question

SirA-7372 avatar image
0 Votes"
SirA-7372 asked SirA-7372 answered

Remote Desktop with Azure AD Application Proxy

I have set up an RDS deployment exactly like its outlined on Microsoft documents, and tried to publish it with Azure AD Application Proxy. But all I receive is the IIS welcome page when browsing to the external url, so apparently I have not done something right. Does anyone have experience with this?


https://docs.microsoft.com/en-us/azure/active-directory/app-proxy/application-proxy-integrate-with-remote-desktop-services

I don't understand the portion about common root. Both Web and Gateway are on the same server. They were added through Server Manager on the connection broker.


  • Both the RD Web and RD Gateway endpoints must be located on the same machine, and with a common root.

remote-desktop-servicesazure-ad-application-proxy
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

SirA-7372 avatar image
0 Votes"
SirA-7372 answered

I read the "fine print" on the documentation related to homepage url, and realized that homepage url redirection only occurs when you access the application from myapps.microsoft.com or Microsoft 365 app launcher.

https://docs.microsoft.com/en-us/azure/active-directory/app-proxy/application-proxy-configure-custom-home-page

If you access the external url from a web browser, you will be redirected to the exact url you type in, after going through the Azure AD login process. So if you want to access the RDweb page directly from a web browser, you have to actually type in https://externalUrl/RDWeb

Unless you specifically redirect Default Web Site in IIS manager of RDWeb+RDGateway server to https://rds.mydomain.com/RDWeb. Then you can access https://externalUrl and be redirected to https://externalUrl/RDWeb (as long as you are using a custom domain, I have not tested this with the default .msappproxy.net domain)

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

JiaYou-MSFT avatar image
0 Votes"
JiaYou-MSFT answered JiaYou-MSFT edited

HI

"I don't understand the portion about common root."

I find "The common root (ex: http://myapps/expenses and http://myapps/travel), you can publish these as one application (http://myapps). All content under that root will be available through Application Proxy."

Implementing Azure AD Application Proxy
https://github.com/intelequia/VirtualLabs/blob/master/Documentation/AzureADProxy.md

============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

SirA-7372 avatar image
0 Votes"
SirA-7372 answered SirA-7372 edited

Thanks for replying.

Do RDWeb and RDGateway have to share the same folder on the C:\ drive of Windows Server?

I have installed RD Web through Server Manager on the Connection Broker, then I added the Gateway role to the same server through Server Manager on the Connection Broker too.

108900-rds1.png

Default Web Site physical path is C:\inetpub\wwwroot

RdWeb physical path is **C:\Windows\Web\RDWeb*
Rpc phyiscal path is
C:\Windows\System32\RpcProxy
RpcWithCert physical path is
C:\Windows\System32\RpcProxy*


I have followed the Application Proxy documentation to a tee.

Internal Url is: Https://rds.mydomain.com/

External Url is: https://remotedesktopservices-mydomain.msappproxy.net/

Homepage Url under branding is: https://rds.mydomain.com/RDWeb

I know that I get the IIS welcome page if I internally browse to Https://rds.mydomain.com/

But since I set homepage Url to Https://rds.mydomain.com/RDweb, I should be hitting the RDweb site when I browse to https://remotedesktopservices-mydomain.msappproxy.net externally? At least that's what the documentation says.

Yet all I see is the IIS welcome page. Meaning I am not being redirected to the Homepage Url, even if I set it under branding.










rds1.png (11.5 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.