Hello all,
I hope that you are well!
We are working with Windows 2012 R2 Remote Desktop Services which include:
RDS Connection Broker
RDS Session Host
RDS Web access
We configure RemoteApp for our farm of RDS Session Host (application is installed on every server in our farm)We publish the application so the user can access the application, instead of providing them access to a Remote Desktop.
The process is simple:
1) User open their workstations, enter their credentials (username, password) for the domain
2) They open Internet Explorer and type portal.domain.com
3) Now the user see Form base authentication (RDS Web Access portal), so they enter their credentials, same one as step 1
4) Now the can see the RemoteApp and can access it
This is where we are facing our issue...it seem that RDS Connection Broker kept trace of which user is connected, those credentials provided in step 1 of the process. So the RemoteApp does not react as expected (rights, visual experience).
We did the same test on a non-domain join computer and everything is fine with the RemoteApp. We also did publish RDP to one of our server in our farm and the application install on that server act has expected. So it works on Remote Desktop but not on RemoteApp.
So my question to you, is it possible to change the behavior of the Connection Broker so the credentials enter on step 3 are retain and not the one provided on step 1. So if user A (who has no permission on that specific application) open a workstation by entering his/her credentials and user b (which has permission on the application) enter different credential on the portal those one are retain instead of those of user a.
Any idea to change this behavior
Best regards,
Stephane