Remote Desktop Gateway on Windows Server 2012 R2 and IPAD

-

hi guys,

would love issue been struggling couple of days now.

i have rds 2012 r2 gateway configured , works great windows clients both internal , external communication. problems comes when want use  ipad apple. installed latest rd client microsoft , works great internal network device moved external network client error while connecting. gateway located in domain network.

the error “failed parse authorization challenge”,

this see in log file rd client.

[2014-mar-06 16:53:49] rdp (0): --- begin interface list ---
[2014-mar-06 16:53:49] rdp (0): lo0 af=18  addr= netmask=
[2014-mar-06 16:53:49] rdp (0): lo0 af=30 (af_inet6)  addr=::1 netmask=ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
[2014-mar-06 16:53:49] rdp (0): lo0 af=2 (af_inet)  addr=127.0.0.1 netmask=255.0.0.0
[2014-mar-06 16:53:49] rdp (0): lo0 af=30 (af_inet6)  addr=fe80::1%lo0 netmask=ffff:ffff:ffff:ffff::
[2014-mar-06 16:53:49] rdp (0): pdp_ip0 af=18  addr= netmask=
[2014-mar-06 16:53:49] rdp (0): pdp_ip0 af=2 (af_inet)  addr=10.25.216.171 netmask=255.255.255.255
[2014-mar-06 16:53:49] rdp (0): pdp_ip1 af=18  addr= netmask=
[2014-mar-06 16:53:49] rdp (0): pdp_ip2 af=18  addr= netmask=
[2014-mar-06 16:53:49] rdp (0): pdp_ip3 af=18  addr= netmask=
[2014-mar-06 16:53:49] rdp (0): pdp_ip4 af=18  addr= netmask=
[2014-mar-06 16:53:49] rdp (0): en1 af=18  addr= netmask=
[2014-mar-06 16:53:49] rdp (0): ap1 af=18  addr= netmask=
[2014-mar-06 16:53:49] rdp (0): en0 af=18  addr= netmask=
[2014-mar-06 16:53:49] rdp (0): awdl0 af=18  addr= netmask=
[2014-mar-06 16:53:49] rdp (0): --- end interface list ---
[2014-mar-06 16:53:49] rdp (0): not using proxy
[2014-mar-06 16:53:49] rdp (0): protocol state changed to: protocolconnectingnetwork(1)
[2014-mar-06 16:53:54] rdp (0): resolved 'mb-rds-01.contoso.local' 'error: unable connect remote pc. please provide fully-qualified name or ip address of remote pc, , try again.' using nameresolvemethod_unknown(0)
[2014-mar-06 16:53:54] rdp (0): error message: unable connect remote pc. please provide fully-qualified name or ip address of remote pc, , try again.(phase: 0, type: 0, reason: 0, systemcode: 0, systemmessage: )
[2014-mar-06 16:53:54] rdp (0): protocol state changed to: protocoldisconnected(8)
[2014-mar-06 16:53:54] rdp (0): final rdp configuration used: {
    activeusername = " contoso\\user01";
    arctimeout = 1800;
    cacheid = 12bf328dd1c8b841;
    certificatesuseredirectname = 1;
    configurationversion = 8;
    font = 1;
    gatewayid = f2ee288cd1c8b841;
    gatewaymode = 2;
    gwautodetectstate = kconnectiongwautodectedforcegw;
    host = "mb-rds-01.contoso.local";
    label = "murbiten - terminal server";
    loadbalanceinfo = "tsv://ms terminal services plugin.1.contoso_-_termi";
    mousemode = "-1";
    port = 3389;
    temporary = 1;
    type = rdp;
    usealt = 0;
    utilitybar = "-1";
    webfeedversion = "windows 2008 r2 or newer";
}{
    connections =     (
        f4bf288cd1c8b841,
        12bf328dd1c8b841
    );
    host = "remote.customer.com";
    id = f2ee288cd1c8b841;
    port = 443;
    temporary = 1;
    type = rdp;
}{
    kcfproxytypekey = kcfproxytypenone;
}
[2014-mar-06 16:53:54] rdp (0): --- begin interface list ---
[2014-mar-06 16:53:54] rdp (0): lo0 af=18  addr= netmask=
[2014-mar-06 16:53:54] rdp (0): lo0 af=30 (af_inet6)  addr=::1 netmask=ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
[2014-mar-06 16:53:54] rdp (0): lo0 af=2 (af_inet)  addr=127.0.0.1 netmask=255.0.0.0
[2014-mar-06 16:53:54] rdp (0): lo0 af=30 (af_inet6)  addr=fe80::1%lo0 netmask=ffff:ffff:ffff:ffff::
[2014-mar-06 16:53:54] rdp (0): pdp_ip0 af=18  addr= netmask=
[2014-mar-06 16:53:54] rdp (0): pdp_ip0 af=2 (af_inet)  addr=10.25.216.171 netmask=255.255.255.255
[2014-mar-06 16:53:54] rdp (0): pdp_ip1 af=18  addr= netmask=
[2014-mar-06 16:53:54] rdp (0): pdp_ip2 af=18  addr= netmask=
[2014-mar-06 16:53:54] rdp (0): pdp_ip3 af=18  addr= netmask=
[2014-mar-06 16:53:54] rdp (0): pdp_ip4 af=18  addr= netmask=
[2014-mar-06 16:53:54] rdp (0): en1 af=18  addr= netmask=
[2014-mar-06 16:53:54] rdp (0): ap1 af=18  addr= netmask=
[2014-mar-06 16:53:54] rdp (0): en0 af=18  addr= netmask=
[2014-mar-06 16:53:54] rdp (0): awdl0 af=18  addr= netmask=
[2014-mar-06 16:53:54] rdp (0): --- end interface list ---
[2014-mar-06 16:53:54] rdp (0): not using proxy
[2014-mar-06 16:53:54] rdp (0): protocol state changed to: protocolconnectingnetwork(1)
[2014-mar-06 16:53:54] rdp (0): resolved 'remote.customer.com' '194.71.11.69' using nameresolvemethod_unknown(0)
[2014-mar-06 16:53:54] rdp (0): resolved 'remote.customer.com' '194.71.11.69' using nameresolvemethod_unknown(0)
[2014-mar-06 16:53:54] rdp (0): exception caught: exception in file '/users/build/jenkins/workspace/rc-ios-develop/protocols/rdp/librdp/librdp/private/httpendpoint.cpp' @ line 346
    user message : failed parse authorization challenge
[2014-mar-06 16:53:54] rdp (0): exception caught: exception in file '/users/build/jenkins/workspace/rc-ios-develop/protocols/rdp/librdp/librdp/private/httpendpoint.cpp' @ line 346
    user message : failed parse authorization challenge
[2014-mar-06 16:53:54] rdp (0): error message: failed parse authorization challenge(phase: 0, type: 0, reason: 0, systemcode: -1, systemmessage: )
[2014-mar-06 16:53:54] rdp (0): protocol state changed to: protocoldisconnecting(7)
[2014-mar-06 16:53:54] rdp (0): protocol state changed to: protocoldisconnected(8)
[2014-mar-06 16:53:54] rdp (0): ------ end active connection ------

