Blog: RemoteApp

After updating a laptop to Windows 10 1803, I had a user who could no longer right click within a RemoteApp window.  I found a suggestion to disable the group policy for "Use advanced RemoteFX graphics for RemoteApp". After disabling that policy and having the user log off/on, the user was able to right click within the RemoteApp window again.

 

Microsoft has changed the way that RemoteApp are made available to users in Server 2012 R2. They have done away with the MSI Installer method and the ability to create a RDP file. The two deployments options now are RDWeb and RemoteApp/Desktop Connection.

RDWeb is a great option for remote users, Mac users, and users of Microsoft operating systems older than Windows 8. The users simply go to a website, login, and are presented with all of the applications published to them. You can also use RDWeb to allow users to start RDP connections to Windows computers, which might be useful for users working remotely who need to connect to their office computers.

The RemoteApp/Desktop Connection method publishes the RemoteApps available to a user to their desktop, without having to log into RDWeb. The applications the user has published to them simply show up in their Start Menu. This setting can be deployed to users using Windows 8 and newer computers via a Group Policy Object. The Desktop connection URL setting under User Configuration | Policies | Administrative Templates | Windows Components | Remote Desktop Services | RemoteApp and Desktop Connections should be set to https://FQDN/RDWeb/Feed/webfeed.aspx as shown below.

It is important to note that the RemoteApp/Desktop Connection method requires that the SSL certificate issued to the remote desktop server be trusted on the user’s PC for the GPO to apply. RDWeb will also show security warning if the SSL certificate is not trusted on the user’s PC. While eliminating these security messages can be achieved by using an internal certificate, in cases where there is not an internal certificate authority, it is likely more economical to purchase a trusted third party SSL certificate than use the self-signed certificate from the remote desktop server. A third party certificate will eliminate the need for the user’s PC to have any certificates imported into their certificate store.