" xml:space="preserve">
     <value>RDS User logging off error</value>
   </data>
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/AddRDSServer.ascx.cs b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/AddRDSServer.ascx.cs
index aac45078..d311bed2 100644
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/AddRDSServer.ascx.cs
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/AddRDSServer.ascx.cs
@@ -68,9 +68,10 @@ namespace WebsitePanel.Portal.RDS
                 Response.Redirect(EditUrl("ItemID", PanelRequest.ItemID.ToString(), "rds_servers",
                                   "SpaceID=" + PanelSecurity.PackageId));
             }
-            catch { }
-
- 
+            catch (Exception ex)
+            {
+                ShowErrorMessage("RDSSERVER_NOT_ASSIGNED", ex);
+            }
         }
     }
 }
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/App_LocalResources/RDSCreateCollection.ascx.resx b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/App_LocalResources/RDSCreateCollection.ascx.resx
index 5d4c19af..b8804b10 100644
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/App_LocalResources/RDSCreateCollection.ascx.resx
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/App_LocalResources/RDSCreateCollection.ascx.resx
@@ -141,4 +141,13 @@
   <data name="gvRDSServers.Empty" xml:space="preserve">
     <value>No RDS Servers have been added yet. To add a new RDS Servers click "Add RDS Server" button.</value>
   </data>
+  <data name="lblPFXInstallPassword.Text" xml:space="preserve">
+    <value>Certificate Password</value>
+  </data>
+  <data name="lblSelectPfx.Text" xml:space="preserve">
+    <value>Select Certificate</value>
+  </data>
+  <data name="secSelectSertificate.Text" xml:space="preserve">
+    <value>Certificate</value>
+  </data>
 </root>
\ No newline at end of file
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/App_LocalResources/RDSLocalAdmins.ascx.resx b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/App_LocalResources/RDSLocalAdmins.ascx.resx
new file mode 100644
index 00000000..12d9530e
--- /dev/null
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/App_LocalResources/RDSLocalAdmins.ascx.resx
@@ -0,0 +1,123 @@
+<?xml version="1.0" encoding="utf-8"?>
+<root>
+  <!-- 
+    Microsoft ResX Schema 
+    
+    Version 2.0
+    
+    The primary goals of this format is to allow a simple XML format 
+    that is mostly human readable. The generation and parsing of the 
+    various data types are done through the TypeConverter classes 
+    associated with the data types.
+    
+    Example:
+    
+    ... ado.net/XML headers & schema ...
+    <resheader name="resmimetype">text/microsoft-resx</resheader>
+    <resheader name="version">2.0</resheader>
+    <resheader name="reader">System.Resources.ResXResourceReader, System.Windows.Forms, ...</resheader>
+    <resheader name="writer">System.Resources.ResXResourceWriter, System.Windows.Forms, ...</resheader>
+    <data name="Name1"><value>this is my long string</value><comment>this is a comment</comment></data>
+    <data name="Color1" type="System.Drawing.Color, System.Drawing">Blue</data>
+    <data name="Bitmap1" mimetype="application/x-microsoft.net.object.binary.base64">
+        <value>[base64 mime encoded serialized .NET Framework object]</value>
+    </data>
+    <data name="Icon1" type="System.Drawing.Icon, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64">
+        <value>[base64 mime encoded string representing a byte array form of the .NET Framework object]</value>
+        <comment>This is a comment</comment>
+    </data>
+                
+    There are any number of "resheader" rows that contain simple 
+    name/value pairs.
+    
+    Each data row contains a name, and value. The row also contains a 
+    type or mimetype. Type corresponds to a .NET class that support 
+    text/value conversion through the TypeConverter architecture. 
+    Classes that don't support this are serialized and stored with the 
+    mimetype set.
+    
+    The mimetype is used for serialized objects, and tells the 
+    ResXResourceReader how to depersist the object. This is currently not 
+    extensible. For a given mimetype the value must be set accordingly:
+    
+    Note - application/x-microsoft.net.object.binary.base64 is the format 
+    that the ResXResourceWriter will generate, however the reader can 
+    read any of the formats listed below.
+    
+    mimetype: application/x-microsoft.net.object.binary.base64
+    value   : The object must be serialized with 
+            : System.Runtime.Serialization.Formatters.Binary.BinaryFormatter
+            : and then encoded with base64 encoding.
