Johnny Yao WorkSpace

    1. RDWebAccess.Config and by default, the “Remote Desktop” will connect to FQDN of the local RD Server.  

  1. http://blogs.msdn.com/b/rds/archive/2009/08/11/introducing-web-single-sign-on-for-remoteapp-and-desktop-connections.aspx   2. http://blogs.msdn.com/b/rds/archive/2007/05/04/single-credential-prompt-for-ts-gateway-server-and-terminal-server.aspx ================================================================== http://blogs.msdn.com/b/rds/archive/2009/08/11/introducing-web-single-sign-on-for-remoteapp-and-desktop-connections.aspx   Web SSO with RD Gateway Web SSO also works when RemoteApp programs are set to use RD Gateway regardless of whether RD Web Access accesses RemoteApp programs in RD Session Host mode or RD Connection Broker mode. The configuration of Web SSO for RD Gateway assumes that: an RD Gateway is deployed a ‘Connection Authorization Policy’ is set to use password for the users connecting and the RD Gateway server is used by RemoteApp programs More details on how to configure a ‘Connection Authorization Policy’ o...

    官方講了這篇，per user CAL 不可revoke http://technet.microsoft.com/en-us/library/cc732416.aspx   非官方的說可以改attribute   2.495 Attribute msTSExpireDate http://msdn.microsoft.com/en-us/library/cc220557(v=prot.13).aspx          

  http://social.technet.microsoft.com/Forums/en-US/winserverTS/thread/567c380e-4d2f-4cb4-8df5-34575669d6d7 When a person leaves your company if you delete their AD user account the count of Per User RDS CALs in use will decrease automatically. A RDS Per User CAL expires after 60 days of not being used.  What this means is that if you have a user account that has not logged on to one of your RDSH servers in the last 61 days they will not show up on the Per User CAL Usage report. The above are implementation details of Per User RDS license tracking.  I will leave it up to you to decide what complies with the license agreement.  For example, what is the definition of permanently?  If an employee switches departments, does not use your RDSH servers for a year, and then starts using them again did you violate the EULA (assuming you reassigned the CAL)?  Perhaps you would say no in this example.  What about if the same thing happens for only ...

  Change default RDWeb to RemoteDesktopConnection instead of RemoteAPP http://social.technet.microsoft.com/Forums/en-US/winserverTS/thread/f23fe7da-bcb7-460b-8c6d-a8c73661f56a/ change default.aspx to desktop.aspx from login.aspx remove computer name before - const string L_DefaultComputerNameValue_Text = "Computer Name"; after - const string L_DefaultComputerNameValue_Text = "";   before - type="text" onkeydown="jscript:checkKey(this);" onkeyup="jscript:checkLen(this, 1);" /> after -   type="text" onkeydown="jscript:checkKey(this);" onkeyup="jscript:checkLen(this, 1);"value="rd.msft.com" />   before - &nbsp;<button type="button" id="ButtonConnect" name="ButtonConnect" disabled class="formButton" onclick="BtnConnect()" accesskey=<%=L_ConnectAccessKey_Text...

  . certutil -f –urlfetch -verify <your_certificate>.cer From internet client (Win7 ultimate x64) Issuer:     CN=TWCA Secure CA -Evaluation Only     OU=SSL Certification Service Provider-Evaluation Only     O=TAIWAN-CA INC.     C=TW Subject:     CN=deep2.msft.com     OU=ITS     O=Msft Corporation     L=Taipei     S=Taiwan     C=TW Cert Serial Number: 04bd dwFlags = CA_VERIFY_FLAGS_ALLOW_UNTRUSTED_ROOT (0x1) dwFlags = CA_VERIFY_FLAGS_IGNORE_OFFLINE (0x2) dwFlags = CA_VERIFY_FLAGS_FULL_CHAIN_REVOCATION (0x8) dwFlags = CA_VERIFY_FLAGS_CONSOLE_TRACE (0x20000000) dwFlags = CA_VERIFY_FLAGS_DUMP_CHAIN (0x40000000) ChainFlags = CERT_CHAIN_REVOCATION_CHECK_CHAIN (0x20000000) HCCE_LOCAL_MACHINE CERT_CHAIN_POLICY_BASE -------- CERT_CHAIN_CONTEXT -------- ChainContext.dwErrorStatu...

    The quest for Remote Desktop Services Web Access Single Signon Introducing Web Single Sign-On for RemoteApp and DesktopConnections (Terminal MSDN) Enable RDC Client Single Sign-On for Remote Desktop Services (only for RDC)   Single sign-on between RD Session Host and RD Web Access Single sign-on allows customers the ability to enter their user name and password only once when connecting to a RemoteApp program by using RD Web Access. Why is this change important? Prior to Windows Server 2008 R2, when a user connected to a RemoteApp program by using RD Web Access, the user was prompted for credentials twice. One set of credentials was used to authenticate the user to the RD Web Access server and the other set was used to authenticate the user to the RD Session Host server hosting the RemoteApp program. Asking for the same user credentials twice led to a bad user experience. In Windows Server 2008 R2, you are only prompted once. Important Sin...