| Server IP : 180.180.241.3 / Your IP : 216.73.216.252 Web Server : Microsoft-IIS/7.5 System : Windows NT NETWORK-NHRC 6.1 build 7601 (Windows Server 2008 R2 Standard Edition Service Pack 1) i586 User : IUSR ( 0) PHP Version : 5.3.28 Disable Function : NONE MySQL : ON | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /Windows/Help/Windows/en-US/ |
Upload File : |
MZ����������������������������������������������������������@���PE��L��������������!
��������������������������@�����������������������0�������@����������������������������������������������������������������������������������������������������������������������������������������������������.rsrc��������������������������@��@.its�������� ��������������������@��@��������������������������������������������������������������������������������������������������������������������������������������������������������������0����������������� ��H���X��|����������|4���V�S�_�V�E�R�S�I�O�N�_�I�N�F�O�������������������������������������������������������S�t�r�i�n�g�F�i�l�e�I�n�f�o������0�4�0�9�0�4�b�0���b�!��F�i�l�e�V�e�r�s�i�o�n�����1�.�0�0�.�0�0� � � � � � � � � � � � � � � � � � � � � � � � � �����l�"��F�i�l�e�D�e�s�c�r�i�p�t�i�o�n�����C�o�m�p�i�l�e�d� �M�i�c�r�o�s�o�f�t� �H�e�l�p� �2�.�0� �T�i�t�l�e���B���F�i�l�e�S�t�a�m�p�����D�F�5�0�E�0�7�F�0�1�C�A�0�4�1�F���4�����J���C�o�m�p�i�l�e�r�V�e�r�s�i�o�n�����2�.�5�.�7�1�2�1�0�.�0���8�5�7�9�����V���C�o�m�p�i�l�e�D�a�t�e�����2�0�0�9�-�0�7�-�1�4�T�0�1�:�1�0�:�2�7��� � � � � � �����>���T�o�p�i�c�C�o�u�n�t���1�0�9���0�0�0�0�0�0�0�0�0�0�0�0������A��L�e�g�a�l�C�o�p�y�r�i�g�h�t���� �2�0�0�5� �M�i�c�r�o�s�o�f�t� �C�o�r�p�o�r�a�t�i�o�n�.� �A�l�l� �r�i�g�h�t�s� �r�e�s�e�r�v�e�d�.���C�C�C�C�C�C�C�C�C�C�C�C�C�����D����V�a�r�F�i�l�e�I�n�f�o�����$����T�r�a�n�s�l�a�t�i�o�n����� ��������������������������������������������ti�m���P����èYITOLITLS���(���������X쌡^�
V`������������������� ������������ ������x��������������������������������������������������������� ��������������������b�������������������������������������������������������������������������CAOL���P���HH��C��� �����������������������ITSF��� ������#������+BS ���������������������-Y쌡^�
VY쌡^�
VIFCM����������������AOLL��������������������������b�����������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������IFCM���� ������������AOLL�������������������������/���/$FXFtiAttribute/���/$FXFtiAttribute/BTREEr/$FXFtiAttribute/DATA��/$FXFtiAttribute/PROPERTY
N
/$FXFtiMain/���/$FXFtiMain/BTREEQ/$FXFtiMain/DATAi;/$FXFtiMain/PROPERTY$N/$Index/$ATTRNAMEx\/$Index/$PROPBAG/$Index/$STRINGSd*/$Index/$SYSTEM
r
/$Index/$TOC/���/$Index/$TOC/$ts_gateway�F/$Index/$TOPICATTRX /$Index/$TOPICS>`/$Index/$URLSTRH/$Index/$URLTBLVh/$Index/$VTAIDXT/$Index/AssetId/���/$Index/AssetId/$BL0X�
/$Index/AssetId/$LEAF_COUNTSX
/$Index/AssetId/$LEAVESd� /$OBJINSTF
/assets/���0/assets/0c78c3f1-545e-416c-a0bc-4c8347d917db.xml�t30/assets/108df0e7-74d7-475f-8220-bd4ada9b241a.xml�'0/assets/112c0ebd-f8db-4ab3-be74-f2865d91db37.xml�6
0/assets/11b0b5ae-7286-4dba-b328-5858565d7db6.xml�T 0/assets/13337aba-9d4f-4097-bd9b-33ed3567608c.xml�s*0/assets/1526d6c4-e87b-465e-9f5e-2b31680ea4f5.xml�
