Solved

Route RDP connections based on username

Posted on 2011-03-25
9
792 Views
Last Modified: 2013-11-21
We have 7 RDP servers named server1, server2, etc.
Users can connect to only one of the seven servers because their data is only stored on that server. It happens sometime that we move a user to another server and that they need to adjust their connection settings.

We don't want our users to connect to a specific server but instead let them connect to a sort of gateway server that redirects them to the right server based on their username.

Is this possible? And if yes: what do we need?

0
Comment
Question by:mvanrooij
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 35217839
Not in my realm of expertise but couldn't you setup dfs so all users could use any server?
0
 
LVL 1

Author Comment

by:mvanrooij
ID: 35217866
No, I don't want all the data on all of our servers.
0
 
LVL 11

Expert Comment

by:yelbaglf
ID: 35219566
Is there any reason why you're not using terminal services profiles, instead of storing user data on your servers?
0
Don't Cry: How Liquid Web is Ensuring Security

WannaCry is just the start. Read how Liquid Web is protecting itself and its customers against new threats.

 
LVL 1

Author Comment

by:mvanrooij
ID: 35219632
Yes, we have enough reasons for not using roaming profiles.
0
 
LVL 4

Expert Comment

by:reredok
ID: 35221648
use terminalserver gateway and set the ad-group in policy (it's an connection policy) which user can connect server. this works also with sessionbroker
0
 
LVL 1

Author Comment

by:mvanrooij
ID: 35223664
Would you please explain this a little more?
0
 
LVL 4

Accepted Solution

by:
reredok earned 500 total points
ID: 35224928
http://technet.microsoft.com/en-us/library/cc731264(WS.10).aspx

windows 2008/Windows 2008 R2 Terminal Services Gateway:

1.) Install Terminalserver Terminalservergateway/Remotedesktopgateway (Role)

2.) use a self certificate for testing

3.) Create a Terminal Services Connection Authorization Policies (TS CAPs). You use TS CAPs to specify users and computers that are able to make connections to the TS
Gateway server

4.) Create aTerminal Services Resource Authorization Policies (TS RAPs). A TS CAP specifies which users can connect to the TS Gateway server. A TS RAP specifies
the network resources that users can connect to through TS Gateway. You specify network
resources through an Active Directory security group.

5.) Edit the rdp-Connection or RDP File to use TerminalserverGateway


You need 2 Group of Terminalserver

User1...User10 -> Terminalserver1
User11...User20 -> Terminalserver2

It works great!


0
 
LVL 1

Author Comment

by:mvanrooij
ID: 35226405
Thank you, but unfortunately the Mac version of remote desktop doesn't support ts gateway.
I guess we'll have to wait until ms brings out a new version.
0
 
LVL 1

Author Closing Comment

by:mvanrooij
ID: 35226409
Mac remote desktop won't support this solution.
0

Featured Post

Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question