+    
+    mimetype: application/x-microsoft.net.object.soap.base64
+    value   : The object must be serialized with 
+            : System.Runtime.Serialization.Formatters.Soap.SoapFormatter
+            : and then encoded with base64 encoding.
+
+    mimetype: application/x-microsoft.net.object.bytearray.base64
+    value   : The object must be serialized into a byte array 
+            : using a System.ComponentModel.TypeConverter
+            : and then encoded with base64 encoding.
+    -->
+  <xsd:schema id="root" xmlns="" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:msdata="urn:schemas-microsoft-com:xml-msdata">
+    <xsd:import namespace="http://www.w3.org/XML/1998/namespace" />
+    <xsd:element name="root" msdata:IsDataSet="true">
+      <xsd:complexType>
+        <xsd:choice maxOccurs="unbounded">
+          <xsd:element name="metadata">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" />
+              </xsd:sequence>
+              <xsd:attribute name="name" use="required" type="xsd:string" />
+              <xsd:attribute name="type" type="xsd:string" />
+              <xsd:attribute name="mimetype" type="xsd:string" />
+              <xsd:attribute ref="xml:space" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="assembly">
+            <xsd:complexType>
+              <xsd:attribute name="alias" type="xsd:string" />
+              <xsd:attribute name="name" type="xsd:string" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="data">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
+                <xsd:element name="comment" type="xsd:string" minOccurs="0" msdata:Ordinal="2" />
+              </xsd:sequence>
+              <xsd:attribute name="name" type="xsd:string" use="required" msdata:Ordinal="1" />
+              <xsd:attribute name="type" type="xsd:string" msdata:Ordinal="3" />
+              <xsd:attribute name="mimetype" type="xsd:string" msdata:Ordinal="4" />
+              <xsd:attribute ref="xml:space" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="resheader">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
+              </xsd:sequence>
+              <xsd:attribute name="name" type="xsd:string" use="required" />
+            </xsd:complexType>
+          </xsd:element>
+        </xsd:choice>
+      </xsd:complexType>
+    </xsd:element>
+  </xsd:schema>
+  <resheader name="resmimetype">
+    <value>text/microsoft-resx</value>
+  </resheader>
+  <resheader name="version">
+    <value>2.0</value>
+  </resheader>
+  <resheader name="reader">
+    <value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
+  </resheader>
+  <resheader name="writer">
+    <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
+  </resheader>
+  <data name="secRdsLocalAdmins" xml:space="preserve">
+    <value>Local Administrators</value>
+  </data>
+</root>
\ No newline at end of file
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/AssignedRDSServers.ascx.cs b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/AssignedRDSServers.ascx.cs
index 7a233b24..8aeba976 100644
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/AssignedRDSServers.ascx.cs
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/AssignedRDSServers.ascx.cs
@@ -99,7 +99,7 @@ namespace WebsitePanel.Portal.RDS
 
         private void DeleteItem(int rdsServerId)
         {
-            ResultObject result = ES.Services.RDS.RemoveRdsServerFromOrganization(rdsServerId);
+            ResultObject result = ES.Services.RDS.RemoveRdsServerFromOrganization(PanelRequest.ItemID, rdsServerId);
 
             if (!result.IsSuccess)
             {
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/RDSCreateCollection.ascx b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/RDSCreateCollection.ascx
index 68a18696..e73c543a 100644
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/RDSCreateCollection.ascx
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/RDSCreateCollection.ascx
@@ -2,6 +2,7 @@
 <%@ Register Src="../UserControls/SimpleMessageBox.ascx" TagName="SimpleMessageBox" TagPrefix="wsp" %>
 <%@ Register Src="../UserControls/EnableAsyncTasksSupport.ascx" TagName="EnableAsyncTasksSupport" TagPrefix="wsp" %>
 <%@ Register Src="UserControls/RDSCollectionServers.ascx" TagName="CollectionServers" TagPrefix="wsp"%>
+<%@ Register TagPrefix="wsp" TagName="CollapsiblePanel" Src="../UserControls/CollapsiblePanel.ascx" %>
 <script type="text/javascript" src="/JavaScript/jquery.min.js?v=1.4.4"></script>
 
 <wsp:EnableAsyncTasksSupport id="asyncTasks" runat="server"/>
@@ -25,10 +26,30 @@
 						    <td>
                                 <asp:TextBox ID="txtCollectionName" runat="server" CssClass="TextBox300" />
