Configure and deploy a remote desktop (RDP) application
Create a remote desktop protocol (RDP) application and configure it with settings that define how end users interact with the remote application environment.
Before you begin
Complete these steps as they apply to your remote application configuration:
- On the remote desktop server, publish or distribute the remote application for end users to access the application remotely. For example, on a Windows server, you must publish an application as a RemoteApp program to ensure that it’s accessible.
- If you want the remote desktop to start a program that is not listed as a published remote application, on a Windows server, you can modify the remote desktop connection settings of the Group Policy to allow remote users to start any application that is not published or listed as a published remote application.
- If you plan to enable remote printing, you must configure printer redirection to allow end users to access their local printer in the remote desktop session. On a Windows server, you can configure this setting in the Group Policy or in the client settings of the remote desktop session host configuration.
- If you plan to enable remote file sharing, you must configure a drive redirection to allow end users to access their local computer in the remote desktop environment. On a Windows server, you can configure this setting in the Group Policy or in the client settings of the remote desktop session host configuration.
- If you plan to enable copy and paste functionality to and from the remote desktop, you must configure clipboard redirection. On a Windows server, you can configure this setting in the Group Policy or in the client settings of the remote desktop session host configuration.
In Enterprise Application Access (EAA), you can create a remote desktop application and configure the RDP application with settings that define how end users interact with the remote application environment.
After you deploy a remote desktop application, end users can access the deployed application with the specified external hostname.
- Add an RDP application. For instructions on creating an application, see Add an application to EAA. When you complete the step for selecting the application type, ensure that you select RDP.
- In the Application Server IP/FQDN field, specify the IP address or fully qualified domain (FQDN) of the remote desktop application server and the port number. If necessary, you can click Add More to add another application server.
If you want the EAA connector to validate the authenticity of the origin server within
the data center perform these steps:
Note: If you disable Verify Origin Server Certificate, you will see a warning message:Note: If you enable Verify Origin Server Certificate and do not upload a ROOT CA Certificate, you see a warning message:
- Verify Origin Server Certificate. (on-by-default) Allows you to do the origin server certificate validation. (recommended). Also select a root CA certificate.
- ROOT CA Certificate. Choose the root CA certificate with the full bundle you uploaded into EAA. See Upload a ROOT CA certificate for origin server validation
- Disable clipboard functionality. Use this option to prevent users from copying information from a RDP session. Otherwise you can copy the information from the session window.
Select an External Host Name Field
domain type, then enter the hostname for the application. Do one of the following:
- If you select Use Akamai domain you don't need to configure certificates.
- If you select Use your domain you need to specify certificate a for the domain and set up a CNAME redirect. See Add a certificate to EAA, Associate a certificate for using your own domain for your application and Set up a CNAME redirect for an application
- Associate a connector with the application. Click Add/Remove connector.
Note: EAA recommends more than one connector for high-availability and load balancing.
- Click Save and go to Authentication. The Authentication tab opens.
- Configure Authentication settings. You can Assign identity providers to an application, after adding directories, users and groups.
- Configure Save and go to Services The Service tab opens. If you want to configure these optional services, see Set up services for an application.
- Click Advanced Settings.
Configure the Remote Desktop Configuration
- Initial program. If you want the remote desktop to open an application each time the user logs in, enter the full path to the application executable file. Ensure the path contains escaped backslashes. For example, the path to an application, may look like: C:\\Program Files\\application.exe, where application is the name of the application.
- RemoteApp Name. If you want end users to only access a specific application in the remote desktop enter the name of the application.
- Remote App Arguments. If you specified a Remote App Name and a command is required to open the application, enter the command.
- Remote App Directory. If you specified a Remote App Name and the application must be executed from a specific directory, enter the directory.
- Support RDP TLS v1. Enable this option if you need to support RDP TLS version 1.
- If you want to allow end users to copy content from the remote desktop and paste to your local computer or copy content from your computer and paste to the remote desktop, select Enable Remote Copy/Paste.
- If you need to support the application on a non-Windows remote desktop, select Enable Non-Windows RDP.
- To enable audio or allow a user to play audio in the remote environment, select Enable Audio.
To allow users to print from the
remote desktop, select Enable Printing. By default, the printer name
LOCALPRINTERappears. If necessary, modify this the field with the preferred printer name.
To allow users to share files or
upload files from their computer to the remote desktop, select Enable File Sharing. By
default, this setting is enabled to use the
LOCALSHAREdrive in your remote desktop. If necessary, modify the field with the preferred name of the drive.
In the Application-facing Authentication
Mechanism menu, select one of the following:
- None: Select if you do not want to select an application-facing authentication mechanism. The end user is prompted for credentials by the RDP server.
- Auto: Select if you want end users to experience a single sign-on based on their Active Directory record.
- Service Account: Select if you want end users to log in with credentials that will be shared with many users. In the provided fields, enter the service account username and the service account password. The username must be provided in the following format: domain\userID
- Click Save and go to Deployment.
- After the deployment is complete, click Done.