RDS Windows 2008 R2 “the following remoteapp program is not in the list of authorized programs”?

March 8, 2013, 12:42 pm

≫ Next: Deploying remoteapps from Windows Server 2012 to Windows XP clients

≪ Previous: Remote Desktop Gateway : How to set local adresses range

$

0

0

I need help figuring out why I'm getting this error: remoteapp error "the following remoteapp program is not in the list of authorized programs: Word 2010"

My configuration consists of two servers:

1. ServerB– Server will have the following Roles: Remote Desktop Session Host Microsoft Office 2010

2. ServerA– Server will have the following Roles: Remote Desktop Gateway Remote Desktop Web Access Remote Desktop Connection Broker Remote Desktop Connection Manager Remote Desktop Session Host

I can access App from ServerA without any problems but I get the error when trying to access the apps from ServerB.

Any advised would be appreciated.

---

CP

---

Deploying remoteapps from Windows Server 2012 to Windows XP clients

September 5, 2012, 5:16 am

≫ Next: RDS 2012 RDWEB and Gateway NLB clustered

≪ Previous: RDS Windows 2008 R2 “the following remoteapp program is not in the list of authorized programs”?

$

0

0

Hi,

How would we go about deploying programs to our windows xp clients (non domain joined, external clients) from server 2012? In Windows server 2008 R2 we've done this using MSI's, but this option is removed in 2012. 

Is the only possible way for them to open the browser and go to rd web access every time they want to start a program?

Thanks

RDS 2012 RDWEB and Gateway NLB clustered

February 24, 2013, 7:07 pm

≫ Next: export .pub in terminal server on windows 2012 server option

≪ Previous: Deploying remoteapps from Windows Server 2012 to Windows XP clients

$

0

0

Hi, 

I am looking to create a high availability RDWEB/Gateway in Server 2012 using two servers with both WEB and Gateway roles installed.

I have been looking at using an F5 Big-IP load balancer virtual appliance for performance but i have read that you cannot load balance both the web and gateway on the same load balancer. Can i keep both roles on the servers but use two load balancers or would I need to split the roles.

Alternatively would a MS NLB be more suitable ?

Best Regards,

export .pub in terminal server on windows 2012 server option

February 25, 2013, 11:55 pm

≫ Next: Problem exposing Remote Desktop Gateway to the outside - SSL issue

≪ Previous: RDS 2012 RDWEB and Gateway NLB clustered

$

0

0

hello ,

i dont find an option to export .pub file that i need in order to publish terminal servers thruogh UAG

any suggestions ?

Problem exposing Remote Desktop Gateway to the outside - SSL issue

March 8, 2013, 4:31 pm

≫ Next: windows server 2012 essentials remote web access using a remote desktop session to client computer RDP printing

≪ Previous: export .pub in terminal server on windows 2012 server option

$

0

0

our remote desktop gateway is part of our local active directory domain. So it has a hostname of rdgsrv01.ourlocaldomain.local. I can connect to the RDSH server just fine through the RDG server, from a workstation on our internal network. Now I want to connect from a workstation outside out of our network and I keep getting a certificate error. 

How would the proper configuration go for that to work? 

We have a public domain.com. So I created the public host record "rdg.ourdomain.com" for our clients to use. On the RDG server itself, I created a self signed certificate using the same domain name "rdg.ourdomain.com". I imported it so that it's displayed in the section of the RD Gateway Manager where it says "The following certificate is installed on RDGSrv01:"

But it seems that the SSL certificate of the remote desktop gateway server MUST match the FQDN of the server itself. If that is the case, how can this server be accessible from the outside if no one can communicate with ourinternaldomain.local, being that is a private active directory domain? Do I have to add a hostfile entry for that on the remote computer then use the original certificate on the RDG server?

It works fine when I do that. But adding a hostfile entry for our private active directory domain on all remote computers does not seem like a practical solution.

windows server 2012 essentials remote web access using a remote desktop session to client computer RDP printing

March 5, 2013, 9:03 pm

≫ Next: RDS Certificated Published in TMG Will Expire in 2 Days !