                                 <asp:RequiredFieldValidator ID="valCollectionName" runat="server" ErrorMessage="*" ControlToValidate="txtCollectionName" ValidationGroup="SaveRDSCollection"></asp:RequiredFieldValidator>
-						    </td>
-					    </tr>
+						    </td>                            
+					    </tr>                        
 					</table> 
 
+                    <%--<wsp:CollapsiblePanel id="secSelectSertificate" runat="server"
+                        TargetControlID="panelSelectSertificate" meta:resourcekey="secSelectSertificate" Text="">
+                    </wsp:CollapsiblePanel>		
+                    
+                    <asp:Panel runat="server" ID="panelSelectSertificate">                                                
+                        <div style="padding: 10px;">
+                            <div class="FormBody">
+                                <div class="FormField">
+                                    <asp:FileUpload ID="upPFX" runat="server"/>
+                                </div>
+                                <div class="FormFieldDescription">
+                                    <asp:Localize runat="server" meta:resourcekey="lblPFXInstallPassword" />
+                                </div>
+                                <div class="FormField">
+                                    <asp:TextBox ID="txtPFXInstallPassword" runat="server" TextMode="Password" CssClass="NormalTextBox" />
+                                </div>
+                            </div>
+                        </div>                            
+                    </asp:Panel> --%>                  
+
                     <fieldset id="RDSServersPanel" runat="server">
                         <legend><asp:Localize ID="locRDSServersSection" runat="server" meta:resourcekey="locRDSServersSection" Text="RDS Servers"></asp:Localize></legend>
                         <div style="padding: 10px;">
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/RDSLocalAdmins.ascx.cs b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/RDSLocalAdmins.ascx.cs
new file mode 100644
index 00000000..6125bc19
--- /dev/null
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/RDSLocalAdmins.ascx.cs
@@ -0,0 +1,63 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Web;
+using System.Web.UI;
+using System.Web.UI.WebControls;
+
+namespace WebsitePanel.Portal.RDS
+{
+    public partial class RdsLocalAdmins : WebsitePanelModuleBase
+    {
+        protected void Page_Load(object sender, EventArgs e)
+        {
+            if (!IsPostBack)
+            {
+                var organizationUsers = ES.Services.Organizations.GetOrganizationUsersPaged(PanelRequest.ItemID, null, null, null, 0, Int32.MaxValue).PageUsers;
+                var collectionLocalAdmins = ES.Services.RDS.GetRdsCollectionLocalAdmins(PanelRequest.ItemID);
+                var collection = ES.Services.RDS.GetRdsCollection(PanelRequest.CollectionID);
+
+                litCollectionName.Text = collection.DisplayName;
+                users.SetUsers(collectionLocalAdmins);
+            }
+        }
+
+        private bool SaveLocalAdmins()
+        {
+            try
+            {
+                ES.Services.RDS.SaveRdsCollectionLocalAdmins(users.GetUsers(), PanelRequest.ItemID);
+            }
+            catch (Exception ex)
+            {
+                messageBox.ShowErrorMessage(ex.Message);
+                return false;
+            }
+
+            return true;
+        }
+
+        protected void btnSave_Click(object sender, EventArgs e)
+        {
+            if (!Page.IsValid)
+            {
+                return;
+            }
+
+            SaveLocalAdmins();
+        }
+
+        protected void btnSaveExit_Click(object sender, EventArgs e)
+        {
+            if (!Page.IsValid)
+            {
+                return;
+            }
+
+            if (SaveLocalAdmins())
+            {
+                Response.Redirect(EditUrl("ItemID", PanelRequest.ItemID.ToString(), "rds_collections", "SpaceID=" + PanelSecurity.PackageId));
+            }
+        }
+    }
+}
\ No newline at end of file
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/RDSLocalAdmins.ascx.designer.cs b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/RDSLocalAdmins.ascx.designer.cs
new file mode 100644
index 00000000..f9e420c9
--- /dev/null
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/RDSLocalAdmins.ascx.designer.cs
@@ -0,0 +1,105 @@
+//------------------------------------------------------------------------------
+// <auto-generated>
+//     This code was generated by a tool.
+//
+//     Changes to this file may cause incorrect behavior and will be lost if
+//     the code is regenerated. 
