Remote Desktop Gateway on Windows Server 2012 R2 and IPAD

-

hi guys,

would love issue been struggling couple of days now.

i have rds 2012 r2 gateway configured , works great windows clients both internal , external communication. problems comes when want use  ipad apple. installed latest rd client microsoft , works great internal network device moved external network client error while connecting. gateway located in domain network.

the error “failed parse authorization challenge”,

this see in log file rd client.

[2014-mar-06 16:53:49] rdp (0): --- begin interface list ---
[2014-mar-06 16:53:49] rdp (0): lo0 af=18  addr= netmask=
[2014-mar-06 16:53:49] rdp (0): lo0 af=30 (af_inet6)  addr=::1 netmask=ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
[2014-mar-06 16:53:49] rdp (0): lo0 af=2 (af_inet)  addr=127.0.0.1 netmask=255.0.0.0
[2014-mar-06 16:53:49] rdp (0): lo0 af=30 (af_inet6)  addr=fe80::1%lo0 netmask=ffff:ffff:ffff:ffff::
[2014-mar-06 16:53:49] rdp (0): pdp_ip0 af=18  addr= netmask=
[2014-mar-06 16:53:49] rdp (0): pdp_ip0 af=2 (af_inet)  addr=10.25.216.171 netmask=255.255.255.255
[2014-mar-06 16:53:49] rdp (0): pdp_ip1 af=18  addr= netmask=
[2014-mar-06 16:53:49] rdp (0): pdp_ip2 af=18  addr= netmask=
[2014-mar-06 16:53:49] rdp (0): pdp_ip3 af=18  addr= netmask=
[2014-mar-06 16:53:49] rdp (0): pdp_ip4 af=18  addr= netmask=
[2014-mar-06 16:53:49] rdp (0): en1 af=18  addr= netmask=
[2014-mar-06 16:53:49] rdp (0): ap1 af=18  addr= netmask=
[2014-mar-06 16:53:49] rdp (0): en0 af=18  addr= netmask=
[2014-mar-06 16:53:49] rdp (0): awdl0 af=18  addr= netmask=
[2014-mar-06 16:53:49] rdp (0): --- end interface list ---
[2014-mar-06 16:53:49] rdp (0): not using proxy
[2014-mar-06 16:53:49] rdp (0): protocol state changed to: protocolconnectingnetwork(1)
[2014-mar-06 16:53:54] rdp (0): resolved 'mb-rds-01.contoso.local' 'error: unable connect remote pc. please provide fully-qualified name or ip address of remote pc, , try again.' using nameresolvemethod_unknown(0)
[2014-mar-06 16:53:54] rdp (0): error message: unable connect remote pc. please provide fully-qualified name or ip address of remote pc, , try again.(phase: 0, type: 0, reason: 0, systemcode: 0, systemmessage: )
[2014-mar-06 16:53:54] rdp (0): protocol state changed to: protocoldisconnected(8)
[2014-mar-06 16:53:54] rdp (0): final rdp configuration used: {
    activeusername = " contoso\\user01";
    arctimeout = 1800;
    cacheid = 12bf328dd1c8b841;
    certificatesuseredirectname = 1;
    configurationversion = 8;
    font = 1;
    gatewayid = f2ee288cd1c8b841;
    gatewaymode = 2;
    gwautodetectstate = kconnectiongwautodectedforcegw;
    host = "mb-rds-01.contoso.local";
    label = "murbiten - terminal server";
    loadbalanceinfo = "tsv://ms terminal services plugin.1.contoso_-_termi";
    mousemode = "-1";
    port = 3389;
    temporary = 1;
    type = rdp;
    usealt = 0;
    utilitybar = "-1";
    webfeedversion = "windows 2008 r2 or newer";
}{
    connections =     (
        f4bf288cd1c8b841,
        12bf328dd1c8b841
    );
    host = "remote.customer.com";
    id = f2ee288cd1c8b841;
    port = 443;
    temporary = 1;
    type = rdp;
}{
    kcfproxytypekey = kcfproxytypenone;
}
[2014-mar-06 16:53:54] rdp (0): --- begin interface list ---
[2014-mar-06 16:53:54] rdp (0): lo0 af=18  addr= netmask=
[2014-mar-06 16:53:54] rdp (0): lo0 af=30 (af_inet6)  addr=::1 netmask=ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
[2014-mar-06 16:53:54] rdp (0): lo0 af=2 (af_inet)  addr=127.0.0.1 netmask=255.0.0.0
[2014-mar-06 16:53:54] rdp (0): lo0 af=30 (af_inet6)  addr=fe80::1%lo0 netmask=ffff:ffff:ffff:ffff::
[2014-mar-06 16:53:54] rdp (0): pdp_ip0 af=18  addr= netmask=
[2014-mar-06 16:53:54] rdp (0): pdp_ip0 af=2 (af_inet)  addr=10.25.216.171 netmask=255.255.255.255
[2014-mar-06 16:53:54] rdp (0): pdp_ip1 af=18  addr= netmask=
[2014-mar-06 16:53:54] rdp (0): pdp_ip2 af=18  addr= netmask=
[2014-mar-06 16:53:54] rdp (0): pdp_ip3 af=18  addr= netmask=
[2014-mar-06 16:53:54] rdp (0): pdp_ip4 af=18  addr= netmask=
[2014-mar-06 16:53:54] rdp (0): en1 af=18  addr= netmask=
[2014-mar-06 16:53:54] rdp (0): ap1 af=18  addr= netmask=
[2014-mar-06 16:53:54] rdp (0): en0 af=18  addr= netmask=
[2014-mar-06 16:53:54] rdp (0): awdl0 af=18  addr= netmask=
[2014-mar-06 16:53:54] rdp (0): --- end interface list ---
[2014-mar-06 16:53:54] rdp (0): not using proxy
[2014-mar-06 16:53:54] rdp (0): protocol state changed to: protocolconnectingnetwork(1)
[2014-mar-06 16:53:54] rdp (0): resolved 'remote.customer.com' '194.71.11.69' using nameresolvemethod_unknown(0)
[2014-mar-06 16:53:54] rdp (0): resolved 'remote.customer.com' '194.71.11.69' using nameresolvemethod_unknown(0)
[2014-mar-06 16:53:54] rdp (0): exception caught: exception in file '/users/build/jenkins/workspace/rc-ios-develop/protocols/rdp/librdp/librdp/private/httpendpoint.cpp' @ line 346
    user message : failed parse authorization challenge
[2014-mar-06 16:53:54] rdp (0): exception caught: exception in file '/users/build/jenkins/workspace/rc-ios-develop/protocols/rdp/librdp/librdp/private/httpendpoint.cpp' @ line 346
    user message : failed parse authorization challenge
[2014-mar-06 16:53:54] rdp (0): error message: failed parse authorization challenge(phase: 0, type: 0, reason: 0, systemcode: -1, systemmessage: )
[2014-mar-06 16:53:54] rdp (0): protocol state changed to: protocoldisconnecting(7)
[2014-mar-06 16:53:54] rdp (0): protocol state changed to: protocoldisconnected(8)
[2014-mar-06 16:53:54] rdp (0): ------ end active connection ------