≪ Previous: Problem exposing Remote Desktop Gateway to the outside - SSL issue

$

0

0

When using windows server 2012 essentials remote web access and connecting to a computer on the network. How to setup printing to the local printer while in an RDP session. Before it was to setup easy print now I can't find anything on setting up remote desktop printing. Everything else is fine just can't print to a local printer in a remote session.

RDS Certificated Published in TMG Will Expire in 2 Days !

February 10, 2013, 11:40 pm

≫ Next: Migrate to Windows Server 2012 Remote Desktop Gateway?

≪ Previous: windows server 2012 essentials remote web access using a remote desktop session to client computer RDP printing

$

0

0

Hello ,

I have no knowledge in Certificates, kindly help me in this.

I am receiving the error in TMG Forefront Server 2010 as follows:

A certificate on the server RDS-SERVER published by Forefront TMG will expire in 2 days. 

How can I issue the new certificate or renew the same certificate, kindly explain this please.

Thanks.

Migrate to Windows Server 2012 Remote Desktop Gateway?

March 4, 2013, 7:48 am

≫ Next: User profiles overwritten with new ones after rejoining domian

≪ Previous: RDS Certificated Published in TMG Will Expire in 2 Days !

$

0

0

Hi folks,

We had a Windows Server 2008 R2 server with the remote desktop gateway role installed. How can I migrate the RDG role to a Windows Server 2012 machine?

I did not come across any documentation on this specific operation. We tried exporting the policy and configuration settings, but the XML file was not accepted for import in the 2012 RDG. I tried massaging the XML since there were a few differences, but it still did not take. We didn't see a powershell cmdlet for export/import operations either.

What we wound up doing was to recreate each CAP and RAP rule by hand on the 2012 RDG. Was there a better way to handle this?

Thanks!

---

User profiles overwritten with new ones after rejoining domian

March 1, 2013, 8:44 am

≫ Next: scalability of Windows 2012 TS Solution

≪ Previous: Migrate to Windows Server 2012 Remote Desktop Gateway?

$

0

0

We had a hard drive failure on this RDS server and after we replace the drive and the raid was rebuilt the server lost its trust relationship with the domain. We had to remove it from the domain and re-add it. We thought everything was fine until the users logged back in. Since we rejoined the domain it created a new profile. But the old profiles are no were to be found. It is like the new one overwrote the orignal. In the past we have seen a second profile folder created. Any one ever seen this?

Thanks

scalability of Windows 2012 TS Solution

March 8, 2013, 10:15 pm

≫ Next: Issues with 2012 Remote Desktop Gateway

≪ Previous: User profiles overwritten with new ones after rejoining domian

$

0

0

Hi, Is there still a need for Citrix or can Windows 2012 now scale to large enterprises with 20,000 concurrent users? Consultants keep telling us Windows 2012 can't but no one seems to be able to say why. Even the Microsoft rep who is the business relationship manager for Citrix didn't seem to even understand what 2012 can or cant do from a RDS point of view. From a broker point of view we have some high end F5s that we can use to scale the connections, I just am trying to work out whether we still need Citrix. Currently Citrix is used to host applications. (no streaming) It would be good to reduce our licensing. Obviously Microsoft present challenges with non Microsoft clients, however beyond that, I would like to understand if we want to move to a non citrix environment if it is possible. Thanks

Issues with 2012 Remote Desktop Gateway

March 7, 2013, 7:09 am

≫ Next: RDS in Windows Server 2012 - Untrusted cert issue when connecting to the RDG

≪ Previous: scalability of Windows 2012 TS Solution

$

0

0

Hi there,

we migrated a client off of SBS 2003 to Server 2012 Standard with Exchange 2012 Standard. Note Exchange is on the machine :).

We installed Remote Desktop Gateway on this server after Exchange. This screwed over Exchange, as the bindings in IIS were messed up (exchange registered 127.0.0.1:443 and <nothing>:443 and RDGW *:443 or similar). Anyways, if we remove the additional bindings things get really interesting. IIS starts again, Exchange works (it does a lot through IIS now which is... well let's just say I'm not a fan of it, bork up IIS and you'll have no exchange, no management interface and no powershell (powershell connects through IIS, ain't that nice)) and RDGW - well, it does something.

I have the RD policies. The configuration utility of RDGW will keep on complaining there's no certificate configured. This is probably because it's missing it's own binding, since it should use the same default website as exchange (which creates 2 now - but the backend runs on 81 and 444) it should be fine with the cert attached to the site exchange created. If we try to configure the certificate from there it will go on, but it will break exchange again. We remove the additional bindings then and this error returns in the management tool.

Anyways, as I said, it gets interesting. As stated this is at a clients location. If we use XP to connect over the RDGW it will always fail with a message the remote desktop gateway is temporarily unavailable. The usual solution with the CredSSP enabling does not resolve this.

The interesting part is Windows 7. All machines we have here at our office (not on the clients site thus) can connect just fine over the RDGW. These are all joined to our domain, which still runs SBS 2011. Our 2008 R2 Terminal Server connects fine too. My Windows 7 at home and several of the clients employees with their own Windows 7 machines can not connect however. Same message as XP, the remote desktop gateway server is temporarily unavailable.

Can't seem to figure out what the difference would be between our Win7 clients at the office and the rest. It's not the firewall rules - I have the same access to their firewall at my home and it fails there.

Any ideas? It would be nice if we could just tell RDGW to use the default site (and the already existing bindings on it) too. Hope that prevents it from messing up IIS again.

TIA

RDS in Windows Server 2012 - Untrusted cert issue when connecting to the RDG

March 8, 2013, 10:10 pm

≫ Next: Server 2012 RDS - Drive Redirection

≪ Previous: Issues with 2012 Remote Desktop Gateway

$

0

0

Hi guys,

I am migrating from a Windows Server 2008 R2 RDS deployment to Windows Server 2012 RDS. In fact, it's nearly complete except for a certificate issue that I can't seem to nail down. 

Issue:

Some client machines (Win7/8) are unable to connect through the new 2012 RDG due to an untrusted certificate error. Our users RDP through the RDG to either Windows remote servers or to a 2012 RDSH. No RemoteApps.

Symptoms:

Using mstsc.exe, here's the error that comes up right after entering creds when prompted:

'This computer can't verify the identity of the RD Gateway "publicA-record.domain.com". It's not safe to connect to servers that can't be identified. Contact your network administrator for assistance.'

There is no option to ignore, the user simply is not allowed to connect. This occurs for all remote servers they are trying to connect to.

There's a view certificate button on that msgbox, and here we see our wildcard cert with these notes:

''Windows does not have enough information to verify this certificate."

"The issuer of this certificate could not be found."

The certificate path on the wildcard certificate lists only itself. There should be three levels: itself, the intermediate CA, and root CA.

Notes:

We reused the same Entrust CA wildcard certificate from the old 2008 R2 RDG onto the new 2012 RDG. I used webdeploy to move the IIS site over. It required a password, so I am assuming that the cert's private key was copied over as well. (How can I administratively confirm this?)

All users can still connect to the old RDG without issue. Those that get the error above can connect to the new 2012 RDG after installing the Entrust intermediate CA cert. 

Interesting observation: on my Win8 machine, one user account can access both the old and new RDGs without issue. On the same machine, on another account, the untrusted cert issue above is seen. 

Here's our setup:

1x Server 2012 RDG

1x Server 2012 RDSH - also Connection Broker, Web Access (not used), and not in a farm configuration

Is there a certificate setting I missed? Really weird because every thing looks right, and others are able to connect to the new RDG fine from the get-go. Are there changes in IIS8 or elsewhere in Server 2012 that would cause this?

Thanks!

