Create an RDP application

Create a remote desktop protocol (RDP) application and configure it with settings that define how users interact with the remote application environment.

Prerequisites:

  • On the remote desktop server, publish or distribute the remote application for users to access the application remotely. For example, on a Windows server, you must publish an application as a RemoteApp program to ensure that it's accessible.

  • If you want the remote desktop to start a program that is not listed as a published remote application, on a Windows server, you can modify the remote desktop connection settings of the Group Policy to allow remote users to start any application that is not published or listed as a published remote application.

  • If you plan to enable remote printing, you must configure printer redirection to allow users to access their local printer in the remote desktop session. On a Windows server, you can configure this setting in the Group Policy or in the client settings of the remote desktop session host configuration.

  • If you plan to enable remote file sharing, you must configure a drive redirection to allow users to access their local computer in the remote desktop environment. On a Windows server, you can configure this setting in the Group Policy or in the client settings of the remote desktop session host configuration.

  • If you plan to enable copy and paste functionality to and from the remote desktop, you must configure clipboard redirection. On a Windows server, you can configure this setting in the Group Policy or in the client settings of the remote desktop session host configuration.

📘

For instructions on any of these remote desktop operations, see the documentation for your remote desktop server.

In Enterprise Application Access (EAA), you can create a remote desktop application and configure the RDP application with settings that define how users interact with the remote application environment.

After you deploy a remote desktop application, users can access the deployed application with the specified external hostname.

  1. Add an RDP application. For instructions on creating an application, see Add an application to EAA. When you complete the step for selecting the application type, ensure that you select RDP.

  2. In Application Server IP/FQDN, enter the IP address or fully qualified domain (FQDN) of the remote desktop application server and the port number.
    You can click Add More to add another application server.
    DRAFT VERSION appears next to the application name, until you deploy the application.

    📘

    If you are doing origin server certificate validation, provide an FQDN for the application server (it cannot be done with an IP address of the app server).

  3. If you want the EAA connector to validate the authenticity of the origin server do the following:

    1. Enable Verify Origin Server Certificate. (on-by-default).
      It allows you to do the origin server certificate validation (recommended).

    2. In ROOT CA Certificate, select the root CA certificate with the full bundle you uploaded into Enterprise Application Access. See {{UNRESOLVED_LINK: Upload a ROOT CA certificate for origin server validation.

  4. Disable clipboard functionality. Use this option to prevent users from copying information from a RDP session. Otherwise you can copy the information from the session window.

  5. Select an External Host Name Field domain type, and enter the hostname for the application. Do one of the following:

  6. To associate connector with the application Click Add/Remove connector.

    📘

    More than one connector is recommended for high-availability and load balancing.

  7. Click Done.

  8. Click Save and go to Authentication.
    The Authentication tab opens.

  9. Configure Authentication settings. You can assign identity providers to an application, after you add directories, users, and groups.

  10. Click Save and go to Services.
    If you want to configure these optional services, see Set up services for an application.

  11. Click Advanced Settings.

  12. Configure the following Remote Desktop Configuration settings:

    1. Initial program. If you want the remote desktop to open an application each time the user logs in, enter the full path to the application executable file. Ensure the path contains escaped backslashes. For example, the path to an application, may look like: C:\\Program Files\\application.exe, where application is the name of the application.

    2. RemoteApp Name. If you want users to only access a specific application in the remote desktop enter the name of the application.

    3. Remote App Arguments. If you specified a Remote App Name and a command is required to open the application, enter the command.

    4. Remote App Directory. If you specified a Remote App Name and the application must be executed from a specific directory, enter the directory.

    5. Support RDP TLS v1. Enable this option if you need to support RDP TLS version 1.

    6. If you want to allow users to copy content from the remote desktop and paste to your local computer or copy content from your computer and paste to the remote desktop, select Enable Remote Copy/Paste.

    7. If you need to support the application on a non-Windows remote desktop, select Enable Non-Windows RDP.

      📘

      If you native RDP server is Windows, you see a white screen.

    8. To enable audio or allow a user to play audio in the remote environment, select Enable Audio.

    9. To allow users to print from the remote desktop, select Enable Printing.
      By default, the printer name LOCALPRINTERappears. If necessary, modify this the field with the preferred printer name.

    10. To allow users to share files or upload files from their computer to the remote desktop, select Enable File Sharing.
      By default, this setting is enabled to use the LOCALSHARE drive in your remote desktop. If necessary, modify the field with the preferred name of the drive.

