Solved

RDS 2012 external clients can authenticate and access Webapp but cannot lunch published applications.

Posted on 2013-01-10
8
2,297 Views
Last Modified: 2013-05-31
Hi,

I have the following servers running Windows Server 2012.
RDSH1 = Remote Desktop Session Host 1
RDSH2 = Remote Desktop Session Host 2
RDLIC = Remote Desktop Licensing
RDWAG = Remote Desktop Web Access Gateway
RDCB = Remote Desktop Connection Broker

RDWAG has two IP address
Eth0 = External
Eth1 = Internal

External IP address firewall has port 443 Internal and External traffic open to the world and is a public IP.

On my internal network all clients can connect to the web app and utilize published applications along with VDI pools. Internally everything looks to be working perfect.

The issue is external clients.
External clients are able to connect to the web app and authenticate with no issue. Here comes the butt, after clicking on a published application the user has to reenter their credentials, to launch the application. Even though the credentials are entered correctly the remote desktop program acts like the credentials are incorrect. This does not prompt in error, or create a log in the event file. It instantaneously refreshes the prompt asking to login.

I think this could have something to do with it, but im not sure.
My external domain name is different from my internal domain name.

ie,
External = WA.Milk.com
Internal = WAS.Home.local
-
SSL Name = WA.Milk.com  

Other issue, We have a valid SSL Cert from CheapSSL. The SSL Cert imported correctly with no errors. The web app come up with a green lock. checking the Best Practice Analyzer (BPA), we get the following evert. ( The RD Gateway server must be configured to use a valid SSL certificate ) after following the steps from http://technet.microsoft.com/en-us/library/dd320340(v=ws.10).aspx we still receive this error.

I can give more information if needed.

Thank you all for the help.
0
Comment
Question by:TRTurner
  • 4
  • 3
8 Comments
 
LVL 14

Expert Comment

by:setasoujiro
ID: 38766018
Do you enter the username as follows : domain\username
0
 
LVL 6

Author Comment

by:TRTurner
ID: 38766876
Yes in different formats.

1) username@home.local
2) home\username
3) home.local\username

Still no luck
0
 
LVL 14

Expert Comment

by:setasoujiro
ID: 38767145
I don't think it's the internal and external names being different, I have a testlab with the same setup.

Can you try and let a user connect to the remote app using the windows remote app manager instead of the Webinterface?
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 
LVL 6

Author Comment

by:TRTurner
ID: 38767240
I can connect using the Windows remote app manager and the icons show up under programs in the start menu. But when I try to access an app it ask to enter your credentials. then instantaneously refreshes the prompt asking to login, just like in the webfeed.

@Setasoujiro,
When you connect to your RDSH do you still get an SSL cert doesn't mach the computer.
ie. SSL cert for WA.Milk.com does not mach RDSH1.home.local
0
 
LVL 14

Expert Comment

by:setasoujiro
ID: 38767257
Can you try and install the untrusted cert as trusted for the remote computer (rds host)
0
 
LVL 6

Author Comment

by:TRTurner
ID: 38767400
No luck
0
 
LVL 6

Author Comment

by:TRTurner
ID: 38767604
Sorry,

Internal = RDWAG.Home.local not Was.home.local
0
 
LVL 17

Accepted Solution

by:
Brad Bouchard earned 500 total points
ID: 38768881
What you need to do is this:

1)  Make sure that the SSL, along with it's Root and Intermediate Certs are all installed on the server as well as the client computers trying to access the Web Gateway or Remote Apps.
2)  Make sure you've imported the correct SSL into the Gateway through RD Gateway Manager.

Let me know the results.
0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A procedure for exporting installed hotfix details of remote computers using powershell
A phishing scam that claims a recipient’s credit card details have been “suspended” is the latest trend in spoof emails.
In this Micro Tutorial viewers will learn how to restore their server from Bare Metal Backup image created with Windows Server Backup feature. As an example Windows 2012R2 is used.
In this Micro Tutorial viewers will learn how to restore single file or folder from Bare Metal backup image of their system. Tutorial shows how to restore files and folders from system backup. Often it is not needed to restore entire system when onl…

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question