+1 (866) 930-8356

We are experts on the entire Microsoft enterprise product stack. These are Microsoft technologies we regularly deploy. We provide real business value through strategic guidance, technical expertise, and knowledge transfer.

 

Most organizations share a core set of business needs. These solution categories apply across industries, helping line-of-business managers and the IT managers who support them apply genuine solutions to universal needs.

 

As an IT systems integrator, our expertise is putting all the pieces together to get the job done, so we never have to take “no” for an answer. We help organizations improve business productivity in any department.

 

We provide solutions customized to the needs of your industry. Whatever your industry or product, we can provide project, service, process, and content management solutions—to increase productivity and IT value.

 
Concurreny
Real Microsoft expertise. Real business value.
Concurrency To Hold Microsoft Hybrid Cloud Events
Annur Sumar Presenting at Microsoft’s TechEd North America 2013
Microsoft Hybrid Cloud Event
Concurrency To Share Microsoft eDiscovery Insights
Microsoft eDiscovery Event
2013 Wisconsin IT Symposium – An Invitation
Blog
June 05, 2012 | Shannon Fritz | Infrastructure, Remote Desktop Services

RDS8 – Quick and Easy, RemoteApp on Windows Server 2012

Read more Step-by-Step Guides on Remote Desktop Services in Windows Server 2012.

I’ll show you how you can set up RemoteApp publishing using a single server in less time than it takes to watch an episode of your favorite drama!

Honestly, you should be able to hammer this out in less than an hour if you are at all familiar with the new Windows Server Manager. It’s madness (in a good way!). There two things that you will need in place before you start your stop watch:

  1. RDS in Windows Server 2012 requires Active Directory, 2003 or newer.
  2. One server running a fresh and updated install of Windows Server 2012 joined to that domain.

Once you’ve got that, break out your stop watch. I’ll race you!

 

From the new Server Manager, click the Manage menu and select Add Roles and Features.

clip_image002[8]

One of many new features that the new Server Manager offers is the introduction of scenario-based installation. Remote Desktop Services is the only scenario installation type available, and that’s exactly what we want to do.

clip_image004[4]

If you really want to see the power of Scenario-Based deployments you’ll want to set up three servers and then try the Standard Deployment method, but to get this done quickly we’ll just use the Quick Start deployment which will put everything on one server.

clip_image006[4]

The Virtual Desktop Infrastructure (VDI) scenario will be used to allow each user to have their very own virtual machine, but we want to deploy the Session Virtualization scenario which is analogous to what everyone thinks of with Terminal Services; multiple user sessions working independently on one server.

clip_image008[4]

The local server you’re connected to should be added to the Selected list by default. Make sure that’s the server you are going to deploy all of the RDS roles onto and click Next.

clip_image010[4]

On the Confirmation page you’ll have to check the “Restart” option as the installation of the Session Host role requires a reboot. Then click Deploy.

clip_image012[4]

After the reboot, log back into the server and the Server Manager should resume to show you the status: Succeeded!

clip_image014[4]

Click the link at the bottom of the page to view the list of available RemoteApps.

clip_image016[4]

When connecting to the RDWeb page, you’ll get a certificate warning because the quick deployment uses a self-signed certificate which can be replaced later, so click Continue to this web site for now.

clip_image018[4]

You’ll also be prompted to run an Active-X Control which is the mechanism that allows the web site to launch the Remote Desktop client. You can click Allow here, but a Group Policy can be made to allow this automatically.

clip_image020[4]

Once connected, you’ll see a huge list of applications that are published already. This is a result of using the Quick Start deployment, and we’re not going to want to publish all of these Apps, so let’s take care of that right away.

clip_image022[4]

Return to the Server Manager and click on the new “Remote Desktop Services” page on the left, then click on Collections. “Collections” is a new term that describes a set of services that the RDS deployment offers such as a collection of RemoteApps, Desktop Sessions or Virtual Desktops. The Quick Start deployment already created a collection for us, but we’ll want to remove it and start from scratch.

Right click the QuickSessionCollection and click “Remove Collection. Then from the Tasks button, select Create Session Collection.

clip_image024[4]

Enter a Collection Name, something clever like RemoteApps works well.

clip_image026[4]

Now select your Session Host server and click the arrow to add it to the Selected list. There should only be the one server available here so it’s pretty straight forward.

clip_image028[4]

The default group of users that are allowed to access the applications in this collection will be Domain Users. You can be more specific if you wish, but you can also be more specific on an individual application bases as you publish them later.

clip_image030[4]

To keep things moving quickly, let’s skip the User Profile Disks for now. This is a very cool new feature of Windows Server 2012 (8 beta) that allows users on the session host to have their “local” data get automatically redirected to a different virtual hard drive instead of getting written to the actual session host server, but you can configure that later.