Server 2012 RDS - Drive Redirection

March 8, 2013, 3:39 pm

≫ Next: TS Web & RD Web RDP connection problem

≪ Previous: RDS in Windows Server 2012 - Untrusted cert issue when connecting to the RDG

$

0

0

We have implemented a new Server 2012 RDS server.   Our domain now has 3 RDS Servers.   Two are Server 2008 and a new Server 2012.    We have a problem where the new Server 2012 server will not allow access to a clients local drives.  The two Server 2008 work just fine.

Does anyone know what the problem might be?

TS Web & RD Web RDP connection problem

February 18, 2013, 1:52 pm

≫ Next: RDP signing breaks logon

≪ Previous: Server 2012 RDS - Drive Redirection

$

0

0

Summary:

• Problem using Remote Apps & RDP from "RDWeb" interface when accessed from the public internet.

Background:

• Currently have, 1 x Windows Server 2008 TS Web Access & 1 x Windows Server 2008 R2 RD Web Access setup.
• Both are configured to use remote apps inc RDP.
• Both allow login to the web interfaces (Prompts for login when connection to URL).
• Both allow RDP connections internally and work correctly without problems.
• Both have Digicert SSLs installed, tested as valid.
• These are standalone installations and not in a Farm.

Issue:

TSWeb (Server 2008) works correctly and allows RDP connection to itself from the "Remote Apps"

RDWeb (Server 2008 R2) does not and the RDP connection errors:

"Your computer can't connect to the remote computer because the Remote Desktop Gateway server is temporarily unavailable. Try reconnecting later or contact your network administrator for assistance"

I am trying to connection to the RDWeb server externally from a Windows 7 PC (RDP 6.2.9200). If I click the "Remote Desktop" selection on the TS Web Interface, I can also RDP to other Windows Server 2003 terminal servers, however any other Server 2008 R2 servers to not work.

Questions:

1. Is there something being missed in the configuration?
2. Are there any fundimental differences between Server 2008 TS Web and Server 2008 R2 RDWeb? (Security etc?)
3. Would someone also be able to clarify the need to open port 3389 on the firewall, my understanding was that RDP (3389) should be wrapped in the HTTPS (443) traffic therefore only 443 would need to be opened. Unfortunately we have had to allow 3389 on the firewall for RDP connections to function from the outside work and get TSWeb working correctly. I presume I have misconfiguration reading this post: http://social.technet.microsoft.com/Forums/en-US/winserverTS/thread/d5906eb8-9a08-42b0-bdd8-356383401554

Many Thanks,

RDP signing breaks logon

March 9, 2013, 10:44 am

≫ Next: 2012, MAC, EastPrint not working.

≪ Previous: TS Web & RD Web RDP connection problem

$

0

0

Hi All!

I've got a strange problem and have tried many things, but I'm not able to fix it...

I've setup a Windows 2008 R2 Remote Desktop Server with Remote Desktop Gateway and Remote Desktop Web and Remote Desktop Licensing, all on 1 machine. Everything worked fine for a few days, but after changing the short time format and copying it to the default and new user accounts, it seems to break the signing of RDP files. Even after changing the short time format back, it is still broken. I've got this problem when I connect from different clients with Windows 8, Windows 2008 R2 SP1 and Windows 7 SP1.

When I disable the RDP signing, I can log on without a problem. But when I try to sign the RDP files, I get an error stating the following:

Your computer can't connect to the remote computer because an error occurred on the remote computer that you want to connect to. Contact your network administrator for assitance.

If I use the C:\Windows\Web\RDWeb\Pages\rdp\Server.rdp file that is signed; I can't connect. If I then open this file with notepad en remove the signing lines, I can connect. So it must have something to do with the signing, but I can't figure it out.

What I've tried so far;

Completely remove the RD Gateway/Web/IIS roles and reïnstalled it > no fix

Exported the SSL cert, removed it from the machine in the Certificate MMC console, imported it again during reïnstall of the roles > no fix

Changed the RDP Security Layer > no fix

Disable and Enable signing > no fix

Any thoughts on this would be appreciated. Thnx!

