This article describes how to publish a custom remote desktop connection on XenApp. The main intent of this article is to allow administrator access to servers from Web Interface or Program Neighborhood Agent to make administration easier.

Background

Some administrators might require different access to their servers so they can have other methods to access their work. Certainly farm administrators need to be careful about giving remote desktop access. A simple way to publish a remote desktop is to find the mstsc.exe and publish it on the farm, but there is no control on what options should be allowed when accessing the servers with this method. This article demonstrates a method where you publish one remote desktop connection per server and with custom settings.

Instructions

Prepare *.rdp file with the desired settings for the server

This article contains configuration information for the remote desktop connection.

2. Modify the display settings. Always keep in mind the type of connection the users will have, the higher the graphics resolution, the more the performance of the connection is affected. If you want to force a specific desktop size or color quality, change them here. The settings changes made here are saved in the *.rdp file.
   

3. Modify the Local Resources settings. Configure these settings as needed, keep in mind that the users will be using these connections. Users might have unwanted access to resources on the server if the settings are configured wrongly. Configure your audio, clipboard, printer, and local drive redirection settings.
   

4. Modify the experience settings. The more options you allow, the more network resources are used for the connection. Select Reconnect if the connection is dropped. This helps users connect from limited or high usage networks.
   

5. Eliminate the security question when user logs on to a server that cannot provide or is not configured to provide this type of verification. This is recommended especially for connection to Windows Server 2003 or Windows XP machines. These versions of operating systems do not have the feature to provide this type of verification. Set the value to “Connect and don’t warn me”.

6. Go back to the General tab and save the configuration to a *.rdp file.
   

7. You now have a custom remote desktop connection to a server. However there is another thing to be configured.

   By default, when a user logs on to a Microsoft Windows 2003 Server they must log on twice, first on the remote client and second inside the connection on the Windows login prompt. This does not occur for Microsoft Windows 2008. This is a normal behavior. If you publish the remote desktop with this configuration, the administrator must log on twice to authenticate to the Windows 2003 servers. To resolve this, you can make the connection bypass the first logon prompt.
   

For the remote desktop connection to bypass the first login prompt, disable Credential support on the connection. Open the *.rdp file with Notepad and at the end of the file, add EnableCredSSPSupport:i:0, and save the file. Add this file to any folder you wish on the XenApp server so it can be accessed when you publish the connection.

Publish the remote desktop connection in XenApp

For more information regarding PowerShell with XenApp, you can download the complete SDK that gives the complete command library to use PowerShell with XenApp and documents how it can be used.