clip_image032[4]

Click Next then Create to finish the Collection wizard. When it’s done, you can click Close.

clip_image034[4]

clip_image036[4]

Now it’s time to publish the applications you really want to give users access to. From the Remote Desktop Services page, select the new RemoteApps collection you made and then from the Tasks button by RemoteApp Programs, select Publish RemoteApp Programs.

clip_image038[4]

You can select a program from the list or click “Add Another Program” to browse to an executable.

clip_image040[4]

When you’re happy with your selection click Publish, then Close.

clip_image042[4]

clip_image044[4]

Now refresh the RDWeb page and you’ll see only the applications that you selected.

clip_image046[4]

Click on one of them to connect to the RemoteApp.

clip_image047[4]

This prompt is Internet Explorer warning you that the Web Site is trying to start a program on your computer. It’s using the Active-X Control to launch the local RDP client (mstsc.exe). This warning can be suppressed by Group Policy once the web site certificate is replaced, but for now just click Connect.

Once connected, the application would look just like any locally installed application, but you’ll notice a new system tray icon that show you are connected to a Remote Work Place.

clip_image049[4]

And there you have it, RDS, Quick and Easy on one server in less than an hour.

clip_image051[4]

Now you can install new applications and publish them to your Collection. Just like Windows 2008 R2, you can deliver these RemoteApps from RDWeb or by subscribing to the RemoteApp RSS feed.

If you want to make these applications available outside of your organization, the next step will be to deploy the RD Gateway role, or if you want to go bigger, try doing a Standard Deployment to break the roles out to separate servers and add more Session Hosts, the equivalent to a RDS Farm.

N’joy!

 
 

Shannon Fritz

Infrastructure Architect and Server Team Lead at Concurrency. Shannon is an MVP in Forefront and Enterprise Security, MCSE in Private Cloud and MCSA Windows Server 2012. He's also a self-professed media junkie. Just ask him about MediaCenter!

 
  • http://YourWebsite anon

    Hi, even though I found most of the settings I still hate the new user interface in 2012.

    Where can I select a different certificate for the session host? After an hour of searching I still don’t know… thanks microsoft.

  • Pingback: RDS8 – Add a Licensing Server | Concurrency Blog

  • http://www.sztj.hu Tibor

    Hi, anon, I found it.. Select your collection, tasks/edit deployment properties, and there it is: certificates.

  • http://hexxus.net Hexxus

    Hey there, I found this guide very useful however I followed your instructions on a fresh server install, and when I started to create a collection, where you select your server for the RD Session Host I don’t have my server there. It shows “0 Computer(s) found”.

    Any ideas?

  • deffer

    Hello,

    please can anyone tell me, how i can make rdp and msi files from the published programms?!?!

    Thanks & BR
    deffer

    • http://www.linkedin.com/in/shannonfritz Shannon Fritz

      Actually you cannot make them from the Server Console anymore, which is sort of unfortunate. I do not know of a way to generate MSI files, but I can tell you how to get the RDP files for the RemoteApps.

      First, use the “RemoteApp and Desktop Connections” control panel to subscribe to the RSS feed.
      Once connected you can click on the “View Resources” link which will open a folder of shortcuts (.lnk files)
      Open the Properties of one and you’ll see the shortcut Target is mstsc.exe and an RDP file
      Open that path in Explorer (Ex: %appdata%\Microsoft\Workspaces\{F454D2C2-05B1-49EA-8C3F-CD97C8B13742}\Resource\)
      There you will find all the .RDP files which you can copy and put anywhere you want.

      Note: You’ll also find icons in %appdata%\Microsoft\Workspaces\{F454D2C2-05B1-49EA-8C3F-CD97C8B13742}\Icons

  • http://www.tes-com.nl Ronald Bok

    Hello,

    Our remote desktop server has a internal name of ts1.mydomain.local. The gateway server is on the same machine and has a external adress of remote.mydomain.nl. It has a Public certificate.

    If i start a remote desktop app from the remote app website i get a worning that the server name (internal name) is different of the certificate name (external name).

    How to solve this ?

    • http://www.linkedin.com/in/shannonfritz Shannon Fritz

      You basically have two options here:

      1. Get a Certificate that can validate both FQDN’s. This could be a 3rd Party “UC” cert, or issue one from your own PKI and distribute the certificate to your clients so they trust it. This is a messy approach and I would avoid it.

      2. Make an Internal DNS zone to server names for the external name on the inside. This will allow you to access the server from remote.mydomain.nl when you are inside or outside the corpnet. when outside you get the external address, wen inside you get the internal one. This will let you use one certificate for the external name, and if issued by a 3rd party, it’ll be trusted automatically.

  • Per-Einar

    What is the solution when you do not have DC function on another server????

