Solved

server 2012 certificate

Posted on 2014-10-25
17
917 Views
Last Modified: 2014-10-26
I have installed the following cert. as the https (port 443) in my IIS manager in the default website AND in my Remote Desktop Services gateway on server 2012 R2 :
ticktockit-sbs.ticktock.local

When I access from the network:
https://ticktockit-sbs.ticktock.local/RDWeb
I get a vert nofification

I install the certificate in the Root certificate location
I then proceed to the RDWeb access interface and get my icons to launch
When I launch them I get the following:

Your computer can't connect to the remote computer because your computer or device did not pass the Network Access Protection requirements set by your network administrator

Please help
0
Comment
Question by:doctorbill
  • 10
  • 4
  • 3
17 Comments
 
LVL 37

Assisted Solution

by:Mahesh
Mahesh earned 214 total points
ID: 40403849
In RD Gateway Manager console on RD Gateway Server, ensure that resource access policies (RAP) are allowed to all users and all computers \ intended ones
0
 

Author Comment

by:doctorbill
ID: 40403965
where exactly is this please
0
 

Author Comment

by:doctorbill
ID: 40403976
Found it
It is enabled and allowing All Domain users
0
Edgartown IT Case Study

Learn about Edgartown's quest to ensure the safety and security of the entire town's employee and citizen data. Read the case study!

 
LVL 8

Assisted Solution

by:tshearon
tshearon earned 286 total points
ID: 40404004
What kind of cert did you get? Is it a self signed one or from a trusted public CA? If the cert is good (x.509 that meet the requirements of RD Gateway) then you should install/import it into the personal certificate folder on the local machine I'm sure.

Anyway, this site should help you resolve.

http://technet.microsoft.com/en-us/library/dd320345(v=ws.10).aspx
0
 

Author Comment

by:doctorbill
ID: 40404031
self signed
Still not working
0
 

Author Comment

by:doctorbill
ID: 40404033
I still get this:

Your computer can't connect to the remote computer because your computer or device did not pass the Network Access Protection requirements set by your network administrator

Please concentrate on this message only
0
 
LVL 8

Assisted Solution

by:tshearon
tshearon earned 286 total points
ID: 40404035
So did you check that article and make sure you have done everything it has asked for self signed certs?
0
 
LVL 8

Accepted Solution

by:
tshearon earned 286 total points
ID: 40404038
I apologize, I see what you are saying.

Have you checked here to make sure your NAP policy is configured the way you want?

http://technet.microsoft.com/en-us/library/cc732172(v=ws.10).aspx
0
 

Author Comment

by:doctorbill
ID: 40404041
which policy do I need to check - specific please
0
 
LVL 8

Assisted Solution

by:tshearon
tshearon earned 286 total points
ID: 40404045
It's in the article I posted. Specifically you would start with the system requirements for the TS Gateway NAP scenario. It would be impossible for me to tell you specifically what your issue is because I do not know how you have it configured.
0
 

Author Comment

by:doctorbill
ID: 40404113
This is all configured but I still get the message
0
 
LVL 37

Assisted Solution

by:Mahesh
Mahesh earned 214 total points
ID: 40404115
U have checked that all users are allowed through RAP.
Have you checked that all computers are allowed in RAP policies under RD gateway manager ?
The RAP is nothing but you are accessing NAP policies only, but from RD Gateway manager

Ensure that The name (Common Name) of certificate and RD Gateway FQDN both are same, otherwise you will get errors no matter certificate is self signed \ domain based \ 3rd party

Also you must update RDP client on Win7 Machines to 8.1 version (Latest one)
http://support.microsoft.com/kb/2923545

Check new features of RDP 8.1 client
http://support.microsoft.com/kb/2830477

After client updating check if you are able to connect, it is required to connect to 2012 \ 2012 R2 RDS servers
0
 

Author Comment

by:doctorbill
ID: 40404116
If I access the site on the server it all works fine so it is definitely linked to remote access
0
 

Author Comment

by:doctorbill
ID: 40404123
The RDP client works fine

I am using the web access client:
https://ticktock-sbs/RDWeb
I can log on no problem and get all the remote desktop icons but when I click on them I get the message described above

Sorry - I thought I made that clear in the opening question
0
 
LVL 37

Assisted Solution

by:Mahesh
Mahesh earned 214 total points
ID: 40404256
Login into web access and accessing web app icon is two different things

When you use web app to connect to application hosted on RD Session host server, the requests are routed through RD Gateway server via RDP client

Can you please check RDP client version installed on client machine from where you are accessing RD Web Access URL
Open RDP client and right click top and check what is the version of RDP client
0
 

Author Comment

by:doctorbill
ID: 40404341
version 6.3.9600
0
 

Author Closing Comment

by:doctorbill
ID: 40404759
Many ideas
0

Featured Post

Backup Solution for AWS

Read about how CloudBerry Backup fully integrates your backups with Amazon S3 and Amazon Glacier to provide military-grade encryption and dramatically cut storage costs on any platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Group policy not applying 5 103
RDP up only between 8am-13.00 pm ? 11 83
Task with PowerShell Script is failing with 0x41301 7 122
How does ADMT SID History work? 1 43
Every system administrator encounters once in while in a problem where the solution seems to be a needle in haystack.  My needle was an anti-virus version causing problems with my Exchange server. I have an HP DL350 with Windows Server 2008 Stand…
On a regular basis I get questions about slow RDP performance, RDP connection problems, strange errors and even BSOD, remote computers freezing or restarting after initiation of a remote session. In a lot of this cases the quick solutions made b…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question