How to Enable or Disable Remote Desktop via Group Policy

There are two ways to enable or disable Remote Desktop on a Machine

You can use Group Policy setting to (enable or disable) Remote Desktop
  1. Click Start – All programs – Administrative Tools – Group Policy Management.
  2. Create or Edit Group Policy Objects.
  3. Expand Computer Configuration – Administrative Templates – Windows Components – Remote Desktop Services – Remote Desktop Session Host – Connections.
  4. Allow users to connect remotely using Remote Desktosample-0p Services (enable or disable)

 

 

 

 

Continue reading How to Enable or Disable Remote Desktop via Group Policy

How to Enable or Disable Remote Desktop via Group Policy

There are two ways to enable or disable Remote Desktop on a Machine

You can use Group Policy setting to (enable or disable) Remote Desktop
  1. Click Start – All programs – Administrative Tools – Group Policy Management.
  2. Create or Edit Group Policy Objects.
  3. Expand Computer Configuration – Administrative Templates – Windows Components – Remote Desktop Services – Remote Desktop Session Host – Connections.
  4. Allow users to connect remotely using Remote Desktosample-0p Services (enable or disable)

 

 

 

 

Continue reading How to Enable or Disable Remote Desktop via Group Policy

Sign your .rdp file

Hi all,

You can use a digital signature to sign .rdp files. When you sign rdp files with trusted certificates, your clients can verify that important settings such as which server to connect to haven’t changed since the creation of the rdp file.
This enables clients to recognize your organization as the source of the RemoteApp program or the remote desktop connection, and allows them to make more informed trust decisions about whether to start the connection.

So what do you have to do to sign a .rdp file?

First: Create your .rdp file

Second: Get your certificate’s thumbprint

Third: Sign your .rdp file by using rdpsign.exe

Continue reading Sign your .rdp file

Change RDP name in the RDWA

Trough this script you can change the RDP name that is published in the Remote Desktop Web access:

You can change this setting trough changing the registru key:
[shell]
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionTerminal ServerTSAppAllowListRemoteDesktopsTSRemoteDesktop
[/shell]

Or running the wmic command:
[shell]
wmic /namespace:\rootCIMV2TerminalServices PATH Win32_TSRemoteDesktop Set Name=”Remote Desktop Name”
[/shell]

RDP Settings for Remote Desktop Services in Windows Server 2008 R2

When you use the Remote Desktop Connection (RDC) client software to connect to a remote computer, a Remote Desktop Protocol (.rdp) file is created on the client computer. By default, a file named default.rdp is created in your My Documents folder the first time you use RDC to connect to a remote computer.

You can save .rdp files with different settings if you connect to multiple remote computers.

You can configure many of the connection settings by using Options in RDC. Some settings can only be configured by editing the .rdp file in a text editor, such as Notepad. Continue reading RDP Settings for Remote Desktop Services in Windows Server 2008 R2

WS2008 R2: Terminal Server Session Broker Overview

Terminal Server Session Broker (TS Session Broker) is a role service in Windows Server 2008 that allows a user to reconnect to an existing session in a load-balanced Terminal Server farm.  As with the Session Directory service on Windows Server 2003, TS Session Broker stores session state information that includes Session ID’s and their associated user names, as well as the name of the server where each session resides.  Installation of the TS Session Broker role service installs and starts the TS Session Broker service (tssdis.exe).

Windows Server 2008 introduces a new session management feature – TS Session Broker Load Balancing (SBLB).  This feature enables you to distribute the session load between servers using DNS round robin.  This solution is easier to deploy than Windows Network Load Balancing (NLB).  To participate in TS Session Broker load balancing, the TS Session Broker Server and the Terminal Servers in the farm must be running Windows Server 2008 Standard, Enterprise or Datacenter Editions.  Windows Server 2008 servers can join a Windows Server 2003 Session Directory farm.  Issues around providing a consistent user experience between different server versions are apparent.  However, from a brokering technology perspective, this is seamless to the end user.  Windows 2003 Terminal Servers can also join a Windows Server 2008 Session Broker farm – however, in order to use the Session Broker Load Balancing feature, all of the servers in the farm must be running Windows Server 2008.

Let’s briefly go over some of the architecture pieces of Terminal Server Session Broker – specifically the Jet Database on the Session Broker Server and the re-vectoring logic used by Terminal Servers participating in the Session Broker farm that ensures that a client is redirected to the proper node.  The Session Broker stores session state information in a Jet database.  This database (tsesdir.edb) is located on the machine running the TS Session Broker Service in the %systemroot%system32tssesdir.  To change the location of the database, you will need to modify the location by using the registry.  The appropriate registry key is: HKLMSystemCurrentControlSetServicesTssdisParameters.  Select the WorkingDirectory value and modify the database location as needed.  Once you specify a different path, you will need to restart the TS Session Broker service for the changes to take effect.  Once the service is restarted the database is created in the path you specified in the registry.  In addition, the tssdis.log file is also created in this folder.

Continue reading WS2008 R2: Terminal Server Session Broker Overview

Add a new Remote Desktop App

With this script you can add a new RDS App trough powershell:

Download: RDSRemoteApp.psm1

Place the file in: “C:WindowsSystem32WindowsPowerShellv1.0Modules”

[ps]
$Alias=””
$Applicationpath=””
$Displayname=””
$ShowinRDWebAccess=””
$UserAssignment=””

Set-ExecutionPolicy remotesigned
Import-Module RDSRemoteApp
New-RDSRemoteApp -Alias $Alias -Applicationpath $Applicationpath -Displayname $Displayname -ShowinRDWebAccess $ShowinRDWebAccess -UserAssignment $UserAssignment
[/ps]