I've setup a new server with 2012r2 as a host. There are three VM's:
VM1 is the DC
VM2 is the RDS
VM3 is the Exchange 2013.
I've used http://msfreaks.wordpress.com/2013/12/09/windows-2012-r2-remote-desktop-services-part-1/
as a guide for RDS.
The internal AD domainname is corp.domainname.nl
The external e-mail domainname is domainname.nl
I've created the DNS forward lookup zones rds-gateway.domainname.nl and exch.domainname.nl pointing to the coresponding ip-adresses, so we can use these later to access from the internet.
The RDS servername is RDS1.corp.domainname.nl
I've registered a certificate at Comodo's with these names:
We have mulitple public IP-addresses and use a Vigor 2960 as firewall.
Port 443 is forwarded to the RDS1 servers internal ip-address.
If an employee uses their own laptop/pc from their home location, they are able to go to the rds-gateway.domainname.nl website and logon successfully. But if they try to open a published application it will ask them again for the username and password. No way to get in. My guess is that SSO does not work for some reason. But... If I move the computer to the company, connect it to the company’s internal network and then try to open a published application, it does work. Most of the users have a Windows Home Version on their device. I already changed the connection authorisation policy that there is no need for any computer to be a member, to connect. By that non-domain members are able to use the RDS.
I can’t find out what the problem is, except that somehow SSO does not work (My guess)
Is it necessary to have rds1.corp.domainname.nl in the SSL certificate?