U0/assets/165e9dd2-8b57-4825-8a88-f806e9725cc3.xml�rj0/assets/175febeb-aab7-4a34-9b74-08cf92517b8d.xml�\_0/assets/19335e57-6a8e-433e-ad47-33bb755483ec.xml�;_0/assets/1c0ef440-c144-4b2a-a32a-79b17b033879.xml�I0/assets/23dad170-8223-4409-b396-184326450888.xml�cW0/assets/27cc58c3-b4bf-4953-bc6c-bc94ec780f73.xml�:}0/assets/2caaafad-233f-47b6-b21d-12e2b027619b.xml�70/assets/3073bf53-86a6-45df-9e65-d86eccaadf40.xml�F0/assets/3aceb57c-37ff-46ac-b545-148f8589c480.xml�TO0/assets/3dc83152-acbf-4bf7-a4c2-58dfeab1c63d.xml�# 0/assets/3e36b1a9-77b9-444f-aa47-4cc4132a2772.xml�,T0/assets/496e8935-e910-4692-a465-f6c7b3cfda16.xml��l0/assets/4be82080-069d-4cb4-8633-5d1fd898e5cd.xml�l0/assets/4c15509d-daed-4b4a-bffa-28de41355bbf.xml�{0/assets/501642ca-dcd6-475b-bd4b-373a09966de2.xml�}90/assets/51ecc12f-21d6-43fb-968e-b49154913127.xml�6 0/assets/5a8faf78-8f09-4436-bcd5-59cfcbd0d1fa.xml�?0/assets/5b54781e-4693-4998-83d7-d60271adfea1.xml�V(0/assets/5bfdffa9-b05c-4c7b-8e77-07aa51a44af3.xml�~e0/assets/5e9559f6-9f0d-4cde-92bc-7e566b446e3a.xml�c40/assets/5feddf36-b7d9-415e-81b8-c944f6bc3bc6.xml�0/assets/6101f2ee-3ac2-4a80-a6ea-85cbd9141a08.xml�,j0/assets/64c82f36-c887-44af-997a-63063aa36136.xml�B0/assets/68002f1c-6573-4d6d-bf76-9d7770925534.xml�X0/assets/6fa1b98d-0c8d-4f6b-bc7f-2cfc3b6080aa.xml�[%0/assets/72965a27-d33a-4e6e-aeac-f8f6978ecd20.xml��0/assets/77f9be0d-7b64-46db-902e-31c6ce81ab3e.xml�n0/assets/7a03804c-b3cb-44f1-bacd-aec78ba0b3a4.xml�tT0/assets/7d9b8192-42bf-4d62-889f-584648806fc7.xml�HN0/assets/80dccb05-7115-43be-a08a-30c9b7465899.xml�d0/assets/9bf8bd81-6bef-4bff-a976-db5e9fb3fcc4.xml�z$0/assets/9febb447-fd0a-4de8-aa8c-3e0b3df813c4.xml�
G0/assets/a870bc9f-02a2-4767-9ada-3d0241e38bd0.xml�e50/assets/afef1cdb-3d55-41bf-80af-a9c89c59d825.xml�n0/assets/bf055f2f-8518-4666-8b5e-09e6e1f9d1f0.xml�]0/assets/c1066750-4cd7-41dc-ab9c-a7bbc8959a7c.xml�ea0/assets/c1acb922-d89a-4959-a436-5f844ad5acee.xml�Ff0/assets/c23912c7-372c-4dc4-974f-e84c097dcdee.xml�,!0/assets/c7599759-3f3f-4c9f-8e45-9b6d79644d7d.xml�M
0/assets/c9d598e5-8658-4485-b764-4c971ce5cb73.xml�W(0/assets/d65ea2bf-6a7a-47a7-81f9-83c0322d0103.xml�j0/assets/e7c57c70-8381-4d1a-b37f-5fec9f734eb9.xml�i:0/assets/ea539beb-93ee-441d-a565-2c630eb1a5f8.xml�#~0/assets/edfd6893-e723-44ef-a0d3-94063897bcb3.xml�!{0/assets/f6b86bd9-d865-45e1-9c71-fe9fa9dbd1aa.xml�
=0/assets/f7bb15f8-f7f9-414a-af98-c845e4237646.xml�Y/0/assets/f90e0f61-e72e-46d1-a179-1d912ded2757.xml�0/assets/fb2cccec-2d8b-4225-a406-e3933f992851.xml�0/assets/fe6baab3-414b-4069-8f80-0b4c534bb830.xml�2z0/assets/ffbf3b3d-c4cb-4e9e-b84c-2d0bc6208ba2.xml�,h/ts_gateway.h1c�%/ts_gateway.H1F�9:/ts_gateway.H1T�C/ts_gateway.H1V�s
/ts_gateway_AssetId.H1K�Bk/ts_gateway_BestBet.H1K�-k/ts_gateway_LinkTerm.H1K�l/ts_gateway_SubjectTerm.H1K�o::DataSpace/NameList��<(::DataSpace/Storage/MSCompressed/Content�sz,::DataSpace/Storage/MSCompressed/ControlData�T )::DataSpace/Storage/MSCompressed/SpanInfo�L/::DataSpace/Storage/MSCompressed/Transform/List�<_::DataSpace/Storage/MSCompressed/Transform/{8CEC5846-07A1-11D9-B15E-000D56BFE6EE}/InstanceData/���i::DataSpace/Storage/MSCompressed/Transform/{8CEC5846-07A1-11D9-B15E-000D56BFE6EE}/InstanceData/ResetTable�mh3::Transform/{8CEC5846-07A1-11D9-B15E-000D56BFE6EE}/���������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������(
