Terminal Server RemoteApps always Visable with 1 way trust user accounts

Hello,

I'm setting up TS 2012 on Server 2012 R2 servers in Azure.  We have a one way trust with another domain in order to provide access to RemoteApps we are hosting via the remote domains user accounts.

You can't add 1-way trust accounts or groups to collection or RemoteApp user assignment so were planning on setting up groups on our domain and adding users from the remote domain to these groups then assigning our domain groups to the TS collections and remoteapps. 

This works find for the Collection security, however if you log into the Web Access page with a trusted domain account you get all visible RemoteApps shown no matter what security is assigned to them.

Is there a way to block access to individual remoteapps in a TS collection to users in a trusted domain?

Cheers,

Ben


  • Edited by Ben Richo Tuesday, February 25, 2014 1:58 PM
February 25th, 2014 1:56pm
Hi Ben,

Thank you for your posting in Windows Server Forum.

From your description it seems that you want to distribute RemoteApp to particular user. For that there is great article, please go through below article for more information.

1. Distribution of Remote Apps and desktops in Windows Server 2012
2. The Case of Invisible RemoteApp Programs (a.k.a. No RemoteApp Programs Listed on RD Web Access Site) 

Hope it helps! 

Thanks,
Dharmesh
Free Windows Admin Tool Kit Click here and download it now
February 27th, 2014 3:16am

Thanks for those links, I had a look but unfortunately its not really what I am after.

We were hoping to use this as a Citrix replacement so were going to just only the web access as the deployment method. 

The second article is actually kind of opposite to what we are getting; RemoteApps programs CAN'T be made invisible to users.

I should point out that if you log in with an account that is in the same domain as the terminal servers then everything works as expected, you can block access and hide RemoteApps as you would expect however if you log in with an account that is from a 1-way trusted domain then all RemoteApps are displayed no matter what.

What we need is a way to be able to hide certain RemoteApps from users that log in using trusted domain user credentials.

Cheers,

Ben

February 27th, 2014 8:36am

Hi Ben, did you find any solution or work around for this issue? I am experiencing the similar issue.  

Thanks Reza

Free Windows Admin Tool Kit Click here and download it now
April 29th, 2015 12:13am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics