none
How can a user that uses a Remote Deskop Gateway reset their password if it expired? RRS feed

  • Question

  • Right now when a Remote Desktop Gateway user's password expires, the gateway server does not prompt them to change it. Instead, it just doesn't allow them to connect to their machine.

    How can a remote user reset their expired password if they use a Remote Desktop Gateway to initiate the remote session?

    Wednesday, August 27, 2014 5:19 PM

Answers

  • you would need to make rdweb available to the internet via port 443, I believe after the user hits the page and wants to launch remoteapps, that's where rdgateway comes in but they don't really depend on each other

    unless you have VPN available, in which case you can just have rdweb internal

    you can either have the users use rdweb strictly for changing their passwords or as a replacement for your external rdgateway all together - in either case you're exposing one component on the internet

    a lot of people use reverse proxies for additional security

    Thursday, August 28, 2014 5:18 PM
  • Hi,

    Thank you for posting in Windows Server Forum.

    Agree with the words of armin, it depends on specific needs. But yes, we can access RD Web through the usage of RD Gateway. To allow users to access the RD Web Access server from the Internet, you can also deploy RD Gateway. A recommended configuration is to place both the RD Gateway server and the RD Web Access server in the perimeter network, with the Remote Desktop Session Host (RD Session Host) servers that host RemoteApp programs behind the internal firewall.

    We can follow below article for information.
    Checklist: Make RemoteApp Programs Available from the Internet
    http://technet.microsoft.com/en-in/library/cc772415.aspx

    Hope it helps!

    Thanks.

    Dharmesh Solanki

    Friday, August 29, 2014 6:30 AM
    Moderator
  • Hi,

    Just to extend on Armin's points,

    If VPN access would be available, using AD authentication would still not allow you access if the password needs changing. If using a VPN, you would not need a gateway as you will connect to the LAN in most instances.

    The RDWeb site would need to be used in conjunction with the gateway if you are not using a VPN. The RDWeb and Gateway Roles can be installed on the same server simplyfing the deployment.

    As Armin has suggested, i would recommend that you look at Password reset from the RDWeb interface or look at a identity management product Like FIM 2010 R2 which provided a Password reset feature that can be published exernally.

    Best regards,


    Ryan Mangan | Ryanmangansitblog.wordpress.com | Help keep the forums tidy, if this has helped please mark it as an answer

    Tuesday, September 2, 2014 10:35 AM

All replies

  • it's not supported

    people usually work around it by having users login to rdweb or OWA or whatever other online interface that lets the user change their expired password and then log back in to rdgw

    Wednesday, August 27, 2014 6:29 PM
  • Is there a way to access RDWeb via RD Gateway? Or does RDWeb have to be exposed directly to the internet?

    thanks

    Thursday, August 28, 2014 3:51 PM
  • you would need to make rdweb available to the internet via port 443, I believe after the user hits the page and wants to launch remoteapps, that's where rdgateway comes in but they don't really depend on each other

    unless you have VPN available, in which case you can just have rdweb internal

    you can either have the users use rdweb strictly for changing their passwords or as a replacement for your external rdgateway all together - in either case you're exposing one component on the internet

    a lot of people use reverse proxies for additional security

    Thursday, August 28, 2014 5:18 PM
  • Hi,

    Thank you for posting in Windows Server Forum.

    Agree with the words of armin, it depends on specific needs. But yes, we can access RD Web through the usage of RD Gateway. To allow users to access the RD Web Access server from the Internet, you can also deploy RD Gateway. A recommended configuration is to place both the RD Gateway server and the RD Web Access server in the perimeter network, with the Remote Desktop Session Host (RD Session Host) servers that host RemoteApp programs behind the internal firewall.

    We can follow below article for information.
    Checklist: Make RemoteApp Programs Available from the Internet
    http://technet.microsoft.com/en-in/library/cc772415.aspx

    Hope it helps!

    Thanks.

    Dharmesh Solanki

    Friday, August 29, 2014 6:30 AM
    Moderator
  • Hi,

    Just to extend on Armin's points,

    If VPN access would be available, using AD authentication would still not allow you access if the password needs changing. If using a VPN, you would not need a gateway as you will connect to the LAN in most instances.

    The RDWeb site would need to be used in conjunction with the gateway if you are not using a VPN. The RDWeb and Gateway Roles can be installed on the same server simplyfing the deployment.

    As Armin has suggested, i would recommend that you look at Password reset from the RDWeb interface or look at a identity management product Like FIM 2010 R2 which provided a Password reset feature that can be published exernally.

    Best regards,


    Ryan Mangan | Ryanmangansitblog.wordpress.com | Help keep the forums tidy, if this has helped please mark it as an answer

    Tuesday, September 2, 2014 10:35 AM