Installing the Desktop Experience feature on Windows Server 2012 R2

If using Windows Server 2012 R2 as a remote desktop session host, for hosting server based user desktops, you can add the Desktop Experience feature using the Server Manager, Add Roles and Features Wizard:

DesktopExperience

This is required in order to run some programs (e.g. Onenote), and will also add the Windows Store tile.

store

Users can then sign in to the store and install other apps, e.g. the Mail app.

mail

Unfortunately you cannot publish Modern/Metro apps as RemoteApps, but users with a full desktop can run them. Hopefully they will not try and install Halo! You could also disable access to the store using a GPO: Computer Configuration – Policies – Administrative Templates – Windows Components – Store. Note that you need to do this on a server with the Desktop Experience feature installed.

Using the ‘Connect to a remote PC’ page in RDWeb Remote Desktop Web on Windows Server 2012

The Remote Desktop web site, which is a component of Remote Desktop Services in Windows Server 2012 and 2008, has a page called ‘Connect to a remote PC’.

rdweb_small

This page will allow you to connect to servers or computers behind your Remote Desktop Gateway server, which is a handy feature if users need to connect to a full remote desktop behind the gateway, rather than just a remote app. This will also allow you to connect to your servers on an internal network directly, even if you are behind a web proxy server, so can be useful for remote management purposes when connected to a corporate network.

However, by default, this page will only allow you to connect to local resources, and will not use the gateway server.

To fix this, you need to make a change in IIS:

  • On your RD Web Access server, open IIS Manager
  • In the left pane, navigate to and Sites\Default Web Site\RDWeb\Pages
  • In the middle pane, double-click on Application Settings
  • Double-click on DefaultTSGateway and enter the external FQDN of your RD Gateway
  • Refresh the RDWeb page on the client and then test using an external client

IIS

Now, to connect to other machines on your network other than ones already in your RDSH farm, you also need to modify the RD Gateway policies to allow you to connect to those other resources. You probably already have an AD group configured in your RD Gateway policies, and you can just add to this group, but in case you don’t then can configure this as follows:

  • Create a new group in AD called e.g. SERVERNAME RD Gateway allowed servers, where SERVERNAME is the name of your RD Gateway server.
  • Add all the servers that you want to be able to connect to into this group. For a start this should include all of your RDSH servers, but you can also add other Windows servers on the network.
  • Open RD Gateway Manger (in the Tools/Terminal Services menu in the Server Manager in 2012), expand Policies, and click on the Resource Authorization Policy
  • On the Network Resource tab, change the AD group to SERVERNAME RD Gateway allowed servers
  • Note that you could also do this using an RD Gateway-managed group if you are using that feature

RAP

You will now be able to connect to any servers that are a member of this group using the ‘Connect to a remote PC’ page in RDWeb. You should be able to use the internal NETBIOS name of the servers, no need to use the FQDN.