en → en
authorization

adam bokiniec

hi jeremy,

i found solution, effort. solutions following.

first thing needs done either solution options below, did solution 1 in case , added nps server ad. (https://blogs.technet.com/b/networking/archive/2010/01/14/remote-desktop-gateway-client-fails-authentication-with-your-user-account-is-not-authorized-to-access-the-rd-gateway.aspx)

solution 1

register nps server in active directory:

in server manager, browse following location: roles\network policy , access services\nps (local).

right click on nps (local) node , choose register server in active directory.

click ok authorize server when prompted.

solution 2

open active directory users , computers on domain controller of same domain remote desktop gateway.

add computer name of remote desktop gateway ras , ias servers group.

situation b

restart rds host , gateway server.

secondly , important configure alternate address match public certificate. public certificate cname “remote.domain.se”.

all commands need run administrator in powershell

to show current configuration run following commands:

collectionname collection name created rds deployment.

to collection name type

get-rdsessioncollection

when got collection name type

get-rdsessioncollectionconfiguration -collectionname "rds - terminal server" | fl *

the default configuration this:

customrdpproperty     : use redirection server name:i:1

no add public domain name match certificate run following command

set-rdsessioncollectionconfiguration –collectionname " rds - terminal server " -customrdpproperty "use redirection server name:i:1 `n alternate full address:s:remote.domain.se "

run again verify settings

get-rdsessioncollectionconfiguration -collectionname "rds - terminal server" | fl *

now show this

customrdpproperty     : use redirection server name:i:1

                         alternate full address:s:remote.domain.se

ipads , iphones can connect environment.

adam bokiniec



Windows Server  >  Remote Desktop clients



Comments

Post a Comment

Popular posts from this blog

Error: 0x80073701 when trying to add Print Services Role in Windows 2012 Standard

-
hello, i'm getting error when trying add print services role in windows 2012 standard. i'm getting same error whether use gui or powershell. this new server install. the powershell error follows: add-windowsfeature : request add or remove features on specified server failed. installation of 1 or more roles, role services, or features failed. the referenced assembly not found. error: 0x80073701 at line:1 char:1 + add-windowsfeature print-services + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~     + categoryinfo          : invalidoperation: (@{vhd=; credent...name=localhost}:psobject) [install-windowsfeature],     exception     + fullyqualifiederrorid : dismapi_error__failed_to_enable_updates,microsoft.windows.servermanager.commands.addwind    owsfeaturecommand success restart needed exit code      feature result ------- -------------- ---------      -------------- false   no             failed         {} issue appreciated. hi, i think should st
Read more

Disconnecting from a Windows Server 2012 R2 file sharing session on a Windows 7,8,10 machine

-
i've been trying disconnect server while , haven't been able to. there quick way this? i've used net session , net user , work sometime never consistent. can task? hi yrusad, thanks post. does work when check “computer management > system tools > shared folders > open files/sessions”. directly manage from gui. and based on knowledge, quick way mentioned net session /delete /y. mean never consistent? best regards, mary please remember mark replies answers if , unmark them if provide no help. if have feedback technet subscriber support, contact tnmff@microsoft.com . Windows Server  >  Windows Server 2012 General
Read more

Event ID 64,77,1008 Certificates Events Windows Server 2008, 2008R2

-
hi guys, i need event ids. event id 64 clear - expired certificate. problem computers have new certificate ca of them keep old one. can remove them certificate store on computers or should check before? event id 77 - 1 strange me. warning , in same time don't see suspicious: "windows default" policy module logged following warning: active directory connection <domain controller name> has been reestablished <domain controller name>. have 4 dcs. should check or ignore these messages. event id 1008 - "certificate services client: credential roaming not performed because number of tokens in local store has exceeded limit." - i've checked articles credential roaming i'm not sure should do. if give tips , answers, great. in advance. hi, event id 64 clear - expired certificate. problem computers have new certificate ca of them keep old one. can remove them certificate store on computers or should check before? i assume these
Read more