Thursday, 15 November 2012

RemoteApp server post installation tweaks


Remote App server on Windows2008 R2


Default installation needs a couple of tweaks to be usable.


You can use  group policy manager on your domain controller or local policy on Remote App server if it's only a single instance.

Redirect to RdWeb website:
1.Open IIS Manager and navigate to the level you want to manage (Default Web Site).
2.In Features View, double-click HTTP Redirect.
3.Instead of using "" use "/RDWeb/Pages/default.aspx" and change the redirect behaviour to:
Only redirect requests to content in this directory with a Permanent (301) status code.

Make login script to work:
1.Create logon.bat file and save it on RDGateway C drive, point in that file to original logon script i.e.:
2.Open up locally on RDGateway server gpedit.msc
User Configuration > Windows Settings > Scripts > Logon and add logon.bat script which you just created.

Hide C drive or prevent accessing it:
1. Open up gpedit.msc navigate to UserConf > Administrative Templates > Windows Components > Windows Explorer
2. Enable "Hide these specific drives in My Computer" or "Prevent access to drives in My Computer"

Hide Windows 7 Favorites, Libraries etc to help users to save files on the network shares:
1. Download from
2.Copy it to RDGateway extract and use all hide switches except /HideComputer

Stop users from saving files to Desktop and Documents
In logon.bat script add:
icacls %userprofile%\Desktop /grant "%username%":(R) /inheritance:r
icacls %userprofile%\Documents /grant "%username%":(R) /inheritance:r

Allow time zone redirection from group policy
Computer Configuration > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Device and Resource Redirection. 
There you will find "Allow time zone redirection"

Office 2010 default open/save location
1. Download Office 2010 Administrative Template files and extract
2. Open up gpedit.msc navigate to UserConf>AdministrativeTemplates right click and add ADM files
3. Configure Excel, Word "Defualt file location" to network drive i.e. S:\ (it is in options and advanced options)
4. Restart server to apply GPO settings.

Internet Explorer cache size, for RDP users
Install GPO
Set it in gpedit.msc

Set up loopback policy to overwrite group policy when logged on to RemoteApp server
Navigate to Computer Configuration>Administrative Templates>Group Policy
Find "User Group Policy loopback processing mode" and set it to Enabled - Merge
We had screen saver which wanted to turn off only for RemoteApps so:
UserConf>Administrative Templates>Control Panel>Personalization
Password protect the screen saver - Disabled
Screen saver timeout - Enabled = 0

Enable print logging for redirected printers
Type in "eventvwr" hit enter
Navigate to Windows Logs > Applications and Services Logs > Microsoft > Windows > PrintService
Right click Operational and select Properties, enable logging.
Filter by event id 307

Publish network shared folder, S: drive
In RemoteApp manager, publish new application and set following settings:
- Location: C:\Windows\Explorer.exe
- Always use the following command-line argument: /e,s:
- Always use the following command-line argument: /e,"s:\folder\my folder"

Optimize for best performance via group policy
Computer Configuration > Administrative Templates > Windows Components > Desktop Window Manager and set below to Enabled:
- Do not allow window animations
- Do not allow desktop composition
- Do not allowFlip3D invocation

Logon.bat content:

if /i %username% == administrator goto skipme
icacls %userprofile%\Desktop /grant "%username%":(R) /inheritance:r
icacls %userprofile%\Documents /grant "%username%":(R) /inheritance:r

No comments:

Post a Comment