    11. In Application-facing Authentication Mechanism select one of the following:

    • None. Select if you do not want to select an application-facing authentication mechanism. The user is prompted for credentials by the RDP server.

    • Auto. Select if you want users to experience a single sign-on based on their Active Directory record.

    • Service Account. Select if you want users to log in with credentials that will be shared with many users. In the provided fields, enter the service account username and the service account password. The username must be provided in the following format: domain\userID

  13. Click Save and go to Deployment.

  14. Deploy the application.

Next, If you use a Microsoft Windows server, Connect a Microsoft Windows server to an RDP application, and Access the remote desktop application in the remote desktop portal.

Connect a Microsoft Windows server to an RDP application

The Enterprise Application Access (EAA) connector does not carry out Network Level Authentication since it is not a part of your organization domain. If you create remote desktop protocol (RDP) application in Enterprise Application Access, you must enable the target Microsoft Windows server to allow remote connections.

  1. In your Windows server go to System Properties > Remote.

  2. Select Allow remote connections to this computer.

  3. Deselect Allow connections only from computers running Remote Desktop with Network Level Authentication.

  4. Click Apply and OK.

Access the remote desktop application

As an administrator, you can access the remote desktop application from Enterprise Application Access and view it as an user. The user may be able to perform certain actions in the remote desktop (such as copy and paste content). Those actions depend on the settings that are configured for the remote application in Enterprise Application Access.

Use a pulsing remote desktop icon to set display settings.

  1. Click the Applications tab in the top menu bar.
    The Application page appears.

  2. Locate the application you wish to access.

  3. Click the domain link.
    The RDP portal opens in a new tab.

  4. Enter your RDP login credentials. If you configured an application to start when the user logs in or you a configured that only a single application be available for users to access, the remote application is the only one the user can access, the remote application appears. The pulsing remote desktop icon also appears. When you click this icon, you can modify the RDP client display settings.

Next, configure RDP client display settings.

Configure the initial setup for an RDP application

Use an RDP-based application to prevent exposing a complete Windows desktop to users, and to give them access to a single application instead.

For more information see Microsoft article on configuring RemoteApp on Windows server.

  1. Add a program to the RemoteApp Programs list on the Windows server.

    1. On the RD Session Host server, click Start to open RemoteApp Manager

    2. In Administrative Tools > Remote Desktop Services select RemoteApp Manager.

    3. In Actions click Add RemoteApp Programs.

    4. In Welcome to the RemoteApp Wizard click Next.

    5. In Choose programs to add to the RemoteApp Programs list select each program that you want to add to the list of RemoteApp programs. You can select multiple programs.

    6. To configure the properties for a RemoteApp program, right-click the program name. Click Properties and configure the following:

    • The program name that appears to users. To change the name, enter a new name in the RemoteApp program name box.

    • The path of the program executable file. To change the path, enter the new path in the Location box, or click Browse to locate the .exe file.

    📘

    You can use system environment variables in the path name. For example, you can substitute %windir% for the explicit path of the Windows folder (such as C:\Windows). You cannot use per user environment variables.

  2. Click OK and Next.

  3. In Review Settings review the settings and click Finish.
    The selected programs appear in the RemoteApp Programs.

  4. Return to EAA Management Portal to configure the application you created in previous steps.

  5. On the RDP application card click Settings, and select ADVANCED.

  6. In Remote App Name enter the application name. If you specify a Remote App Name, you can configure the following:

    1. In Remote App Arguments enter CLI-level arguments to be executed, that this application requires to launch (if there's any). For example, c 100 -t 50.

    2. In Remote App Directory enter the working directory for this application, if the application needs a specific working directory to execute from.

  7. Click Save and exit.

  8. Deploy the application.

Maximum resolution for an RDP session in EAA

When using Enterprise Application Access (EAA) in a RDP session, there is a maximum screen resolution provided by two different RDP engines:

  • The older engine inherits the properties of the browser window. For example, if your browser window is 800 x 600 when the session starts, it retains that property. To change the resolution, restart the session with the browser window opened larger (or smaller) to alter the size. The older engine does not have the ability to support dual monitors.

  • The newer engine has an interface that lets each client alter the resolution and other properties. The maximum resolution is limited by the RDP server version on your Windows server. This Microsoft Technet article describes the resolutions supported by their servers.
    The new engine is more efficient with system resources such as RAM.


Did this page help you?