Create a remote desktop protocol (RDP) application and configure it with settings that
define how end users interact with the remote application environment.
Before you begin
Complete these steps as they apply to your remote application
configuration:
- On the remote desktop server, publish or
distribute the remote application for end users to access the application remotely. For
example, on a Windows server, you must publish an application as a RemoteApp program to
ensure that it’s accessible.
- If you want the remote desktop to start a
program that is not listed as a published remote application, on a Windows server, you can
modify the remote desktop connection settings of the Group Policy to allow remote users to
start any application that is not published or listed as a published remote
application.
- If you plan to enable remote printing,
you must configure printer redirection to allow end users to access their local printer in
the remote desktop session. On a Windows server, you can configure this setting in the
Group Policy or in the client settings of the remote desktop session host
configuration.
- If you plan to enable remote file
sharing, you must configure a drive redirection to allow end users to access their local
computer in the remote desktop environment. On a Windows server, you can configure this
setting in the Group Policy or in the client settings of the remote desktop session host
configuration.
- If you plan to enable copy and paste
functionality to and from the remote desktop, you must configure clipboard redirection. On
a Windows server, you can configure this setting in the Group Policy or in the client
settings of the remote desktop session host configuration.
Note: For instructions on any of these remote desktop operations, see the documentation for
your remote desktop server.
In Enterprise Application Access (EAA), you can create a remote desktop application and configure the RDP application with settings that define how end users interact with the remote application environment.
After you deploy a remote desktop application, end users can access the deployed application with the specified external hostname.
How to
-
Add an RDP application. For instructions
on creating an application, see Add an application to EAA. When you complete the step for selecting the application type, ensure that you select
RDP.
-
In the Application Server IP/FQDN
field, specify the IP address or fully qualified domain (FQDN) of the remote desktop
application server and the port number. If necessary, you can click Add More to add another
application server. You will see a DRAFT VERSION next to the application name, till you
deploy the application.
Note: If you are doing origin server certificate validation, you must provide an FQDN
for the Application server. It cannot be done with an IP address of the app
server.
-
If you want the EAA connector to validate the authenticity of the origin server within
the data center perform these steps:
-
Verify Origin Server
Certificate. (on-by-default) Allows you to do the origin server
certificate validation. (recommended). Also select a root CA certificate.
-
ROOT CA Certificate.
Choose the root CA certificate with the full bundle you uploaded into EAA. See Upload a ROOT CA certificate for origin server validation
Note: If you disable Verify
Origin Server Certificate, you will see a warning message:
Note: If you enable Verify Origin Server
Certificate and do not upload a ROOT CA Certificate, you
see a warning message:
-
Disable clipboard functionality. Use this option to prevent
users from copying information from a RDP session. Otherwise you can copy the information
from the session window.
-
Select an External Host Name Field
domain type, then enter the hostname for the application. Do one of the following:
-
Associate a connector with the application. Click Add/Remove connector.
-
Click Done.
Note: EAA recommends more than one
connector for high-availability and load balancing.
-
Click Save and go to
Authentication. The Authentication tab opens.
-
Configure Authentication settings. You can Assign identity providers to an application, after adding directories, users and groups.
-
Configure Save and go to Services The Service tab opens. If you
want to configure these optional services, see Set up services for an application.
-
Click Advanced Settings.
-
Configure the Remote Desktop Configuration
settings:
-
Initial
program. If you want the remote desktop to open an application each
time the user logs in, enter the full path to the application executable file. Ensure
the path contains escaped backslashes. For example, the path to an application, may
look like: C:\\Program
Files\\application.exe, where application is the name of
the application.
-
RemoteApp
Name. If you want end users to only access a specific application in the
remote desktop enter the name of the application.
-
Remote App
Arguments. If you specified a Remote App Name and a
command is required to open the application, enter the command.
-
Remote App
Directory. If you specified a Remote App Name and the
application must be executed from a specific directory, enter the directory.
-
Support RDP TLS
v1. Enable this option if you need to support RDP TLS version 1.
-
If you want to allow end users to
copy content from the remote desktop and paste to your local computer or copy content
from your computer and paste to the remote desktop, select Enable Remote
Copy/Paste.
-
If you need to support the
application on a non-Windows remote desktop, select Enable Non-Windows
RDP.
Note: If you native RDP server is Windows, you will see a white screen.
-
To enable audio or allow a user to
play audio in the remote environment, select Enable Audio.
-
To allow users to print from the
remote desktop, select Enable Printing. By default, the printer name
LOCALPRINTER
appears. If
necessary, modify this the field with the preferred printer name.
-
To allow users to share files or
upload files from their computer to the remote desktop, select Enable File Sharing. By
default, this setting is enabled to use the
LOCALSHARE
drive in your
remote desktop. If necessary, modify the field with the preferred name of the
drive.
-
In the Application-facing Authentication
Mechanism menu, select one of the following:
- None: Select if you do
not want to select an application-facing authentication mechanism. The end user is
prompted for credentials by the RDP server.
- Auto: Select if you want
end users to experience a single sign-on based on their Active Directory record.
- Service Account: Select
if you want end users to log in with credentials that will be shared with many users.
In the provided fields, enter the service account username and the service account
password. The username must be provided in the following format: domain\userID
-
Click Save and go to
Deployment.
-
After the deployment is complete, click
Done.
Next steps
If you are using a Microsoft Windows
server, Connect a Microsoft Windows server to an RDP application. Then, Access the remote desktop application
in the remote desktop portal.