We are implementing a custom authentication plugin for RDP gateway according to the sample provider by Microsoft.

We are now trying to customize the RDP Web Access logon page to use the ActiveX RDP control to pass the token information.

We have tried using serialized RDP file using IMSRDPClientShell and It fails with -2147012890 on MsRdpClientShell.Launch() when the parameter is set to gatewaycredentialssource:i:5 as required by  the sample. If the value is below 5 this works.

We have also tried with the  MSRDPClient8 interface by setting the required properties( on the MSRDPClientTransportSettings3 we got an error message:

To use this program or computer, you must first log on to an authentication website. Contact your network administrator for assistance

This works if we invoke directly the RDP client application.

How can we pass this parameter to the control so it can be sent to the gateway ?

Hi,

Which RDP Client you are using to connect from your client system? Here suggest to update the client version to RDP 8.1. Because in clients before Windows Server 2012 R2 and Windows 8.1, custom authentication and authorization data was provided via IE browser cookie only. In Windows 8.1 and Windows 7 SP1 with the RDP 8.1 Update, this data may be provided as part of the .RDP file used to launch a connection, providing cross-browser compatibility as well as scenarios outside of the browser. So please update to latest RDP version and verify result. Additionally, the plug-in may be used to provide custom accounting.

In addition please check whether you have RD Gateway configured properly with relatively RD RAP and RD CAP policies. You can get more detail for RD Gateway PAA from below article.
Remote Desktop Gateway Pluggable Authentication and Authorization Sample
https://code.msdn.microsoft.com/Remote-Desktop-Gateway-517d6273

Hope it helps!

Thanks.

Hi,

thanks for the reply. I confirm we use the client RDP 8.1 Update and that the scenario works when we use directly the client (mstsc.exe) to launch the rdp file, what we are after is the scenario where the client is launched programmatically from the browser using the ActiveX control  : https://msdn.microsoft.com/en-us/library/aa383541(v=vs.85).aspx using the interface IMSRDPClientShell (https://msdn.microsoft.com/en-us/library/aa381301(v=vs.85).aspx#properties) where the rdp is set as a  streamed version of the rdp file.

thanks for your advise

• Proposed as answer by Dharmesh SMicrosoft contingent staff, Moderator Tuesday, January 27, 2015 2:45 AM

Hi,

Do you need any other assistance?

Thanks.

Yes, as indicated above we would  like to make this solution works when the RDP ActiveX is used, not when the RDP Client is launched via clicking on the RDP file. Is that supported/feasible

thanks

Regards

Hi,

As per my research, seems that is not the supported solution as the way you want to configure.

Thanks for your understanding and Support!

Regards.

Hi ,

We are also exploring a solution around PAA and RDP and It looks like it is a Bug in the implementation of the Active X , some where with in the call to the active x method MSRDPClientShell.Launch with RDPFileContents having gatewaycredentialssource:i:5  it is finds the value of 5 as invalid ( ideally it should not ) and it fails to give any error message as well.

What is the ideal forum to report this as a bug ?

-Soumen