• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1006
  • Last Modified:

Does Remote Apps in RDS require a Domain

I have set up a server 2008R2 with 5 licenses for RDS.
The application runs fine inside the network, but can not execute the app from outside the network.
The application is quickbooks enterprise 2011.
When outside the network, I can hit the webapp access page, and when I click on the app I get prompted for credentials but, every time i enter the credentials it just prompts me for credentials over and over again. Inside the network, it prompts and connects.

The server is in a workgroup since they do not have or need a domain, however if RDS requires a domain I can change that. I have not see anything indicating a domain is required.
0
ultreya
Asked:
ultreya
  • 5
  • 5
1 Solution
 
oneitnzCommented:
Are you using the same computer from internal and external?
0
 
ultreyaAuthor Commented:
Yes
Single server since they do not have or have needed a domain.
0
 
oneitnzCommented:
Sorry I meant are you connecting from the same Client Machine I understand you only have 1 Server.

What I was thinking was it was to do with the user logged into the client machine, and if your using two different client machines one is fine the other is not then this is probably a different situation.
0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 
ultreyaAuthor Commented:
I have tried multiple stations (clients). internally they work with no errors.
Externally they open the page for web apps and configuration, but when you click on the app icon, nothing happens.

I went ahead and created a domain for the server with no change.

I did read off MS site about RDgateway pointing back to the EXTERNAL DNS name. Problem there is this company does not have an external FQDN only static IP.

I created the GPO as per MS and modified accordingly but still no change...

0
 
oneitnzCommented:
Hi Ultreya

It sounds like perhaps you have a misconfiguration in your RDGateway Server.
You would need to have the RDGateway setup to point to an External Name perhaps IP, not sure if that works.
Something you could do is signup for a free domain name and point it to your Static IP. (DynDns Perhaps)

What you need to do is ignore the Web Interface for a minute and try to perform a Standard RDP Connection using the Remote Desktop Client and in the Advanced Tab, Click Settings under Connect from Anywhere, Then fill in the External Static IP or DNS Name of the Server then on the General Tab, enter the Internal IP or Name of the Remote App Server.

In your Remote App Settings you'll need to change the RDGateway address to this External IP or DNS Name.

Regards
Brett Smith
One IT
www.oneit.co.nz
0
 
ultreyaAuthor Commented:
Ok. After spending lots of money and countless hours with Microsoft support (Ha),
I have found that my issue may indeed be due to the SSL.

Server name is Server
Domain is Domain.local   (making the name Server.Domain.Local)
URL FQDN is ts.outside.ws
The SSL is for    ts.outside.ws (as per Microsoft Support)
The path is https://ts.outside.ws

Correct me if I am wrong but the SSL here is not correct??

What does the SSL need to be, and how do I resolve this, since Microsoft Support cannot??
0
 
oneitnzCommented:
Hi Ultreya
Did you follow through my steps of ignoring the RDWeb page altogether and just trying to configure the Remote Desktop Client manually.
If you do, don't put https:// in front of the Gateway Server, here is a screenshot to show you what I mean.
 RD Gateway RD Client Settings
0
 
ultreyaAuthor Commented:
Have tried with no success.
Somehow the authentication is not working from outside the network.
I remember reading that a wildcard SSL will not work correctly with terminal server (2008R2). I cannot find that info now so I have nothing to go off of.

I have gone over MS gateway site so much I can almost recite it. But I still cannot authenticate.

Any Ideas?

The URL = ts.company.ws
Server = Server.group.local
I have a wildcard SSL for ts.company.ws that has a SAN (Subject Alternative Name) of Server.Group.local
What am I missing?

0
 
oneitnzCommented:
If you want I could take a look for you, you can contact me through the Hire Me on my page, if I can't fix it I won't charge.

I think you've got some configuration issue on your servers that we could be chasing our tails for hours, I think you just need a fresh pair of eyes to look over your setup.

Regards
Brett.
0
 
ultreyaAuthor Commented:
Very Professional, very patient, and accurate. You have a great service and would recommend you to anyone having server issues. Thank you for the fix and the pointers.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

  • 5
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now