Remote Desktop Web Access (RDWA) : customize RDP file on server-side to use IP address instead of FQDN

The title of this post could be ‘Remote Desktop Services – RD Web Access workaround for external access’ as well. Since I wanted to keep this blog as second in series to my previous blog, hence the title…
This blog is in continuation of my previous blog ‘Remote Desktop Connection: quick way to customize RDP file‘ in which I wrote quick and dirty way to customize an RDP file (.rdp) as per your requirement. Usually, when we work in our lab with AD/DNS/DHCP internally accessible, we sometimes need to run certain tests from outside/public network(internet). During those scenarios, we need to ensure the communication between various components in a setup takes place with IP address instead of host-names and/or fully qualified domain name. 
Having said that, over the weekend I was testing Remote Desktop Session Host (RDSH) and Remote Desktop Virtualization Host (RDVH) aka VDI in my lab. That’s when I had to spent several hours to find a way to force the RDP file generated automatically from a click on an application or pooled desktop on the RD Web Access(RDWA) portal to use IP address instead of the RDWA hostname or FQDN.
Scenario
RDVH installed on a physical machine. RDCB+RDWA+RDSH roles/services are running on a single Virtual machine. RemoteApp programs are installed on virtual machine. And the pooled virtual desktops are provisioned on the physical machine. 
rdwa5Therefore two URLs for RD Web Access. Say if physical machine is 192.168.0.1 and virtual machine is 192.168.0.2, then the RDWeb access URLs are:
https://192.169.0.1/RDWeb (this is for VDI)
https://192.169.0.2/RDWeb (this is for RemoteApp (aka XenApp in Citrix))
Accessing this environment within the same lab network (192.168.x.x) worked fine, but when I tried to access it internal LAN or VPN tunnel failed to connect to the resources. When you go to https://192.168.0.1/RDWeb and login using your domain credentials, next page enumerates all your resources – apps and desktops. You click on one of the resources and it pops up the typical RDP window with yellow header, click Connect and next this happens is ‘starting….’ and then throws the error “The remote computer could not be found….”. Below are the events/errors that may pop up on your screen: 
rdwa3
 rdwa2
 
 
 
 
 
 
 
 
Cause
This was because the \ file (.rdp) that is generated when clicking on the resource (app/desktop) contains the RDSH or RDVH hostnames. The hostname fails to resolve the IP address.
Solution
Workaround on Client-side
Note: As noted in the host file, “This file contains the mappings of IP addresses to host names. Each entry should be kept on an individual line. The IP address should be placed in the first column followed by the corresponding host name.The IP address and the host name should be separated by at least one space. Additionally, comments (such as these) may be inserted on individual lines or following the machine name denoted by a ‘#’ symbol”
The workaround on client-side (end user laptop/desktop) is to modify C:\Windows\System32\drivers\etc\hosts file to add the below entries (in this example):
192.168.0.1 rdvh.domain.com
192.168.0.2 rdsh.domain.com
But this needs to be done by every user who wants to test/connect to the RDS environment which becomes tedious when there are many users, can be seen as a workaround for few users(say 1-4)
Workaround on server-side
Note: This involves registry modification hence use at your own risk. Ensure you take backup of the registry before you modify the registry
Modify registry RDPFileContents value for Remote Desktops aka virtual machine-based deployments aka VDI
RDP to the RDVH server (physical with Hyper-V), open registry (run > regedit) , navigate to the following location:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Terminal Server\CentralPublishedResources\PublishedFarms\<VDI_Collection_pooleddesktop_name>\QuickSessionCollection\<VDI_Collection_pooleddesktop_name>
rdwa7
 
 
 
 
 
 
 
 
 