vcP=*FV�q�b�
��
�U�n�c�o�m�p�r�e�s�s�e�d���
�M�S�C�o�m�p�r�e�s�s�e�d���FX쌡^�
V��������LZXC����������������HH��<maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Understanding Details About Active Connections Through a Remote Desktop Gateway Server</maml:title><maml:introduction>
<maml:para>You can use Remote Desktop Gateway Manager to view information about active connections from Remote Desktop Services clients to internal network resources (computers) through an RD Gateway server. This information is displayed in the <maml:ui>Monitoring</maml:ui> details pane.</maml:para>
<maml:para>The following table lists and describes the information that is displayed about active connections. </maml:para>
</maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:table>
<maml:tableHeader>
<maml:row>
<maml:entry><maml:para>Event name</maml:para></maml:entry>
<maml:entry><maml:para>Description</maml:para></maml:entry></maml:row>
</maml:tableHeader>
<maml:row>
<maml:entry><maml:para><maml:ui>Connection ID</maml:ui></maml:para></maml:entry>
<maml:entry><maml:para>In the format <a:b> where "a" is the tunnel ID that uniquely identifies a specific connection to the RD Gateway server and "b" is the channel ID. The tunnel ID represents the number of connections that the RD Gateway server has received since the Remote Desktop Services Gateway service has been running. Each time the RD Gateway server receives a new connection, the tunnel ID is incremented by 1.</maml:para></maml:entry></maml:row>
<maml:row>
<maml:entry><maml:para><maml:ui>User ID</maml:ui></maml:para></maml:entry>
<maml:entry><maml:para>The domain and user ID of the user logged on to the client, in the format <domain\userID>.</maml:para></maml:entry></maml:row>
<maml:row>
<maml:entry><maml:para><maml:ui>User Name</maml:ui></maml:para></maml:entry>
<maml:entry><maml:para>The full name of the user logged on to the client.</maml:para></maml:entry></maml:row>
<maml:row>
<maml:entry><maml:para><maml:ui>Connected On</maml:ui></maml:para></maml:entry>
<maml:entry><maml:para>The date and time when the connection was initiated.</maml:para></maml:entry></maml:row>
<maml:row>
<maml:entry><maml:para><maml:ui>Connection Duration</maml:ui></maml:para></maml:entry>
<maml:entry><maml:para>The length of time that the connection was active.</maml:para></maml:entry></maml:row>
<maml:row>
<maml:entry><maml:para><maml:ui>Idle Time</maml:ui></maml:para></maml:entry>
<maml:entry><maml:para>The length of time that the connection is idle, if applicable.</maml:para></maml:entry></maml:row>
<maml:row>
<maml:entry><maml:para><maml:ui>Target Computer</maml:ui></maml:para></maml:entry>
<maml:entry><maml:para>The name of the internal network computer to which the client is connected.</maml:para></maml:entry></maml:row>
<maml:row>
<maml:entry><maml:para><maml:ui>Client IP Address</maml:ui></maml:para></maml:entry>
