none
RDS 2012 R2 Gateway two RD SH collection not authorize for application RRS feed

  • Question

  • I have following setup :

    I have following setup :

    One RDS GW server based on windows 2012 R2

    Two RDS CB (HE) and  two  RDS WEB servers  ( NLB).

    I have  two RDS SH collections  Exchange  has two distinguished application published..  RD WEB applications are publish, and setup to be available through RD GW.

     Let Say following applications are published through RD WEB :

    Application Notepad :  Available on both RD SH collections.

    Application Calc :  Available on both RD SH collections.

    Application A : available only on  RD SH A Collection.

    Application B : available only on RD SH B Collection.

     

    Situation is following :

    I access RD Web portal remotely. I can not use direct RDP protocol.  I open application on RDWeb  like Notepad  on   RD  SH A collection.  The I  open  another application calc published  on RD SH B collection, but it open it on RD SH A collection. But I have explicitly  click on  CACL published on RD SH B.

    Now if I try to open application B, it will not open it, and it will say that I’m not authorized.

    We can revers process and try cith application on  RD SH collection B; and  I will not be able to open application exclusively published on   RD SH Collection A.

    But if I save RDP file,  and  modify that connection string, that does not use Connection broker and connect directly to RD SH server through GW, it work.

    Thursday, March 5, 2015 9:37 AM

Answers

  • Why ?

    Two reasons:

    1. It will solve the issue you are describing.

    2. When the server is 2012 R2, you should be using RDP 8.1 capable client devices, and if not that then RDP 8.0 capable clients will be almost as good.

    -TP

    Monday, March 9, 2015 4:32 PM
    Moderator

All replies

  • Has the user access to the RD Collection B? You have to have access first to CollectionB and then limit the remoteapp access per application.
    Friday, March 6, 2015 10:45 AM
  • Yes user has access to both collection.

    He can open  published application on RD SH B »Application B : available only on RD SH B Collection«. Then user logoff, from all application. I check, if there is any open  connection on RD GW, and RD SH servers, and terminate dose  connection.

    Then user open application B »Application A : available only on  RD SH A Collection” It  opens that  application.

    I can  open application “Application Calc :  Available on both RD SH collections.« , but it will open it  on RD SH A, regarding if i  specifically chose  Application CALC   in RDWEB for  RD SH B. AND NOW if i  try to open Application B : available only on RD SH B Collection, i get error, that i`m not authorize, and can not open that application. If that application was installed and not published od  RD SH A; it would open it.

    Upper symptoms, do not appears, if i bypass  RD GW or use rdp file, that connect through RD GW; to application on specific host…

    Friday, March 6, 2015 11:20 AM
  • Do you have two different collections or two different Servers? I did not understand that from your description.

    It sounds like you have two servers and not two collections from what I understood.

    Friday, March 6, 2015 11:31 AM
  • have two RD SH Colections :

    -          RD SH Collection A

    -          RD SH Collection B

     

    I have  set of  RD SH servers:

    -          X RD SH servers  that belongs to RD SH Collection A

    -          Y RD SH servers  that belongs to RD SH Collection A

     

    I have set of common aplications, that is published on both  RD SH Collection (RD SH Collection A & RD SH Collection B )

    Mentioned applications are exclusively  install  on each own RD SH Collection :

    -          I have set  of applications, that are installed only on  servers  “X RD SH servers  that belongs to RD SH Collection A“ belongs  to Collection RD SH Collection A .

    -          I have set  of applications, that are installed only on  servers  “X RD SH servers  that belongs to RD SH Collection B “ belongs  to Collection RD SH Collection B .

     

    Same user can  Access ALL palliations that are published through RD WEB.  It can Access those applications simultaneous,   Sa he can access  application at the same time, that are exclusively installed  only on One or other RD SH Collection.

     

    Now we introduce RD GW. So  any applications he access through RD Web , he must go through RD GW.  Location  from where he access RD WEB and RD GW is irelavent !

    When he connect  through RD Web he can access following applications :

    -          Set of common aplications, that are installed on both  RD SH Collections

    -          Set Of application installed only on RD SH collection A or RD SH collection B. HE can not Access both  applications .

    To simulate these :

    -          Open  Application published through RD WEB  on RD SH Collection A.

    -          Open any Common applications, published o any RD SH collections. BUT  ALL WILL BE OPENED ON RD SH Collection A SERVERS!!!!!!!!!

    -          FAILED :He can Not open ANY applications published exclusively on RD SH Collection B.

    -          RDP file, where I remove  RD CB and replace RD CB server with one Server, that belongs to Servers in RD SH Collection B. Connect successfully.

    We can simulate same situation, when first connection targeted to RD SH collection B. 

    PS : And one server can not belongs to two RD SH collections.

    Friday, March 6, 2015 12:16 PM
  • Hi,

    Please make sure the client PC has mstsc.exe version 6.2.9200 (RDP 8.0) or 6.3.9600 (RDP 8.1) installed.

    Thanks.

    -TP

    Saturday, March 7, 2015 6:57 AM
    Moderator
  • Why ?
    Saturday, March 7, 2015 7:41 AM
  • Hi,

    As new version of RDP contains extra features and functionality as to remote connect server 2012\R2 because this is highly recommended. 
    http://support.microsoft.com/kb/2923545

    Thanks for your understanding and Support!

    Regards.

    Dharmesh Solanki

    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.

    Monday, March 9, 2015 1:37 AM
    Moderator
  • Why ?

    Two reasons:

    1. It will solve the issue you are describing.

    2. When the server is 2012 R2, you should be using RDP 8.1 capable client devices, and if not that then RDP 8.0 capable clients will be almost as good.

    -TP

    Monday, March 9, 2015 4:32 PM
    Moderator
  • But i have RDP client 8.1 installed. And problem occurs only  when going through  RDGW.

    Tuesday, March 17, 2015 8:12 AM