There are many misconceptions about Remote Desktop Web Access in Windows Server 2008 R2. Many administrators assume...
that the service -- formerly Terminal Services Web Access -- provides full access to a remote desktop or an application through a Web browser. But this is only partially true.
More on Terminal Services and RDS
Once the Internet connection is established, the icons for remote applications are displayed through a browser window. These applications depend on the Remote Desktop client, which automatically engages when the user double-clicks the app's icon. Since Version 6.1 of the Remote Desktop client is required, Remote Desktop Web Access can't run Windows apps on non-Windows systems.
The deployment process
Since the Remote Desktop Web Access server is simply a gateway to Remote Desktop Services, there are no complex configuration tasks. Once a connection is established, the Remote Desktop Session Host and the Remote Desktop Connection Broker do most of the work.
To deploy Remote Desktop Web Access:
- Open the Server Manager, and click Add Roles.
- In the Add Roles Wizard, click Next to bypass the Welcome screen.
- Select the roles you want to install -- in this case, Remote Desktop Services -- and click Next.
- An introductory screen for Remote Desktop Services appears. Click Next to bypass this screen.
- Select which Remote Desktop component you want to install -- Remote Desktop Web Access -- and Windows will inform you that Internet Information Services (IIS) must also be installed. Click Add Required Role Services, and then click Next.
- The next screen introduces you to IIS. Click Next.
- You will be asked which IIS role services you want to install. Click Next to accept the default selections.
- Confirm that the correct role services are selected, and click Install.
- When the installation process completes, click Close.
Additional configuration tasks
The steps above will install all the required role services onto your Remote Desktop Web Access server. However, there are several more things you should do before allowing users to access the new server.
First, configure the server to use a static IP address. While a public IP address is preferable, you can use a private one as long as you direct inbound HTTP traffic to the server. For example, you could use your firewall's port-forwarding feature for this purpose.
Although it is not required, providing your Remote Desktop Web Access server with an x.509 certificate is important. This allows you to enable Secure Sockets Layer encryption, which ensures that data sent between the user and the Web server is encrypted.
Remote Desktop Web Access services is not a cross-platform solution that allows users to run hosted applications through a Web browser, but it does provide an easy way to access to Remote Desktop Services across the Internet.
ABOUT THE AUTHOR
Brien M. Posey, MCSE, has received Microsoft's Most Valuable Professional Award four times for his work with Windows Server, IIS and Exchange Server. He has served as CIO for a nationwide chain of hospitals and health care facilities and was once a network administrator for Fort Knox. You can visit his personal website at www.brienposey.com.