Remote Desktop with Azure AD Application Proxy

Sir A 131 Reputation points
2021-06-23T14:54:23.153+00:00

I have set up an RDS deployment exactly like its outlined on Microsoft documents, and tried to publish it with Azure AD Application Proxy. But all I receive is the IIS welcome page when browsing to the external url, so apparently I have not done something right. Does anyone have experience with this?

https://learn.microsoft.com/en-us/azure/active-directory/app-proxy/application-proxy-integrate-with-remote-desktop-services

I don't understand the portion about common root. Both Web and Gateway are on the same server. They were added through Server Manager on the connection broker.

  • Both the RD Web and RD Gateway endpoints must be located on the same machine, and with a common root.
Remote Desktop
Remote Desktop
A Microsoft app that connects remotely to computers and to virtual apps and desktops.
4,335 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,123 questions
0 comments No comments
{count} vote

Accepted answer
  1. Sir A 131 Reputation points
    2021-06-27T22:03:02.237+00:00

    I read the "fine print" on the documentation related to homepage url, and realized that homepage url redirection only occurs when you access the application from myapps.microsoft.com or Microsoft 365 app launcher.

    https://learn.microsoft.com/en-us/azure/active-directory/app-proxy/application-proxy-configure-custom-home-page

    If you access the external url from a web browser, you will be redirected to the exact url you type in, after going through the Azure AD login process. So if you want to access the RDweb page directly from a web browser, you have to actually type in https://externalUrl/RDWeb

    Unless you specifically redirect Default Web Site in IIS manager of RDWeb+RDGateway server to https://rds.mydomain.com/RDWeb. Then you can access https://externalUrl and be redirected to https://externalUrl/RDWeb (as long as you are using a custom domain, I have not tested this with the default .msappproxy.net domain)

    0 comments No comments

2 additional answers

Sort by: Most helpful
  1. Andy YOU 3,071 Reputation points
    2021-06-24T03:43:24.07+00:00

    HI

    "I don't understand the portion about common root."

    I find "The common root (ex: http://myapps/expenses and http://myapps/travel), you can publish these as one application (http://myapps). All content under that root will be available through Application Proxy."

    Implementing Azure AD Application Proxy
    https://github.com/intelequia/VirtualLabs/blob/master/Documentation/AzureADProxy.md

    ============================================
    If the Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments

  2. Sir A 131 Reputation points
    2021-06-24T09:56:33.817+00:00

    Thanks for replying.

    Do RDWeb and RDGateway have to share the same folder on the C:\ drive of Windows Server?

    I have installed RD Web through Server Manager on the Connection Broker, then I added the Gateway role to the same server through Server Manager on the Connection Broker too.

    108900-rds1.png

    Default Web Site physical path is C:\inetpub\wwwroot

    RdWeb physical path is C:\Windows\Web\RDWeb**
    Rpc phyiscal path is **C:\Windows\System32\RpcProxy

    RpcWithCert physical path is C:\Windows\System32\RpcProxy

    I have followed the Application Proxy documentation to a tee.

    Internal Url is: Https://rds.mydomain.com/

    External Url is: https://remotedesktopservices-mydomain.msappproxy.net/

    Homepage Url under branding is: https://rds.mydomain.com/RDWeb

    I know that I get the IIS welcome page if I internally browse to Https://rds.mydomain.com/

    But since I set homepage Url to Https://rds.mydomain.com/RDweb, I should be hitting the RDweb site when I browse to https://remotedesktopservices-mydomain.msappproxy.net externally? At least that's what the documentation says.

    Yet all I see is the IIS welcome page. Meaning I am not being redirected to the Homepage Url, even if I set it under branding.

    0 comments No comments