From the Group Policy Management Console, create (or edit) a GPO and give it a sensible name. Issue/Publish the new certificate template.Ĭreate a GPO to secure RDP access with Certificates.ġ0.
How you want to apply this depends on you.ĩ. (Below I’ve put three examples, firstly I create a group for my servers, secondly I just apply it to my domain controllers, or lastly I allow all Domain Computers). Security tab > Ensure that the the computer groups you want to apply the template to, are selected for Read and Enroll. Now select Microsoft RD Web 2012R2 Hosted address is. Remove the other policies, so only the one we have just created remains > OK.Ĩ. Select the Microsoft Remote Desktop Gateway 2008 and R2 template Fill in the required details: Rule Name Hosted Address Listening Port Certificate Domains Protected Server Go to the Advanced section at the bottom of the Firewall rule and click the drop-down box beneath to Protection. Select the policy you have just created > OK.ħ. Im about to purchase a certificate for the RD Gateway which will be. Hi all, Im looking at deploying a complete Remote Desktop Services solution to a client.
WINDOWS 2012 R2 REMOTE DESKTOP SERVICES CERTIFICATE WINDOWS
New > Name=SSL Secured Remote Desktop > Object Identifier=1.3.6.1.4.1.311.54.1.2 > OK.Ħ. Windows Server 2012 R2 Remote Desktop Services - RemoteApp external publishing and RD Gateway. Extensions tab > Application Policies > Edit > Add.ĥ. General tab > Set the display and template name to RemoteDesktopSecure.Ĥ.
Locate, and make a duplicate of, the Computer template.ģ.
On the domain CA Launch the Certification Authority Management Console > Certificates Templates > Right click > Manage.Ģ. Solution Create an RDP Certificate Templateġ. If you need that level of security, that should already be done by 802.1x. IT DOES NOT stop clients connecting to an RDP server if they do not have a trusted certificate. This ensures that traffic that is sent over an RDP connection to a server is protected by TLS/ SSL Encryption.