Solved

The relationship between Remote Desktop Services (rolls) and Windows SBS 2011

Posted on 2011-09-02
2
810 Views
Last Modified: 2012-06-22
Hi All

Connecting to Windows SBS 2011 using IP address rather than FQDN.

Yes I can connect using “htpps://remote.domain-name.com/remote” in IE and with the Certificate package downloaded from the server and installed on the remote computer.

I can also connect by using “https://IPx.xxx.xxx.xxx/remote” but it will allow me to only go so far.   If I try to connect to the “Server” I eventually get “Your Computer can’t connect to the remote computer because the Remote Desktop Gateway server address requested and the certificate subject name do not Match”.

In my reading I came across lots of references to Remote Desktop Gateway and Terminal Server Gateway and that RD Gateway has replaced TS Gateway.

My question are   (Very simply put):

1 Is it still possible to connect to SBS 2011 using https://Ipx.xxx.xxx.xxx/remote the IP Address format.  It is very convenient.

2 I thought that TS Gateway involved setting up a “TS Session Host Server” and a separate Domain Controller would them control the connections from the external devices to it, maybe through a RD (TS) Gateway on the domain controller server.

3 In my reading I got the impression that the Roll of “Remote Desktop Services” on a Windows SBS 2011 server had relevance.  The question is, should one activate the “Remote Desktop Web Access” roll service, for example, on a SBS 2011 server. If so, is there any documentation addressing what roll services should be activated specifically regarding SBS 2011, please.

As you can see I am a bit confused, sorry about that.

Regards, Heber Mac Guinness


0
Comment
Question by:Heber_Mac_Guinness
2 Comments
 
LVL 57

Accepted Solution

by:
Cliff Galiher earned 250 total points
ID: 36476021
1) no, it is not. This is a restriction of the RD gateway technology that SBS relies on. If you stood up a standalone RDgateway or RSgateway in an enterprise network, it'd have the same restriction, do this is NOT unique to SVS.

2) RSgateway (now RDgateway) provides a means to tunnel RDP traffic without mapping individual ports. It is most commonly used to tunnel to multiple session host servers in enterprise deployments, but is increasingly common to see it used for remote VDI as well. For SBS, it is preconfigured and used to tunnel RDP traffic to end-user desktops via RWA. but regardless, the purpose of the role is the same...tunnel RDP.

3) in short, do not enable ANY RD roles on SBS. SBS preconfigured what it needs duringinitial install and via subsequent console wizards. Changing *any* RD roles breaks IIS and RWA.

-Cliff
0
 

Author Comment

by:Heber_Mac_Guinness
ID: 36477565
Hi cqaliher

Thank you, for your reply.

As you may have gathered I an not really beyond the SBS scenario so your answers to 1 and 3 “no, it is not” and “do not enable any RD roles” are exactly what I needed.

Regarding question 2 I understand where you are coming from.

Again thanks for your reply.

Regards Heber
0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've often see, or have been asked, the question about the difference between the Exchange 2010 SP1 version, available as part of Small Business Server (SBS) 2011, and the “normal” Exchange 2010 SP1 Standard. The answer to the question is relativ…
You may have discovered the 'Compatibility View Settings' workaround for making your SBS 2008 Remote Web Workplace 'connect to a computer' section stops 'working around' after a Windows 10 client upgrade.  That can be fixed so it 'works around' agai…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question