    • http://www.linkedin.com/in/shannonfritz Shannon Fritz

      Remote Desktop Services in WS2012 does require a Domain Controller. The RDS role will not install if it’s not a Domain Member.

  • Pingback: Windows 2008 R2 Remote Apps / Access

  • Jonathan Sills

    Thanks for the guide, but one I’m hitting a wall. The app I’m trying to configure with RemoteApps is on a network drive and not on the server. Whenever I try to publish it, I get the following message:

    You must specify a file from the RD Session server
    SVTEST.INFO.COM by using the UNC path; for example
    \\SVTEST.INFO.COM\c$\path\filename.exe.
    If the problem persists, ensure that the following Windows Firewall
    exceptions are enabled:
    1. File and Printer Sharing (SMB-Out).
    1. File and Printer Sharing (SMB-In).

    I have set up the exceptions and tried to publish the application by UNC, but I always get the same message. I am sure it is because the file is not hosted locally the server. Is there a workaround?

    • http://www.linkedin.com/in/shannonfritz Shannon Fritz

      Do you really want to execute an application over a UNC path? Could you instead copy/install the application on the Session host instead?

      If not, and not really knowing the application you are using, you might try to use a script (CMD, BAT, VBS, PS1) to launch the application. Put the script on the Session Host and let the script call the UNC path. Then publish the Script as a RemoteApp.

      In another post about changing the RemoteApp Icon I am publishing a script that runs IE in Kiosk mode. You can use the same thing to run other apps.

      • Jonathan Sills

        Thanks for the follow up. Yes, I do require to be able to execute the application over a UNC path. The application is home made and could be related to as “portable”.

        Moving the software it is not a possibility. Local users and remote users connect to the same app. While the remote app server is in the dmz, the file server is not. Some other reasons not under my control like centralized updates, etc.

        AFAIK, besides the files not being stored on the server, there is no actual drawback to running a software from UNC path. I find it rather sad that the wizard does not allow us to choose the file location which we want (especially if we can change it afterward like you point out). It’s not a feature, but an impediment.

        I guess I’ll change the published app icon or stick with WS2008R2 for now and hope for the feature to be back in SP1…

        • http://www.linkedin.com/in/shannonfritz Shannon Fritz

          In my experience, I’ve occasionally had problems with RemoteApps if the EXE that was published gets changed. It’s not always the case (think of how often WinWord.exe or iexplor.exe gets changed with updates) but I have had some third party exe’s that, if replaced, would cause the RemoteApp to fail to launch. This was with 2008 R2 anyway. I worked around that by using a “launcher” script and since that script didn’t change, the RemoteApp would continue to launch fine. Plus I could do other things with launchers like map network drives or set environment variables, etc, etc, etc before running the application.

          If you really wanted to, you could stand up the WS2012 RDS environment and then source this particular app from the 2008R2 session host. Giving you the best of both worlds…

          http://blog.concurrency.com/featured-post/rds8-add-a-2008-r2-session-host/

          • Jonathan Sills

            Seems that creating a new remote app through powershell works just fine when using UNC path.

            1- Run Powershell as admin
            2- Execute the following command:
            New-RDRemoteApp -CollectionName [collection_name] -DisplayName [remote_app_display_name] -FilePath \\server\share\executable.exe

            Thanks for the PS suggestion!

  • John Panicci

    Great Articles. I have a question about drive redirection of local client drives. I would like to do it by group I would like all domain users to not be able to map local client machine drives and then create a new Ad group and add users to that group that are allowed to map local client machine drivbes in their remoteapp sessions. I know the collection properties has cleint settings, but that only allows you to give access to one group and not deny. I think it may have something to do with Rd CAPs?

  • Stephen N

    So I get that u need to deploy 2012 RDS on a box in a domain. What I dont’ get is why I can only choose Domain User accounts to have access to Published Apps… No local accounts are available for selection – what is the deal with this loss of functionality?

  • Håkan

    How can I publish remoteapps from windwos 2012 in UAG?

  • http://www.herke.nl Rogier

    Great post!
    I have a questions tho about an error I get when publishing a remoteapp that connects to my RDS farm.
    I have setup a RDWeb/GW server, a RDCB/Licensing and two RD session hosts with are loadbalanced. I created a remoteapp that needs to connect to “mstsc.exe /v: rdsfarm.domainname.com”. I create two DNS records for rdsfarm.domainname.com that point to both RD session hosts and round robin is turn on on our DNS servers. When I click the remote app, I succesfully can fill in my username and password but then prompts with this error:

    Remote Desktop Connection cannot connect to the remote computer. The remote computer rdsfarm.domainname.com that you are trying to connect is redirecting you to another remote computer named “hostname session host”. You must use the farm name, not the computername, when you connect to an RD Session Host server farm.

    What do I do wrong?
    Can someone explain how to publish a remoteapp so that users can login to our RD session servers.