---

Harm Peter Millaard MCSE, MCSA, MCITP, CCA, CCNA, CCSP, VCP

---

2012, MAC, EastPrint not working.

March 9, 2013, 5:58 pm

≫ Next: help for thin client deployment in my hospital

≪ Previous: RDP signing breaks logon

$

0

0

Hi, Everyone.

I've done my first RDS install under 2012 server.  Published apps and got Windows clients working A-Okay.  EasyPrint works for Windows machines.

MAC (OS/X, 10.8.2, using RDC 2.1.1) clients are not redirecting printer(s) using easyprint.  Verified that RDC is configured to "Use a printer that is connected to the MAC".

Anyone got any good hints about where to start troubleshooting this?

help for thin client deployment in my hospital

March 10, 2013, 1:02 am

≫ Next: How do I patch the master for a collection of pooled PCs

≪ Previous: 2012, MAC, EastPrint not working.

$

0

0

hi,

we are networking our hospital

we are purchasing a hp proliant g7 with xeon @ 3.1ghz 8GB ram

we need around 14 client pc

i want to know the minimum hardware requirements for a thin clients pc to work in our environment. we will be using windows server 2008.

will either of the links(to the thin clients) below work in our setup, or should we buy better clients with a higher processor and ram?

 http://www.ncore.co/nc_600.html

 http://www.ncore.co/nc_600.html

do we need any license on the client systems too?

we dont need any local programs on the clients systems, we will be using one hospital management software on all points and running microsoft office on  few systems.

the post sounds too amateur, sorry about that

thanks in advance,

abcdnitin

How do I patch the master for a collection of pooled PCs

March 7, 2013, 11:41 am

≫ Next: Office 2013 and Server 2012 RDS

≪ Previous: help for thin client deployment in my hospital

$

0

0

We do not have System Center and I do not see a clearly documented procedure anywhere on the Microsoft site.

Office 2013 and Server 2012 RDS

March 10, 2013, 2:48 pm

≫ Next: TermDD event code 50 even if RDP not used

≪ Previous: How do I patch the master for a collection of pooled PCs

$

0

0

Hi Guys,

Installing Office 2013 on a Server 2012 machine, the icons that sit in metro do not display by default for all users. Only the administrator, or whoever installed it. Am I installing it wrong?

TermDD event code 50 even if RDP not used

March 10, 2013, 2:48 pm

≫ Next: VDI Pool English keyboard and Time Format

≪ Previous: Office 2013 and Server 2012 RDS

$

0

0

Even without starting any RDP sessions, I get a pile of TermDD code 50 errors in my server event log.

Only 2 machines in the domain/network, and only 1 user (me!):
   #1 Desktop is Windows 8 Pro with Media Center (64 bit), fully up to date on patches.
        C:\windows\system32\mstsc.exe Version 6.2.9200.16465
        C:\windows\system32\mstscax.dll Version 6.2.9200.16465
        C:\windows\system32\en-US\mstsc.exe.mui Version ?
        C:\windows\system32\en-US\mstscax.dll.mui Version ?
   #2 Server is Windows Server 2008 R2 SP1 (64 bit), fully up to date on patches, mostly with default high security configurations.
        C:\windows\system32\mstsc.exe Version 6.2.9200.16398
        C:\windows\system32\mstscax.dll Version 6.2.9200.16398
        C:\windows\system32\en-US\mstsc.exe.mui Version ?
        C:\windows\system32\en-US\mstscax.dll.mui Version ?

On the desktop, the default RDP connection settings I use include:
   Display - 1280x800, 24 bit colour
   Experience - detect connection quality automatically, persistent bitmap caching, reconnect if dropped

In the last week there have been 114 TermDD code 50 event log records and I have NOT ONCE in that week used RDP to logon to the server from the desktop. Seems to be about 9 each day, not in any apparent rhythm or pattern versus time.

Any ideas 1) what causes the connection to occur and 2) why it gets this protocol error and 3) what I should do about it? The current thread (and others I have searched for) contain lots of ideas, but no solutions that seem to apply to my situation.