Windows Server 2008 R2 : Manage Remote Desktop Services (part 2) - Configure Remote Desktop Gateway, Configure Remote Desktop Connection Broker

3. Configure Remote Desktop Gateway

The RD Gateway component of Remote Desktop Services provides a tool to allow your users to access the RDS server without using a VPN client. After you have installed the role service, then it is just a matter of working with your Connection Authorization Policy (CAP) and Resource Authorization Policy (RAP) to ensure the security of your server.

The Remote Desktop Gateway Manager will allow you to monitor current connections to the service. You can also modify or create new policies; you just need to open the Remote Desktop Gateway Manager:

1. To open the RD Gateway Manager, select Start => Administrative Tools => Remote Desktop Services => Remote Desktop Gateway Manager.

2. In the RD Gateway Manager, click your server, and you will notice a dashboard screen similar to Figure 5. The dashboard allows you an overview picture of what is currently on your server.

3. To view either your CAP or RAP policy, click the + sign next to your server and policies.

4. To modify your existing CAP policies, click Connection Authorization Polices. Click the policy you want to modify and then Properties, located in the right Actions pane.

5. To modify your existing RAP policies, click Resource Authorization Polices. Click the policy you want to modify and then Properties, located in the right Actions pane.

Figure 5. Gateway dashboard

4. Configure Remote Desktop Connection Broker

Remote Desktop Connection Broker provides a valuable role to your Windows Server 2008 R2 RDS components. This service provides the connection "middle man" between Remote Desktop Web Access and the desktop connection for your remote applications and virtual desktops.

To configure the RD Connection Broker server, you will load the Remote Desktop Connection Manager. The configuration settings you will work with are straightforward after you have loaded the tool. You can do this in Server Manager, or you can use its own dedicated tool. You can find the Remote Desktop Connection Manager by selecting Start => Administrative Tools => Remote Desktop Services => Remote Desktop Connection Manager. You will see a screen similar to Figure 6.

One of two major aspects of working with the broker is configuring your RD Web Access servers. The other aspect is configuring Remote Desktop Virtualization Host, which you will see in the next section. To do that, you will need to configure the RD Web Access server. You can add the server manually via the RD Connection Manager tool:

1. To open the RD Connection Manager, select Start => Administrative Tools => Remote Desktop Services => Remote Desktop Connection Manager.

2. Click Add RD Web Access Servers on the Actions pane on the right side of the console window.

3. Enter the FQDN of your RD Web Access server.

4. Click OK.

Figure 6. RD Connection Manager

You can also add the RD Web Access server by adding the computer accounts for those servers to the TS Web Access Computers group located in your Active Directory. When you add the servers to the TS Web Access Computers group, they will automatically be displayed in the tool.

You will also need to configure RemoteApp source servers to make sure connections can be brokered by this service:

1. Open the RD Connection Manager by selecting Start => Administrative Tools => Remote Desktop Services => Remote Desktop Connection Manager.

2. Click Add RemoteApp Source on the Actions pane on the right side of the console window.

3. Enter the FQDN of the server that has the RemoteApp tools configured.

4. Click OK.

This will enable RDS components like RD Web Access to provide applications through the RD Connection Broker.