Solved

The relationship between Remote Desktop Services (rolls) and Windows SBS 2011

Posted on 2011-09-02
2
808 Views
Last Modified: 2012-06-22
Hi All

Connecting to Windows SBS 2011 using IP address rather than FQDN.

Yes I can connect using “htpps://remote.domain-name.com/remote” in IE and with the Certificate package downloaded from the server and installed on the remote computer.

I can also connect by using “https://IPx.xxx.xxx.xxx/remote” but it will allow me to only go so far.   If I try to connect to the “Server” I eventually get “Your Computer can’t connect to the remote computer because the Remote Desktop Gateway server address requested and the certificate subject name do not Match”.

In my reading I came across lots of references to Remote Desktop Gateway and Terminal Server Gateway and that RD Gateway has replaced TS Gateway.

My question are   (Very simply put):

1 Is it still possible to connect to SBS 2011 using https://Ipx.xxx.xxx.xxx/remote the IP Address format.  It is very convenient.

2 I thought that TS Gateway involved setting up a “TS Session Host Server” and a separate Domain Controller would them control the connections from the external devices to it, maybe through a RD (TS) Gateway on the domain controller server.

3 In my reading I got the impression that the Roll of “Remote Desktop Services” on a Windows SBS 2011 server had relevance.  The question is, should one activate the “Remote Desktop Web Access” roll service, for example, on a SBS 2011 server. If so, is there any documentation addressing what roll services should be activated specifically regarding SBS 2011, please.

As you can see I am a bit confused, sorry about that.

Regards, Heber Mac Guinness


0
Comment
Question by:Heber_Mac_Guinness
2 Comments
 
LVL 56

Accepted Solution

by:
Cliff Galiher earned 250 total points
Comment Utility
1) no, it is not. This is a restriction of the RD gateway technology that SBS relies on. If you stood up a standalone RDgateway or RSgateway in an enterprise network, it'd have the same restriction, do this is NOT unique to SVS.

2) RSgateway (now RDgateway) provides a means to tunnel RDP traffic without mapping individual ports. It is most commonly used to tunnel to multiple session host servers in enterprise deployments, but is increasingly common to see it used for remote VDI as well. For SBS, it is preconfigured and used to tunnel RDP traffic to end-user desktops via RWA. but regardless, the purpose of the role is the same...tunnel RDP.

3) in short, do not enable ANY RD roles on SBS. SBS preconfigured what it needs duringinitial install and via subsequent console wizards. Changing *any* RD roles breaks IIS and RWA.

-Cliff
0
 

Author Comment

by:Heber_Mac_Guinness
Comment Utility
Hi cqaliher

Thank you, for your reply.

As you may have gathered I an not really beyond the SBS scenario so your answers to 1 and 3 “no, it is not” and “do not enable any RD roles” are exactly what I needed.

Regarding question 2 I understand where you are coming from.

Again thanks for your reply.

Regards Heber
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

The SBS 2011 release date (RTM) is supposed to be around Christmas, 2011.  This article is a compilation of my notes -- things I have learned first hand.  The items are in a rather random order, but I think this list covers most of what is new and d…
I've often see, or have been asked, the question about the difference between the Exchange 2010 SP1 version, available as part of Small Business Server (SBS) 2011, and the “normal” Exchange 2010 SP1 Standard. The answer to the question is relativ…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now