 
Under the Pooled Desktop container, on right panel, right-click RDPFileContents > select Modify and replace the following:
fulladdress:s:RDVH.DOMAIN.COM
replace with the IP address as shown below
fulladdress:s:192.168.0.1
Below is the sample of a RDPFileContents post the change
redirectclipboard:i:1redirectprinters:i:1redirectcomports:i:0redirectsmartcards:i:1devicestoredirect:s:*drivestoredirect:s:*redirectdrives:i:1session bpp:i:32prompt for credentials on client:i:1server port:i:3389allow font smoothing:i:1promptcredentialonce:i:0videoplaybackmode:i:1audiocapturemode:i:1gatewayusagemethod:i:0gatewayprofileusagemethod:i:1gatewaycredentialssource:i:0full address:s:192.168.0.1workspace id:s:RDVH.DOMAIN.COMuse redirection server name:i:1loadbalanceinfo:s:tsv://VMResource.1.iTapw7_VDIuse multimon:i:1
Modify registry CustomRDPSettings  value for RemoteApp or published applications
RDP to the RemoteApp server, open registry (run > regedit) , navigate to the following location:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Terminal Server\CentralPublishedResources\PublishedFarms\QuickSessionCollection\Applications
rdwa6
Under Applications, highlight each application, on the right panel, right-click RDPFileContents > select Modify and replace the following:
fulladdress:s:RDSH.DOMAIN.COM
replace with the IP address as shown below
fulladdress:s:192.168.0.2
Below is the sample of a RDPFileContents post the change
redirectclipboard:i:1redirectprinters:i:1redirectcomports:i:0redirectsmartcards:i:1devicestoredirect:s:*drivestoredirect:s:*redirectdrives:i:1session bpp:i:32prompt for credentials on client:i:1spanmonitors:i:1use multimon:i:1remoteapplicationmode:i:1server port:i:3389allow font smoothing:i:1promptcredentialonce:i:0videoplaybackmode:i:1audiocapturemode:i:1gatewayusagemethod:i:0gatewayprofileusagemethod:i:1gatewaycredentialssource:i:0full address:s:192.168.0.2alternate shell:s:||Calculatorremoteapplicationprogram:s:||Calculatorremoteapplicationname:s:Calculatorremoteapplicationcmdline:s:workspace id:s:RDSH.DOMAIN.COMuse redirection server name:i:1loadbalanceinfo:s:tsv://MS TerminalServices Plugin.1.QuickSessionCollection
 Reference About Microsoft Remote Desktop Services
Remote Desktop Services, formerly Terminal Services, is a server role in Windows Server that provides technologies that enable users to access session-based desktops, virtual machine-based desktops, or applications in the data center from both within a corporate network and from the Internet.
rdwa4
This blog has really helped me in my lab work. Kudos to Shannon Fritz ! I would recommend you to read before you try out your POC on RDS deployment. As stated in his blog:
“There are three fundamental roles to an RDS deployment:
RDCB – Remote Desktop Connection Broker. This is the “hub” of the RDS environment. It ensures that all user connections that are established to the various Session Hosts are maintained through disconnects and reconnects and play a key role in simplifying the single sign on experience 
RDWA – Remote Desktop Web Access. A web site that simply hosts the list of available resources that can be reached through RDS. It also hosts an RSS feed that can be used in various places. 
RDSH – Remote Desktop Session Host. The server that actually runs the user processes. This is what people sometimes refer to as a Terminal Server, although that term has officially been depreciated. When a user runs a RemoteApp or connects to a Desktop, it’s running on a Session Host.
 
In addition to those three, there are a couple other roles that you can deploy to add more functionality:
RDGW – Remote Desktop Gateway. Another web site that is actually used as a way of tunneling RDP traffic over HTTPS to allow users who are outside the corporate network to gain access to internal resources. I usually like to co-locate this role on the RDWA server, and I end up referring to RDGW as the “Gateway and Web server”. 
RDVH – Remote Desktop Virtualization Host. A new role for Windows Server 2012, this is a physical server running Hyper-V and is used to deploy and manage Virtual Machines for VDI. 
RDLI – Remote Desktop Licensing. Installing RDS will give you 120 days to try it out, but if you decide to keep it you’ll need to get licensing from Microsoft, and the license key gets installed on the RDLI server. I usually like to co-locate this role on the RDCB. 
Many of these roles can be co-located so you can have one server operating many of the roles, or you can deploy a new server for each one.  The only role that requires a physical server is the RDVH because that is a Hyper-V Host.”
 
Advertisements

About cloudray

Predominantly based around Virtualization, but will include other technology related information and anything else I find interesting and feel the need to share with you. I also use this Blog as both a place to store useful information that I think that will come in handy to me at some point in the future, and also a place to help aid my learning. I find a great way to learn about something is to research about it and then write it up in my own words. I'm Pushpal Ray, from India. As a certified VCP3/4/5 professional, I am currently working as an Independent Consultant. Over 10 years of IT-industry experience, currently focused around the Desktop Virtualization(End-User Computing). I also have extensive experience in Windows Administration, Datacenter Migration, Workload profiling & benchmarking. At my leisure, I enjoy hiking, running, photography, spend hours in my fav coffee shop & spend quality time with my wife. Occasionally, catch up with few friends for a drink!
This entry was posted in Enterprise Virtualization and tagged . Bookmark the permalink.

One Response to Remote Desktop Web Access (RDWA) : customize RDP file on server-side to use IP address instead of FQDN

  1. you are my master! thanks a lot!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s