[THIN] Re: Win2012 RDS - digitally sign a RemoteApp?
- From: Michael Leone <oozerdude@xxxxxxxxx>
- To: thin@xxxxxxxxxxxxx
- Date: Tue, 22 Oct 2013 09:37:11 -0400
On Mon, Oct 21, 2013 at 10:46 PM, Carl Stalhood <cstalhood@xxxxxxxxx> wrote:
> On what OS are you running GPMC?
Windows 7.
> If you run GPMC on a 2012 machine then you
> should have access to the 2012 templates. Or maybe you have
> PolicyDefinitions in your Sysvol and those files need to be updated for
> 2012. However, I think the new feed URL GPO setting only applies to Windows
> 8 machines. This might help:
> http://www.virtualizationadmin.com/articles-tutorials/vdi-articles/general/distribution-of-remote-apps-and-desktops-in-windows-server-2012.html
Yes, I've read that. That is what I have been following, and what is
not solving my needs, unfortunately.
Assuming I understand this correctly, the only way to distribute the
URL via GPO is to a Win 8 client (after installing new Administrative
GPO templates). I have no Win 8 clients. So I can't distribute the
URL, hence my users (all Win7, and some Win XP) will have to manually
enter it into a web browser (I might be able to push it out as a
favorite).
There's no way for a non-Win 8 client to have the URL be pushed out
and populated into a client's Control Panel's "RemoteApp and Desktop
Connections", not via GPO. The user will have to do this themselves.
(I'm sure *that* will go easily LOL)
Since there is no RemoteApp Manager on Win2012, I see no way to
digitally sign my application. Without it being signed, there's no way
to make it a trusted application (and no way to send out a new list of
trusted applications). So the users will be prompted every time they
try and run this published RemoteApp. I might be able to set (via GPO)
"ignore unsigned applications", which may work, but isn't quite the
same thing.
Have I misunderstand? I feel sure that it's me that is missing something.
How else are people using Win2012 RDS servers to serve up published
RemoteApps to non-Win 8 clients, and have the settings populated on
the client automatically, so they don't get prompted to run an
untrusted application?
> If you used RDMS to install the RDS roles then there should be an option to
> Edit the Deployment and the Certificates page should deploy a certificate to
> the role servers.
Not knowing what RDMS is, I will say .. no, that's not what I used.
:-) I installed the roles just from "Program Features", like any role,
on the 2 servers in question (session host/web access).
************************************************
For Archives, RSS, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
//www.freelists.org/list/thin
************************************************
Other related posts:
