Monday, 16 August 2010

Remote Desktop Services Web Access on Windows Server 2008 R2

In an e-mail list conversation a while back, my fellow MVP Dana Epp of Scorpion Software made mention of a new ability in Windows Server 2008 R2 that would give the SBS Remote Web Workplace a run for its money.

That new feature is called Remote Desktop Web Access.

This is what the logon page looks like:

image

Once logged in, we will see a list of applications that have been published via RDS RemoteApps:

image

The above applications are installed on our Windows Server 2008 R2 Remote Desktop Services server and are served to the Internet via our SBS v7 TS Gateway.

A neat aspect to this setup is that the page can be customized much like the Remote Web Workplace can . . . though with a little coding involved. So, besides the above applications, we can have links that connect users to their own office computers, or other internally based resources . . . not unlike the way we can customize the Remote Web Workplace on SBS 2008 and now SBS v7.

RD Web Access Publishing

First, we would need to create a new DNS A record for remotewebapps.mpecsinc.ca (example URI), and then purchase an SSL certificate using the IIS CSR on the RDS Web Access site.

Then, with our new Cisco SA 520 Security Appliance gateway we would bind (alias) an additional ISP IP to the WAN interface and create an HTTPS publishing rule to redirect HTTPS traffic on that IP to our RD Web Access server.

It would be pretty close to that simple.

Remote Web Workplace Links

Here are the hyperlinks to the RDP files we have configured for application access via the Remote Web Workplace:

image

RDP File Links

We used the RemoteApp Manager on the Remote Desktop Services server to first publish the applications.

image

Once the applications were published, we could then right click on each one and generate an RDP file. From there, we would copy the RDP file into a subfolder under the /Remote application folder on the SBS v7 server (can be done on SBS 2008 too).

Users can then click on the Outlook link, authenticate, and use the Outlook application on their remote system. All the while, Outlook is actually running on the Remote Desktop Services server.

Or, users can right click on the link and save the RDP file to their Desktop for later quick application access.

Note that we need to add the RDP extension to the MIME Types setting in IIS for the link to fire up the application as expected. Charlie Russel covers this in his book on SBS 2008:

AuthAnvil (AuthAnvil demo video), Scorpion Software’s two-factor authentication product, is an excellent way to provide additional security for both the Remote Web Workplace and RD Web Access.

Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book

*Our original iMac was stolen (previous blog post). We now have a new MacBook Pro courtesy of Vlad Mazek, owner of OWN.

Windows Live Writer

No comments: