MicrosoftThank you
Very nice article. I know I come here after a few years but a good article never goes old.
The dilemma I have here and I am at the point if I should scratch the internal CA and move to a public CA for all our RDP needs.
Withe everyone ringworm remotely and using and/or having a hybrid module were user either use their own personal equipment or provided, over a vpn connection we have it a bit hard time to assist users.
Since we are using a Terminal server farm, I ant the staff just to open remote desktop, type the rds farm collection name and go in with no cert warnings .
To do this, I was thinking to use our regular wildcard certificate that we use to secure the other applications we use with the "hassle" that ow we need to do this every year.
The opposite will be for us to start deploying a CDP site that takes care of the CRL revocation and assist user with the certificate at the initial rdp start and provide guideline how to import the certificate to the personal computer store .
Any suggestions here will be greatly appreciated.
Thanks
