Publishing applications using Windows Terminal server.
In some organisation due to security reasons and compliance issue IT admins wants to restrict user access and give them access to only specific applications. To achieve this, they use terminal server. Terminal server is easy to deploy and use on a local LAN but it is difficult to deploy the same over WAN/VPN. To overcome this issue Array AG has solution called desktop direct. Using desktop direct not only we can give access to user desktop but we can also restrict and give access to only specific application which user is allowed to. We can publish applications like notepad, Windows word, putty, Google chrome, SAP etc depending upon the requirement.
This document is a guide to configure and publish application for user on terminal server.
1) The server must be configured with valid Client Access Licenses (CAL).
2) Applications are only available to user accounts that are familiar to the server (either a local account or a domain account). For example, if the domain of the server is ARRAYNET and the user logs on to the DesktopDirect Access Portal using the username jdoe then the account ARRAYNET jdoe must exist.
3) The Windows Firewall must allow communication to the RDP TCP port (by default 3389) and to the Server Agent (TCP port 9091).
4) The server must have the “Terminal Services” role enabled. In Windows 2008 R2 this role name is “Remote Desktop Services. To enable it, please use the Turn Windows Feature OnOff option from the Program and Features screen through the server’s Control Panel.
Within the “Terminal Services” role the “TS Web Access” Role Service must be enabled.
5) The RemoteApp Deployment Setting Access to unlisted programs, available under the RD Session Host Server, must be set to Allow users to start both listed and unlisted programs on initial connection.
6) The applications which you want to allow should be added in RemoteApp Manager.
In below screenshot I have added wordpad and putty.
1) Complete and virtual site, aaa and role configuration.
2) From the Homesection in the base system select Go to DD Pilot.
3) In the DD Pilot go to ART Server tab and select Published Applicationsoption.
4) Select Terminal Server Applications
5) Add the terminal server.
6) Now in the Applicationstab add the application, wordpad is added as an example in below screenshot.
7) Assign server to wordpad application by going into Servers tab. Select left and right double arrow button to assign and unassign.
8) From the Assignment tab assign users to the specific application. Select left and right double arrow button to assign and unassign.
1) Open motionpro and add profile
2) Double click on the added profile to connect.
3) After connecting you can see the name of the published applications on motionpro.
4) Open the application by clicking on it. In below screenshot I have opened wordpad application.