Windows 2012 R2 Terminal Server Configuration – IT security is a serious deal these days, and remote desktop services are no exception, especially if you have external clients connecting to your infrastructure. To make it easy for these clients to connect, we as administrators have to configure these services as smoothly and transparently as possible, and to secure them, we use, you guessed it… certificates. We have three options here: we use self-signed certificates, an internal enterprise CA, or a public CA. I don’t recommend the first option even in labs, but the other two work well in production. If you have clients that are not part of the organization, I would go and buy a certificate from a certificate authority. You may also see problems using a .local domain with Remote Desktop Services by using a public certificate.
Now, as a certificate requirement, we only need a web certificate type, and I suggest you get a SAN certificate or a wildcard so that you don’t get lost in many certificates; easier to manage. There are several ways to install certificates in Remote Desktop Services, but in this article we will use the wizard that comes with this role, because it is the central console for all servers in the RDS infrastructure. Of course, you don’t use this wizard to solve problems, because it’s useless in this regard, but it’s perfect for what we need now, because we don’t have to visit every server to install certificates.
Windows 2012 R2 Terminal Server Configuration
Before we continue, I hope you have a certificate(s), either purchased from a government authority or issued by an internal CA. I will use the term certificate from now on because I use a SAN certificate for my RDS infrastructure.
Rdp Connection Freezes In Windows 10
The thing to remember is the FQDN you entered in the certificate. For customers who are not part of your company, you must provide the public FQDN for them to join to run their applications. In this case, it is recommended to use a certificate issued by a public certification authority, and the FQDN is part of the certificate. If you don’t have external clients, it’s good to use an internal CA, because these certificates are automatically trusted by all of your company’s clients.
To begin installing certificates, start Server Manager, click Remote Desktop Services, and from the Deployment Overview section, select Tasks > Edit Deployment Properties.
When the Deployment Properties window opens, click Certificates. By default everything looks unconfigured and as you can see we have some certificates to install. I hope you now understand why I recommend you to buy a SAN or wildcard certificate. There are two buttons below, one we won’t use at all because it generates self-signed certificates, and the other we will use extensively to set up a trusted certificate.
In order to be as detailed as possible, I decided to divide each role service on the list into sections for this article. And the first:
Connecting To Remote Desktop Session Host Servers By The Broker
Remote Desktop Services (RDS) uses single sign-on, so users who launch applications from a web portal or RemoteApp in Desktop Connection do not need credentials every time the service is updated or connected to a callback. end servers. The same credentials used to log in to the web portal are used for each connection until the user disconnects. If no certificate is installed for this service or the certificate is not trusted, we will get a warning when connecting as shown in the image below:
To set up a trusted certificate for the Single Sign-On role service, select it and click Choose an existing certificate. What the service looks for in the certificate to “trust” this connection is the FQDN typed in the browser address (discussed later in RD Web Access). So if that FQDN is on the certificate, we should be fine going here.
In the pop-up window, click Choose another certificate, click Browse, and select a certificate. To have a private key, the certificate must be in .pfx format. Once selected, click on “New
Windows 2012 r2 terminal server, terminal server 2012 r2, terminal services server 2012 r2, windows 2012 r2 terminal services configuration, terminal server configuration in windows 2012 step by step, windows server 2012 r2 snmp configuration, remote desktop session host configuration windows server 2012 r2, terminal services manager server 2012 r2, windows server 2012 r2 configuration, windows server 2012 r2 firewall configuration, terminal server 2012 r2 configuration, windows server 2012 r2 terminal services configuration