This procedure describes how to use the Group Policy Management Console (GPMC) to enable connections through RD Gateway. When this policy setting is enabled, when Remote Desktop Services clients cannot connect directly to an internal network resource (computer), the clients will attempt to connect to the computer through the RD Gateway server that is specified in the Set RD Gateway server address policy setting.
Note | |
To manage Group Policy on a Windows Server 2008 R2-based domain controller, you must first add the Group Policy Management Console feature. To do this, start Server Manager, and then under Feature Summary, click Add Features. On the Select Features page, select the Group Policy Management check box. Follow the on-screen instructions to complete the installation. |
To change Group Policy settings for a domain or an organizational unit (OU), you must be logged on as a member of the Domain Admins, Enterprise Admins, or the Group Policy Creator Owners group, or have been delegated the appropriate control over Group Policy.
To enable connections through RD Gateway |
-
Start the GPMC. To do so, click Start, point to Administrative Tools, and then click Group Policy Management.
-
In the left pane, locate the OU that you want to edit.
- To modify an existing Group Policy object
(GPO) for the OU, expand the OU, and then click the GPO.
- To create a new GPO, follow these steps:
- Right-click the OU, and then click Create a GPO in this
domain, and link it here.
- In the Name box, type a name for the GPO, and then click
OK.
- In the left pane, locate and click the new GPO.
- Right-click the OU, and then click Create a GPO in this
domain, and link it here.
- To modify an existing Group Policy object
(GPO) for the OU, expand the OU, and then click the GPO.
-
In the right pane, click the Settings tab.
-
Right click User Configuration, and then click Edit.
-
In the left pane, under User Configuration, expand Administrative Templates, expand Windows Components, expand Remote Desktop Services, and then click RD Gateway.
-
In the right pane, in the settings list, right-click Enable connection through RD Gateway, and then click Edit.
-
On the Settings tab, do one of the following:
- Click Not Configured. Remote Desktop
Services clients will not use the RD Gateway server address
that is specified in the Set RD Gateway server address
policy setting. If an RD Gateway server is specified by the
user, a client connection attempt will be made through that
RD Gateway server.
- Click Enabled. When Remote Desktop
Services clients cannot connect directly to an internal network
resource, the clients will attempt to connect to the internal
network resource through the RD Gateway server that is
specified in the Set RD Gateway server address policy
setting.
- Click Disabled. Remote Desktop
Services clients will not use the RD Gateway server address
that is specified in the Set RD Gateway server address
policy setting. If an RD Gateway server is specified by the
user, a client connection attempt will be made through that
RD Gateway server.
- Click Not Configured. Remote Desktop
Services clients will not use the RD Gateway server address
that is specified in the Set RD Gateway server address
policy setting. If an RD Gateway server is specified by the
user, a client connection attempt will be made through that
RD Gateway server.
-
Click OK.
Note | |
To configure RD Gateway settings by using the local computer policy, use the Local Group Policy Editor. To start the Local Group Policy Editor, click Start, click Run, type gpedit.msc and then click OK. To configure local Group Policy settings, you must be a member of the Administrators group on the local computer or you must have been delegated the appropriate authority. |