+// </auto-generated>
+//------------------------------------------------------------------------------
+
+namespace WebsitePanel.Portal.RDS {
+    
+    
+    public partial class RdsLocalAdmins {
+        
+        /// <summary>
+        /// asyncTasks control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::WebsitePanel.Portal.EnableAsyncTasksSupport asyncTasks;
+        
+        /// <summary>
+        /// imgEditRDSCollection control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.Image imgEditRDSCollection;
+        
+        /// <summary>
+        /// locTitle control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.Localize locTitle;
+        
+        /// <summary>
+        /// litCollectionName control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.Literal litCollectionName;
+        
+        /// <summary>
+        /// messageBox control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::WebsitePanel.Portal.UserControls.SimpleMessageBox messageBox;
+        
+        /// <summary>
+        /// tabs control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::WebsitePanel.Portal.RDS.UserControls.RdsServerTabs tabs;
+        
+        /// <summary>
+        /// secRdsLocalAdmins control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::WebsitePanel.Portal.CollapsiblePanel secRdsLocalAdmins;
+        
+        /// <summary>
+        /// panelRdsLocalAdmins control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::System.Web.UI.WebControls.Panel panelRdsLocalAdmins;
+        
+        /// <summary>
+        /// users control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::WebsitePanel.Portal.RDS.UserControls.RDSCollectionUsers users;
+        
+        /// <summary>
+        /// buttonPanel control.
+        /// </summary>
+        /// <remarks>
+        /// Auto-generated field.
+        /// To modify move field declaration from designer file to code-behind file.
+        /// </remarks>
+        protected global::WebsitePanel.Portal.ItemButtonPanel buttonPanel;
+    }
+}
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/RdsLocalAdmins.ascx b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/RdsLocalAdmins.ascx
new file mode 100644
index 00000000..d171b517
--- /dev/null
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/RdsLocalAdmins.ascx
@@ -0,0 +1,45 @@
+<%@ Control Language="C#" AutoEventWireup="true" CodeBehind="RDSLocalAdmins.ascx.cs" Inherits="WebsitePanel.Portal.RDS.RdsLocalAdmins" %>
+<%@ Register Src="../UserControls/SimpleMessageBox.ascx" TagName="SimpleMessageBox" TagPrefix="wsp" %>
+<%@ Register Src="../UserControls/EnableAsyncTasksSupport.ascx" TagName="EnableAsyncTasksSupport" TagPrefix="wsp" %>
+<%@ Register Src="UserControls/RDSCollectionTabs.ascx" TagName="CollectionTabs" TagPrefix="wsp" %>
+<%@ Register TagPrefix="wsp" TagName="CollapsiblePanel" Src="../UserControls/CollapsiblePanel.ascx" %>
+<%@ Register Src="../UserControls/ItemButtonPanel.ascx" TagName="ItemButtonPanel" TagPrefix="wsp" %>
+<%@ Register Src="UserControls/RDSCollectionUsers.ascx" TagName="CollectionUsers" TagPrefix="wsp"%>
+<script type="text/javascript" src="/JavaScript/jquery.min.js?v=1.4.4"></script>
+
+<wsp:EnableAsyncTasksSupport id="asyncTasks" runat="server"/>
+
+<div id="ExchangeContainer">
+	<div class="Module">
+		<div class="Left">
+		</div>
+		<div class="Content">
+			<div class="Center">
+				<div class="Title">
+					<asp:Image ID="imgEditRDSCollection" SkinID="EnterpriseStorageSpace48" runat="server" />
+					<asp:Localize ID="locTitle" runat="server" meta:resourcekey="locTitle" Text="Edit RDS Collection"></asp:Localize>
+                    -
+					<asp:Literal ID="litCollectionName" runat="server" Text="" />
+				</div>
+				<div class="FormContentRDS">
+				    <wsp:SimpleMessageBox id="messageBox" runat="server" />
+                    <wsp:CollectionTabs id="tabs" runat="server" SelectedTab="rds_collection_local_admins" />
+                    					
+                    <wsp:CollapsiblePanel id="secRdsLocalAdmins" runat="server"
+                        TargetControlID="panelRdsLocalAdmins" meta:resourcekey="secRdsLocalAdmins" Text="">
+                    </wsp:CollapsiblePanel>		
+                    
+                    <asp:Panel runat="server" ID="panelRdsLocalAdmins">                                                
+                        <div style="padding: 10px;">
+                            <wsp:CollectionUsers id="users" runat="server" />
+                        </div>                            
+                    </asp:Panel>
+                    <div class="FormFooterClean">
+                        <wsp:ItemButtonPanel id="buttonPanel" runat="server" ValidationGroup="SaveRDSCollection" 
+                            OnSaveClick="btnSave_Click" OnSaveExitClick="btnSaveExit_Click" />
+			        </div>
+				</div>
+			</div>
+		</div>
+	</div>
+</div>
\ No newline at end of file
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/UserControls/App_LocalResources/RDSCollectionTabs.ascx.resx b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/UserControls/App_LocalResources/RDSCollectionTabs.ascx.resx
index afb4730a..9f6daa9d 100644
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/UserControls/App_LocalResources/RDSCollectionTabs.ascx.resx
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/UserControls/App_LocalResources/RDSCollectionTabs.ascx.resx
@@ -132,4 +132,7 @@
   <data name="Tab.UserSessions" xml:space="preserve">
     <value>User Sessions</value>
   </data>
+  <data name="Tab.LocalAdmins" xml:space="preserve">
+    <value>Local Administrators</value>
+  </data>
 </root>
\ No newline at end of file
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/UserControls/RDSCollectionTabs.ascx.cs b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/UserControls/RDSCollectionTabs.ascx.cs
index 00fab605..8336747f 100644
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/UserControls/RDSCollectionTabs.ascx.cs
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/RDS/UserControls/RDSCollectionTabs.ascx.cs
@@ -25,6 +25,7 @@ namespace WebsitePanel.Portal.RDS.UserControls
             tabsList.Add(CreateTab("rds_collection_edit_apps", "Tab.RdsApplications"));
             tabsList.Add(CreateTab("rds_collection_edit_users", "Tab.RdsUsers"));
             tabsList.Add(CreateTab("rds_collection_user_sessions", "Tab.UserSessions"));
+            tabsList.Add(CreateTab("rds_collection_local_admins", "Tab.LocalAdmins"));
             
             int idx = 0;
 
diff --git a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/WebsitePanel.Portal.Modules.csproj b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/WebsitePanel.Portal.Modules.csproj
index 046875ad..459ea738 100644
--- a/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/WebsitePanel.Portal.Modules.csproj
+++ b/WebsitePanel/Sources/WebsitePanel.WebPortal/DesktopModules/WebsitePanel/WebsitePanel.Portal.Modules.csproj
@@ -330,6 +330,13 @@
     <Compile Include="RDS\RDSCollections.ascx.designer.cs">
       <DependentUpon>RDSCollections.ascx</DependentUpon>
     </Compile>
+    <Compile Include="RDS\RDSLocalAdmins.ascx.cs">
+      <DependentUpon>RDSLocalAdmins.ascx</DependentUpon>
+      <SubType>ASPXCodeBehind</SubType>
+    </Compile>
+    <Compile Include="RDS\RDSLocalAdmins.ascx.designer.cs">
+      <DependentUpon>RDSLocalAdmins.ascx</DependentUpon>
+    </Compile>
     <Compile Include="RDS\RDSUserSessions.ascx.cs">
       <DependentUpon>RDSUserSessions.ascx</DependentUpon>
       <SubType>ASPXCodeBehind</SubType>
@@ -4372,6 +4379,7 @@
     <Content Include="RDS\RDSEditCollectionUsers.ascx" />
     <Content Include="RDS\RDSCreateCollection.ascx" />
     <Content Include="RDS\RDSCollections.ascx" />
+    <Content Include="RDS\RDSLocalAdmins.ascx" />
     <Content Include="RDS\RDSUserSessions.ascx" />
     <Content Include="RDS\UserControls\RDSCollectionApps.ascx" />
     <Content Include="RDS\UserControls\RDSCollectionServers.ascx" />
@@ -4395,6 +4403,7 @@
       <SubType>Designer</SubType>
     </Content>
     <Content Include="RDS\App_LocalResources\RDSUserSessions.ascx.resx" />
+    <Content Include="RDS\App_LocalResources\RDSLocalAdmins.ascx.resx" />
     <EmbeddedResource Include="ScheduleTaskControls\App_LocalResources\DomainLookupView.ascx.resx">
       <Generator>ResXFileCodeGenerator</Generator>
       <LastGenOutput>DomainLookupView.ascx.Designer.cs</LastGenOutput>