Simple Remote Desktop Services Installation

Hi Experts,

I need to setup a simple remote desktop services system.  There is one piece of hardware that the RDS software will reside.  The OS is Windows 2008 R2 Standard Edition.

Basically I have one application that I need to make available via "Web Access".   Users will not be using the "Remote Desktop Connection" or running any virtual desktops.  One published app via web access only.

From what I can tell the only "roles" I need are the "Session Host" and "Desktop Web Access".  I should be able to use a public IP pointed to the internal site for use outside our firewall.

I did get the Gateway working but that just connects me to a terminal session.   Again, users will not be using terminal sessions - only a published app (via web access).  Can I remove the gateway - is it needed for my requirements?

I do have the application published and it works (inside the firewall) - am I on the right track?

Thanks!  Ed
iteched1Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

kevinhsiehCommented:
You need the RD Gateway for external clients to be able to access the RD Session host over TCP 443. If you do not use RD Gateway, you need to open up the RD Session host to the Internet on TCP 3389, which is considered a security risk, especially given the current RDS exploit that Microsoft just patched in March.

I know that you only need RemoteApp access, but I don't believe that you can prevent someone from connecting to a full desktop on the session host if they manually connect.
0
iteched1Author Commented:
This is what I've done so far:

Installed Remote Desktop Session Host Role.
Installed Remote Desktop Licensing Role.

This was all the Microsoft roles needed so far...

Installed "2X" Client Gateway, Publishing Agent, and Terminal Server Agent.

Configured the server's firewall for "2X".
Configured the border firewall for outside accesss.

Published the app in "2X".

So far this is doing exactly what I want.  I may expand and add features later but this configuration is sufficient for my needs.

Notes:

1.  I removed the Remote Desktop Gateway and iiS.  They are not needed in this configuration.
2.  "2X" was implemented to allow access to the application from ipads, iphones, androids, and other client platforms.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
kevinhsiehCommented:
Sounds good.
0
iteched1Author Commented:
I've requested that this question be closed as follows:

Accepted answer: 0 points for iteched1's comment #37776974

for the following reason:

I figured out what I needed after posting the question.
0
iteched1Author Commented:
Hi,

Please set this to multiple solutions with 300 to me (as I figured it out myself) and 200 for Kevin for taking the time to help me out.

As a side  comment I'm not sure I like the new face of experts exchange...I find it more clumsy to navigate.

Thanks!

Ed
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Applications

From novice to tech pro — start learning today.