One cool feature with Windows 2012 R2 is the Remote Desktop Gateway feature. RD Gateway uses the Remote Desktop Protocol (RDP) over HTTPS to establish a secure, encrypted connection between remote users on the Internet and internal network resources. RD Gateway is a well know feature, but another feature which is just as cool is RemoteApps. This feature can leverage the RD Gateway technology to allow sessions for applications instead of desktop. This allows you to launch RDP (.rdp) files that launch your requested application directly instead of running a full desktop. A little known secret is the fact that this technology can be leveraged on any of the following operating systems which include workstations, without having a RemoteApp Server!!!
- Windows 2012/2012 R2
- Windows 2008/2008 R2
- Windows 8.1/10
The first thing we need to do is logon to the workstation or server that has the Application that we would like to launch. For the purposes of this lab I will be using the following test machines.
- RemoteApp81 (Windows 8.1 Workstation running Word 2013)
- MSCORP-WPJ (Windows 10 Workstation running Word 2016)
Log onto MSCORP-WPJ and open the registry by using regedit.
As shown in the Image below navigate to the following registry key:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\TSAppAllowList
Change the fDisabledAllowList value from a 0 to a 1.
Now we need to Log Off of MSCORP-WPJ.
***Note: Workstation1 must be logged off in order for Workstation2 to stream it’s applications. If someone is logged on when this application is launched remotely they will need to consent to the remote connection in order to allow the application to launch.
Now its team to head over to RemoteApp81 and create our .rdp file which will launch our application directly. Follow the steps below to create this .rdp file:
Log onto RemoteApp81.
Launch the Remote Desktop Connection by running mstsc.
At the Remote Desktop Connection windows enter MSCORP-WPJ under Computer:
Click on the Show Options then click on the Save As button.
At the Save As pop-up enter MSCORP-WPJ then click Save.
Use Notepad to open the MSCORP-WPJ.rdp file.
Change the following values within MSCORP-WPJ.rdp:
- Alternate shell:s:rdpinit.exe
Now add the following line and save the .rdp file:
Double-click the MSCORP-WPJ.rdp.
At the RemoteApp pop-up click Connect.
At the Windows Security pop-up enter your User Credentials.
At the Certificate Mismatch Warning click Yes.
Congratulations you are now successfully streaming Word 2016 from the remote workstation using RemoteApp. Another secret is the use of Internet Explorer on the remote machine. When IE is launched as the RemoteApp. You can then navigate thru the remote computer’s file system and launch most applications.