Solved

Remote RDP access in Server 2012

Posted on 2014-11-12
10
97 Views
Last Modified: 2015-03-13
We have a two part problem.  We are trying to setup remote access (the new RDS web access) in Server 2012.
We have followed some online guides and got all green checks saying all is good.  Users can't hit the server through a browser though.

More immediate part of the remote issue is the user can't log on thru RDP using the regular RDP app.  Only Administrator can.
Here is some info:
Server 2012 R2 only a week old.  All works well except this.
Sonicwall firewall - ports are forwarded correctly as I can RDP direct to the public IP and it lets me log on the server as administrator only.  When the user logs in there is a msg about ... to sign in remotely you need the right to sign in thru remote desktop services etc.....

The user is in the Remote Desktop Users group.  If she gets put in the administrators group she can log in fine.
We don't really want to give the end user admin rights to the server.

After the user login issue is resolved the end goal is to use the new Web access part of RDS with Server 2012 R2.
From brief reading it looks like the end user can then bring up a www address and get RDP access to the Server and certain published apps which would be awesome.

We did add an A record to DNS on a domain that does resolve to the proper public IP.
0
Comment
Question by:tmoon
  • 4
  • 4
  • 2
10 Comments
 
LVL 1

Author Comment

by:tmoon
ID: 40439227
Update:
Found another article that says to choose Remote desktop services installation instead of role based.  Article is here:
http://www.techieshelp.com/windows-server-2012-install-and-configure-remote-desktop-services/

This did work to some degree!  The user can now RDP into the Server without being in the adminsitrators group.
I did publish the program that they will need and going in thru a browser I do see the published app.  When I click on the app though it downloads an RDP laucher program via the browser.  When I run the program it says " The remote computer could not be found.  Please contact your helpdesk about this error."  Title of error is: RemoteApp Disconnected.

No biggie but it would be nice to be able to go in this way if at all possible.
Thanks
0
 
LVL 56

Accepted Solution

by:
Cliff Galiher earned 250 total points
ID: 40439232
You'll want to set up an RDGateway server and configure it in server manager. That is the information RDWeb uses when generating RDP files.
0
 
LVL 1

Author Comment

by:tmoon
ID: 40439811
I believe the RD Gateway server installed as part of the above installed package.  I can get to the properties with the server farm tab, SSL cert tab, RD CAP score etc.  All fields are good and list the server name.  Is there a tried and true easy way to verify the correct things are installed?
0
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 40440081
Rdgatwway and rdlicensing are not installed or configured during the default scenario based wizard. Only an RDSH/RDVH, RDCB, and RDWA are. You can see servers and roles under remote desktop services in server manager.
0
 
LVL 11

Assisted Solution

by:hecgomrec
hecgomrec earned 250 total points
ID: 40441154
You need to have installed

Remote Desktop Services:
  Remote Desktop Connection Broker
  Remote Desktop Gateway
  Remote Session Host
  Remote Desktop Web Access

Web Server  (default features)

You can use the Remote Desktop services installation, Quick Start, virtual machine-based,
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 
LVL 1

Author Comment

by:tmoon
ID: 40442840
I did use the method from the last comment.  When I web browser into https://name.domain.com/rdweb it does come up.  Even externally.  So does this mean that the correct components are installed?  
The only issue is I published a resource (an application), which does show up but when clicked on it launches a RDP client which when opened says the computer cannot be found.
0
 
LVL 11

Expert Comment

by:hecgomrec
ID: 40442905
Good to know your first and original issue is solved!!!

Now when you publish a resource (App) you are actually giving access to the server where the application is installed.  You can try that with the calculator, paint or notepad.  You will have about 120 days free (no licenses required) to try and test it.  After that period you will need CALs for that.

If the machine can't be find it might be related to a DNS problem.  Try to open a RDC to the machine (server) where the application is and see if you are able to get to it.  Also check who has rights to RDC to the machine and in you Remote Desktop Gateway Manager your connection policies.
0
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 40443843
"So does this mean that the correct components are installed?  "

No.  The website is served by the RDWA role. Making that accessible externally is as easy as making *any* site accessible externally. Open/forward port 443.

That is not evidence that you have the RDGateway role installed or configured. And RDGateway is what handles external RDP request and routes them to the right server. It acts as a reverse proxy for RDP. It does NOT serve web pages and does not proxy the web traffic. Those are two different components.

For the .rdp files to work externally that are created by RDWA, you still need to install and configure RDGateway.
0
 
LVL 1

Author Comment

by:tmoon
ID: 40461260
No luck as of yet but if all the web access does is download an RDP app then we'll prob can the operation and run RDP direct.  Is there any other benefit to this?  I thought the new web RDS would be a little easier but under it all it seems like it just sets up a 'downloaded' RDP session for the user?   I guess the only benefit would be users that don't have or don't know how to connect by the regular remote desktop app.
0
 
LVL 56

Expert Comment

by:Cliff Galiher
ID: 40461529
Opening RDP introduces its own issues. TSGrinder is an example. Even without RDWA, I'd strongly recommend using RDGateway and not opening RDP access directly externally. But yes, RDWA is purely a (significant) convenience feature to make getting RDP settings to users much easier. But it sounds like RDWA isn't your problem. RDGateway is.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Resolve DNS query failed errors for Exchange
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
In this Micro Tutorial viewers will learn how to restore single file or folder from Bare Metal backup image of their system. Tutorial shows how to restore files and folders from system backup. Often it is not needed to restore entire system when onl…
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now