Remote Access via HTTPS RDP Web Client on Windows Server 2022 - Installation Issue Solved .
Step 1: Install Remote Desktop Services** * Install the **Remote Desktop Services** role using (note role and feature installation) * Choose **Quick Start** for the deployment type. * Select **RD Connection Broker** as the default server. * Choose **Session-based desktop deployment**. > *Note: If you need a virtual machine–based environment, ensure Hyper-V or another virtualization platform is installed on the server.* * The following roles will be installed automatically: * Remote Desktop Session Host * Remote Desktop Gateway * Remote Desktop Licensing * Remote Desktop Web Access --- Step 2: Configure Core RDS Components** Configure all the following roles on the **same server** (or on different servers if desired): * RD Connection Broker * RD Gateway * RD Licensing * RD Web Access Use a **domain user** account that has administrative privileges (Domain Administrator or Server Administrator group). --- Step 3: Configure Certificates** * Open **Server Manager** → **Remote Desktop Services** → **Deployment Overview**. * Click **Tasks** → **Edit Deployment Properties**. * Under **Certificates**, create a **self-signed certificate** and apply it to all roles: * RD Connection Broker * RD Gateway * RD Licensing * RD Web Access > Make sure all roles use the **same certificate**. --- Step 4: Configure RD Gateway Policies** * Go to **Tools** → **Remote Desktop Services** → **RD Gateway Manager**. * Create a policy for: * **User authentication** * **Network access** > Allow only ports **443** (HTTPS) and **3389** (RDP). --- Step 5: Configure Quick Session Collection** * If a collection is not created automatically, create one by: * Navigating to **Server Manager** → **Remote Desktop Services** → **Collections**. * Choose the same server and create a new **QuickSessionCollection**. * Under **RemoteApp Programs**, add and publish the desired programs. * Check accessibility by browsing to: `https://<your‑FQDN>/RDWeb/` --- Access via Web Only (Web Client Setup) -------------------------------------------------------------------- To access Remote Desktop only via the browser, install the **Web Client package**. --- **Step 1: Export the Self-Signed Certificate** * Open **Run** → type `certlm.msc` * Navigate to **Personal** → **Certificates** * Select the certificate created for the **RD Connection Broker** * Export the certificate (e.g., to `C:\temp\abcde.cer`) --- #### **Step 2: Install and Publish Web Client Package** Open **Windows PowerShell 5.1** and run: ```powershell Install-Module PowerShellGet -Force Install-Module RDWebClientManagement Import-Module RDWebClientManagement # Clean up any stale IIS locks Reset-IISServerManager -Confirm:$false Remove-Module IISAdministration -ErrorAction SilentlyContinue Import-Module RDWebClientManagement # Install the Web Client Install-RDWebClientPackage # Import the exported certificate Import-RDWebClientBrokerCert "C:\temp\abcde.cer" # Publish the Web Client for production Publish-RDWebClientPackage -Type Production -Latest ``` --- #### **Step 3: Access the Web Client** Visit: `https://<your-serverFQDN>/RDWeb/webclient/index.html` If the page does not appear: * Restart the **Default Web Site** in **IIS Manager**. * Ensure the **webclient** folder is present under the IIS site directory. * Check if the correct certificate is applied under **Bindings** in IIS.
RDP Licensing Server Issue
We have a number of terminal servers, all running Server 2019. For most purposes they are standalone (they each handle their own connection broker service), and the only shared resource is the licensing server, which is a dedicated VM (also Server 2019) which does nothing apart from act as the licensing server. From when set up about a year ago (session hosts and licensing server) all worked fine until a couple of months ago when three (so far) of the terminal server started randomly giving the following error: If the user logs out and back in it may or may not clear, and if it doesn’t (or if they just ignore it and carry on), it will kick them out after an hour. I have been unable to find any pattern to this – it seems to affect random users at random times, and I have been unable to replicate it in testing. If I run the licensing dignoser (lsdiag.msc) on one of the affected terminal servers when a user informs me of the issue, it comes back with no errors. Connectivity to the licensing server is fine and there are plenty of licenses available. I have tried removing cached user profiles from the affected terminal servers (we use roaming profiles so they re-sync when the user next logs in), which hasn’t helped. Each terminal server is configured to address the licensing server just by its hostname, but on each of those affected I have also added the FQDN and the static IP – which has also had no impact. Can anyone suggest anything else to try? Thanks
RDS 2019 Remote Apps RDWEB event id 10
Hi everyone, I have a server that I was able to publish remote apps before several new applications installations today. I was also able to use the GPO "Specify the default connection URL After the installation of the new software, I wanted to publish it. However, it didn't work. I check it using the rdweb URL and found this: When I went to the server I found event id 10: "RD Web Access was unable to access RDSSerever, which is the server that is specified as running the RemoteApp and Desktop Connection Management service. Ensure that the computer account of the RD Web Access server is a member of the TS Web Access Computers security group on RDSServer." I tried multiple solutions, but: 1. I don't have a group called TS Web Access Computers Security group 2. Even after changing the authentication to a domain admin it still doesn't work... Is my only option to remove and add the RDS again? Rahamim.
