Solved

Remote RDP access in Server 2012

Posted on 2014-11-12
10
114 Views
Last Modified: 2015-03-13
We have a two part problem.  We are trying to setup remote access (the new RDS web access) in Server 2012.
We have followed some online guides and got all green checks saying all is good.  Users can't hit the server through a browser though.

More immediate part of the remote issue is the user can't log on thru RDP using the regular RDP app.  Only Administrator can.
Here is some info:
Server 2012 R2 only a week old.  All works well except this.
Sonicwall firewall - ports are forwarded correctly as I can RDP direct to the public IP and it lets me log on the server as administrator only.  When the user logs in there is a msg about ... to sign in remotely you need the right to sign in thru remote desktop services etc.....

The user is in the Remote Desktop Users group.  If she gets put in the administrators group she can log in fine.
We don't really want to give the end user admin rights to the server.

After the user login issue is resolved the end goal is to use the new Web access part of RDS with Server 2012 R2.
From brief reading it looks like the end user can then bring up a www address and get RDP access to the Server and certain published apps which would be awesome.

We did add an A record to DNS on a domain that does resolve to the proper public IP.
0
Comment
Question by:tmoon
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
  • 2
10 Comments
 
LVL 1

Author Comment

by:tmoon
ID: 40439227
Update:
Found another article that says to choose Remote desktop services installation instead of role based.  Article is here:
http://www.techieshelp.com/windows-server-2012-install-and-configure-remote-desktop-services/

This did work to some degree!  The user can now RDP into the Server without being in the adminsitrators group.
I did publish the program that they will need and going in thru a browser I do see the published app.  When I click on the app though it downloads an RDP laucher program via the browser.  When I run the program it says " The remote computer could not be found.  Please contact your helpdesk about this error."  Title of error is: RemoteApp Disconnected.

No biggie but it would be nice to be able to go in this way if at all possible.
Thanks
0
 
LVL 58

Accepted Solution

by:
Cliff Galiher earned 250 total points
ID: 40439232
You'll want to set up an RDGateway server and configure it in server manager. That is the information RDWeb uses when generating RDP files.
0
 
LVL 1

Author Comment

by:tmoon
ID: 40439811
I believe the RD Gateway server installed as part of the above installed package.  I can get to the properties with the server farm tab, SSL cert tab, RD CAP score etc.  All fields are good and list the server name.  Is there a tried and true easy way to verify the correct things are installed?
0
Comparison of Amazon Drive, Google Drive, OneDrive

What is Best for Backup: Amazon Drive, Google Drive or MS OneDrive? In this free whitepaper we look at their performance, pricing, and platform availability to help you decide which cloud drive is right for your situation. Download and read the results of our testing for free!

 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 40440081
Rdgatwway and rdlicensing are not installed or configured during the default scenario based wizard. Only an RDSH/RDVH, RDCB, and RDWA are. You can see servers and roles under remote desktop services in server manager.
0
 
LVL 11

Assisted Solution

by:hecgomrec
hecgomrec earned 250 total points
ID: 40441154
You need to have installed

Remote Desktop Services:
  Remote Desktop Connection Broker
  Remote Desktop Gateway
  Remote Session Host
  Remote Desktop Web Access

Web Server  (default features)

You can use the Remote Desktop services installation, Quick Start, virtual machine-based,
0
 
LVL 1

Author Comment

by:tmoon
ID: 40442840
I did use the method from the last comment.  When I web browser into https://name.domain.com/rdweb it does come up.  Even externally.  So does this mean that the correct components are installed?  
The only issue is I published a resource (an application), which does show up but when clicked on it launches a RDP client which when opened says the computer cannot be found.
0
 
LVL 11

Expert Comment

by:hecgomrec
ID: 40442905
Good to know your first and original issue is solved!!!

Now when you publish a resource (App) you are actually giving access to the server where the application is installed.  You can try that with the calculator, paint or notepad.  You will have about 120 days free (no licenses required) to try and test it.  After that period you will need CALs for that.

If the machine can't be find it might be related to a DNS problem.  Try to open a RDC to the machine (server) where the application is and see if you are able to get to it.  Also check who has rights to RDC to the machine and in you Remote Desktop Gateway Manager your connection policies.
0
 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 40443843
"So does this mean that the correct components are installed?  "

No.  The website is served by the RDWA role. Making that accessible externally is as easy as making *any* site accessible externally. Open/forward port 443.

That is not evidence that you have the RDGateway role installed or configured. And RDGateway is what handles external RDP request and routes them to the right server. It acts as a reverse proxy for RDP. It does NOT serve web pages and does not proxy the web traffic. Those are two different components.

For the .rdp files to work externally that are created by RDWA, you still need to install and configure RDGateway.
0
 
LVL 1

Author Comment

by:tmoon
ID: 40461260
No luck as of yet but if all the web access does is download an RDP app then we'll prob can the operation and run RDP direct.  Is there any other benefit to this?  I thought the new web RDS would be a little easier but under it all it seems like it just sets up a 'downloaded' RDP session for the user?   I guess the only benefit would be users that don't have or don't know how to connect by the regular remote desktop app.
0
 
LVL 58

Expert Comment

by:Cliff Galiher
ID: 40461529
Opening RDP introduces its own issues. TSGrinder is an example. Even without RDWA, I'd strongly recommend using RDGateway and not opening RDP access directly externally. But yes, RDWA is purely a (significant) convenience feature to make getting RDP settings to users much easier. But it sounds like RDWA isn't your problem. RDGateway is.
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, I was assigned the task of performing a hardware refresh in the datacenter. The previous Windows 2008 systems were connected to the SAN via fiber channel HBA’s and among other thing, had PowerPath installed in order to provide sufficient f…
You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
This tutorial will walk an individual through the process of configuring basic necessities in order to use the 2010 version of Data Protection Manager. These include storage, agents, and protection jobs. Launch Data Protection Manager from the deskt…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

690 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question