One of the things that we expected to just work, but that
doesn’t, is having a Remote Desktop (RD) Session Host (terminal server) show up in Remote Web Access as a
computer that users can log in to. When we added a Windows Server
2008 R2 computer to our SBS network and enabled the RD Session
Host role service on the server, we expected it to automatically
get added to the RWA list, but it didn’t happen. So we did some
poking around and asked some of our SBS MVP friends, and came up
with the solution. (Thanks, Handy Andy!) First, there are some
minimum requirements:
The RD Session Host must be joined to the SBS
domain.
RD Licensing must be installed and activated on the SBS
network. (It’s not strictly required to get things working,
but you must assign an RD Licensing
server within 120 days of initial installation.)
Users must be added to the Remote Desktop Users local
group on the RD Session Host, as shown in Figure 6. (Here
we’ve used a global SBS group, RemoteApp Users, and added it
to the local Remote Desktop Users Group to simplify and
centralize management.)
The RD Licensing mode (per user or per device) for the
server must be assigned.
After you’ve got these minimum requirements met, use the
following steps to enable the terminal server for RWA.
Warning:
IMPORTANT The following
steps include editing the registry. Editing the registry is
deceptively simple but can have disastrous results, up to and
including making your computer unable to boot. Be careful and
don’t make any changes without knowing exactly why you’re making
them and what the consequences are. There—you’ve been
warned.
Log on to the SBS server with an account that has
Network Administrator privileges.
Open Active Directory Users And Computers from the
Administrative Tools menu.
Navigate to the SBSComputers organizational unit (OU),
as shown in Figure 7.
Select the RD Session Host and drag it into the
SBSServers OU.
Click Yes on the warning message shown in Figure 8.
Close the Active Directory Users And Computers
console.
Open the registry editor
(regedit.exe).
Navigate to
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SmallBusinessServer.
If there is a RemoteUserPortal key, open it. If it
doesn’t exist, create it.
Create a new multistring value (REG_MULTI_SZ) called
TsServerNames, as shown in Figure 9.
Edit the Multi-String value, adding the exact server
names of your terminal servers, each on their own line, as
shown in Figure 10.
Click OK to close the Edit Multi-String dialog box, and
then close the registry editor.
Open the Windows SBS Console if it isn’t already
open.
Click Shared Folders And Web Sites in the navigation
bar, and then click the Web Sites tab.
Select the Remote Web Access Web site in the main pane,
and click Disable This Site in the Tasks pane.
Click Enable This Site in the Tasks pane.
Now, when user Alfie logs in to RWA, he sees the RD
Session Host as a computer he can log on to, as shown in Figure 11.
Whew. That was a bit more work than we really expected. The
SBS team has done a really good job of making SBS just work as
we’d hoped and expected. But this one they missed.
