Route RDP connections based on username

We have 7 RDP servers named server1, server2, etc.
Users can connect to only one of the seven servers because their data is only stored on that server. It happens sometime that we move a user to another server and that they need to adjust their connection settings.

We don't want our users to connect to a specific server but instead let them connect to a sort of gateway server that redirects them to the right server based on their username.

Is this possible? And if yes: what do we need?

Who is Participating?
reredokConnect With a Mentor IT ConsultantCommented:

windows 2008/Windows 2008 R2 Terminal Services Gateway:

1.) Install Terminalserver Terminalservergateway/Remotedesktopgateway (Role)

2.) use a self certificate for testing

3.) Create a Terminal Services Connection Authorization Policies (TS CAPs). You use TS CAPs to specify users and computers that are able to make connections to the TS
Gateway server

4.) Create aTerminal Services Resource Authorization Policies (TS RAPs). A TS CAP specifies which users can connect to the TS Gateway server. A TS RAP specifies
the network resources that users can connect to through TS Gateway. You specify network
resources through an Active Directory security group.

5.) Edit the rdp-Connection or RDP File to use TerminalserverGateway

You need 2 Group of Terminalserver

User1...User10 -> Terminalserver1
User11...User20 -> Terminalserver2

It works great!

Aaron TomoskySD-WAN SimplifiedCommented:
Not in my realm of expertise but couldn't you setup dfs so all users could use any server?
mvanrooijAuthor Commented:
No, I don't want all the data on all of our servers.
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

Is there any reason why you're not using terminal services profiles, instead of storing user data on your servers?
mvanrooijAuthor Commented:
Yes, we have enough reasons for not using roaming profiles.
reredokIT ConsultantCommented:
use terminalserver gateway and set the ad-group in policy (it's an connection policy) which user can connect server. this works also with sessionbroker
mvanrooijAuthor Commented:
Would you please explain this a little more?
mvanrooijAuthor Commented:
Thank you, but unfortunately the Mac version of remote desktop doesn't support ts gateway.
I guess we'll have to wait until ms brings out a new version.
mvanrooijAuthor Commented:
Mac remote desktop won't support this solution.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.