  • Sean

    Now I want to see a post on how to integrate into SharePoint 2013

  • http://www.inquis.nl Ferry

    When i press the install button i get a failed message at Remote desktop Services role services, then it says i need to reboot and the whole story begins again. Please help me!

  • Joe

    Wow. Great post. Thank you. My question: If I implement Server 2012 Standard, how many users can connect with RDP at a time? I just need 4 and I’m hoping it will work with the basic installation without any additional CALs.

  • ronny

    sorry but this tutorial is very far from the minimum to be able to work remotapp. After numerous attempts at installing still does not work, works only with authenticated User Domain, or even within the own company works if the computer is not in the ad. It would be very useful for a blog like this remotapp faces the typical problems and issues that do not work. Enough to be annoying tutorials they say – and as easy to do. After more than 40 hours trying to figure things exploding Bin Laden becomes sympathetic.

    • Jonathan Sills-Martel

      Hi Ronny, the prerequisites section is quite clear at the beginning of the tutorial: Have AD and being a member of the domain.
      I have personally set up remote apps running through a vpn and run the apps from a different domain / workgroup and the initial configuration does not include anything else that what’s included in this tutorial. What is needed is a valid DNS and possibly redirect. But these are networking knowledge not being covered here.There are tutorials on how to integrate workgroup user into a domain, but this is not it.
      Yes, login with a domain user is a requirement and it’s all good that way. It’s a question of security. We’re in 2013 and you must expect business features (remote apps) to require business infrastructure (AD).
      P.S. If you have a problem with a configuration, I would recommend asking for help. Detail your situation (maybe it’s a special case to which the tuto you’re reffering to does not apply). If you just complain and insult the tutorial author, your problem will still be there and you possibly won’t be getting any help.
      On this I bid you a good day.

  • Doddsy

    This is fantastic but just ever so shy of what I was hoping for — a step-by-step config or RDS for use in logging in remotely to a 2012 server with the Licensing role installed. I just can’t seem to make this work. I can configure this role and all works well until I’m outside of my 120 day window — then POW! No licensing server is available to allow me to log in remotely. I’ve followed all of these instructions plus activating my License server and installing my 2012 RDS User licenses. In gpedit, I have set the Licensing server to look for itself on localhost, 127.0.0.1, and on its hostname — none of which work outside of 120 days even though the Licensing diagnoser shows that it is configured and sees itself porperly. I’m lost and banging my head against a wall! Any ideas you or anybody else here might share to expand upon what you’ve posted would be greatly appreciated! All the best from San Antonio…

    - Chris Dodds

    • Jonathan Sills-Martel

      Maybe the deployment and the licence don’t use the same licences. I’ve had issues at a client’s who had device cals on the licensing server, but whose deployment was configured to use user cals. The result was the deployment didn’T see any available license…

  • Bruno S. Oliveira

    Nice tutorial. I’m able to run the remoteapps on my debian clients (using rdesktop) but drive redirection won’t work. Is there any policy restricting redirection turned on by default? If yes, what is it?

  • http://www.facebook.com/yinwenx Yinwen Xuan

    Hi there, when I try to do your first step – install remote desktop services installation, it got a message: The local server must be joined to the domain to complete the Remote Desktop Services installation option. what I need to do? please help and Thanks!

  • http://www.facebook.com/yinwenx Yinwen Xuan

    then I install ADDS and create domain for the server, now it can go through, but when I doing the step of deploying RD connection Broker, RD web access and RD session Host, it failed. any idea why please?

  • Chris

    Great post! I wondered if you could help us. We already have port 443 pointing to an apache server and that apache server uses reverse proxy. I have not been able to get the reverse proxy and RDS working together so i need to run RDS on custom ports (webaccess and remote desktop gateway). Any chance you can help with this?
    What i have now is a RDS install accoriding to your post (port 443 for webaccess and RDG). Inside when going to https://192.168.123.xxx/rdweb, i can launch the published apps and everything is working fine. Now, we need to get to webaccess and i assume RDG on a custom port so users on the outside can reach their apps. I would greatly appreciate any help

  • Jakub Faltýnek

    Hi, I have one question. Is there some official way in Windows Server 2012 to allow only run RemoteApp, but not Remote Desktop connection (also disable to run other application from Open dialog box in running RemoteApp)? Thanks.

Categories

 

Get in touch

By Technology

By Solution

By Department

By Industry

You can find us at

Concurrency Building

Concurrency, Inc.
3190 Gateway Road
Brookfield, WI 53045
262.364.5800

 

All rights reserved © 2012

Concurrency

For technical support and additional information: Client Support,
Remote Support, Blog, Contact Us.

Our mission is to help clients increase business productivity and get more value from their IT investments. Let us know your business needs.

Microsoft Partner