en → en
authorization

adam bokiniec

hi jeremy,

i found solution, effort. solutions following.

first thing needs done either solution options below, did solution 1 in case , added nps server ad. (https://blogs.technet.com/b/networking/archive/2010/01/14/remote-desktop-gateway-client-fails-authentication-with-your-user-account-is-not-authorized-to-access-the-rd-gateway.aspx)

solution 1

register nps server in active directory:

in server manager, browse following location: roles\network policy , access services\nps (local).

right click on nps (local) node , choose register server in active directory.

click ok authorize server when prompted.

solution 2

open active directory users , computers on domain controller of same domain remote desktop gateway.

add computer name of remote desktop gateway ras , ias servers group.

situation b

restart rds host , gateway server.

secondly , important configure alternate address match public certificate. public certificate cname “remote.domain.se”.

all commands need run administrator in powershell

to show current configuration run following commands:

collectionname collection name created rds deployment.

to collection name type

get-rdsessioncollection

when got collection name type

get-rdsessioncollectionconfiguration -collectionname "rds - terminal server" | fl *

the default configuration this:

customrdpproperty     : use redirection server name:i:1

no add public domain name match certificate run following command

set-rdsessioncollectionconfiguration –collectionname " rds - terminal server " -customrdpproperty "use redirection server name:i:1 `n alternate full address:s:remote.domain.se "

run again verify settings

get-rdsessioncollectionconfiguration -collectionname "rds - terminal server" | fl *

now show this

customrdpproperty     : use redirection server name:i:1

                         alternate full address:s:remote.domain.se

ipads , iphones can connect environment.

adam bokiniec



Windows Server  >  Remote Desktop clients



Comments

Post a Comment

Popular posts from this blog

Error: 0x80073701 when trying to add Print Services Role in Windows 2012 Standard

-
hello, i'm getting error when trying add print services role in windows 2012 standard. i'm getting same error whether use gui or powershell. this new server install. the powershell error follows: add-windowsfeature : request add or remove features on specified server failed. installation of 1 or more roles, role services, or features failed. the referenced assembly not found. error: 0x80073701 at line:1 char:1 + add-windowsfeature print-services + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~     + categoryinfo          : invalidoperation: (@{vhd=; credent...name=localhost}:psobject) [install-windowsfeature],     exception     + fullyqualifiederrorid : dismapi_error__failed_to_enable_updates,microsoft.windows.servermanager.commands.addwind    owsfeaturecommand success restart needed exit code      feature result ------- ------...
Read more

Windows 2016 RDS event 1306 Connection Broker Client failed to redirect the user... Error: NULL

-
Image
i'm attempting setup windows 2016 rds standard deployment session hosting.  layout follows: rds01 - rds connection broker , web access ts02 - rds session host ts03 - rds session host domain these servers part of has (1) windows 2008 server , (2) windows 2016 servers acting dcs.  domain running @ windows 2003 functional level. servers on single routed network no firewall between them.  dns , ptr records servers exist , resolve on hosts.  servers can pinged each other. in other words, there no network connectivity issues. i've setup rds deployment several times w/ same results. the issue can login via rdweb interface on rds01 win10 desktop , connect published rdp desktop without issue (i.e. no error messages user) , no errors in logs.  when try directly rdp rds01, authenticate user (per event log) error stating user doesn't have access system.  in event log event id 1306 message of "remote desktop connection broker client faile...
Read more

Como saber quien entro a mi PC por la Red

-
quisiera saber si es posible, o existe forma de auditar quien accedió a mi pc vía red, es decir se que hay software que perminten auditar el file server para saber quien entro y modifico y/o borro un archivo... pero si alguien entro mi pc \\pcname\c$ hay forma de determinar que usuario entro al disco c de una pc en especifica y copio, modifico o borro un archivo...   y la otra pregunta cuales son las mejores herramientas para auditar la red y el file server   gracias una forma de detectar quien esta conectado tu pc es través del comando net user entra en cmd y escribes net user eso muestra los usuarios que están conectados en tu equipo en un momento determinado, se que no es lo que pides pero puede servir para descubir alguien en determinado momento. para que no este compartido le dan clic derecho sobre mi pc>propiedades>remoto y le desmarcan donde dice ''permitir que este equipo envíe invitaciones ...
Read more