As mine is quite a simple setup I allowed users to connect if they were a member of the local administrators or the remote desktop users (meaning I could give a limited non admin user access using the RDP group): Firstly we create the CAP, I called mine RD_CAP_01. Next expand your RD Gateway > Policies > and right click on Connection Authorization Policies > Create New Policy > Wizard.Ĭreate a RD CAP and RD RAP policy together for ease. Note the location the certificate is saved – this will come in handy later!Īfter you click ok the certificate will be applied. Follow the wizard to create your certificate, please note for the certificate name enter the “Full Computer Name” that we assigned earlier, eg. For now to configure with a self-signed certificate: Select properties on your server from the console > Choose SSL Certificate. For ease you may wish to use a third party certificate, I will discuss this in another post. Use this to configure the gateway.įirst things first you need to configure an SSL certificate, you can use a self-signed for testing but you will need to import this to the Trusted Root Certification Authority for the user store on any machine you wish to connect to the gateway on. Once installed you will find the Remote Desktop Gateway Manager in your start menu. Follow the wizard and install the features it suggests (it will require IIS too but will prompt). Note with AD you can use the Remote Desktop Services installation however as we are in a workgroup you have to install each role individually.įollowing the wizard through pick the current machine, then select the Remote Desktop Services role and Remote Desktop Gateway. I have blacked out the suffix but there would be from my example before: .Īfter this I added the Gateway role using Server Manager > Manage > Role-based or feature-based installation. This time onto the real purpose of the blog – a gateway server for my workgroup.įirst and for most I had to change the name of my server to something meaningful and add a dns suffix (the fqdn of the external name, eg: ). However, after I got it all configured I found that again without AD it was only manageable through powershell, and in honesty really didn’t give me any added features that I was interested in so I turned that one off too! I got my session host working following this fab blog: I decided that with my home lab setup I needed an RDS gateway, OTT you say? Well yes maybe but I also thought it might be a good learning exercise, and it was!Īs I have only ever setup RDS for a domain I set about creating 3 VMs:-Īfter getting everything thing installed I hit upon my first issue…Connection Brokers are not supported outside of a domain environment.
0 kommentar(er)