<maml:entry><maml:para>The IP address of the client.</maml:para>
<maml:alertSet class="note"><maml:title>Note </maml:title><maml:para>If your network configuration includes proxy servers, the IP address that appears in this column will reflect the IP address of the proxy server, rather than the IP address of the Remote Desktop Services client.</maml:para></maml:alertSet>
</maml:entry></maml:row>
<maml:row>
<maml:entry>
<maml:para><maml:ui>Target Port</maml:ui></maml:para></maml:entry>
<maml:entry><maml:para>The port on the internal network computer to which the client is connected.</maml:para></maml:entry></maml:row>
</maml:table>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Monitoring a Remote Desktop Gateway Server for Connection Status and Reporting</maml:linkText><maml:uri href="mshelp://windows/?id=fb2cccec-2d8b-4225-a406-e3933f992851"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>View Details About Active Connections Through a Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=e7c57c70-8381-4d1a-b37f-5fec9f734eb9"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Understanding Requirements for Connecting to a Remote Desktop Gateway Server</maml:title><maml:introduction>
<maml:para>Users on Remote Desktop Services clients must meet specific requirements before they can connect to RD Gateway. These requirements include the following:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:phrase>Supported Windows authentication method (required).</maml:phrase> You can configure the authentication methods that the RD Gateway server will allow by using Remote Desktop Gateway Manager. On clients, you can configure the authentication method to be used to connect to the RD Gateway server by using Group Policy. </maml:para>
<maml:alertSet class="important"><maml:title>Important </maml:title><maml:para>A client and the RD Gateway server to which the client connects must have at least one common authentication method, or the client connection attempt to the RD Gateway server will fail.</maml:para></maml:alertSet>
<maml:alertSet class="note"><maml:title>Note </maml:title><maml:para>If you configure the authentication method on the client by using Group Policy, keep in mind that Group Policy settings for Remote Desktop Services client connections can be applied in one of two ways. These policy settings can either be suggested (that is, they can be enabled, but not enforced) or they can be enabled and enforced. For more information, see <maml:navigationLink><maml:linkText>Using Group Policy to Manage Client Connections Through Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=6101f2ee-3ac2-4a80-a6ea-85cbd9141a08"></maml:uri></maml:navigationLink>.</maml:para></maml:alertSet></maml:listItem>
<maml:listItem><maml:para><maml:phrase>User group membership (required).</maml:phrase> You configure the user group membership requirement by using Remote Desktop Gateway Manager. </maml:para></maml:listItem>
<maml:listItem><maml:para><maml:phrase>Client computer group membership (optional).</maml:phrase> You configure the client computer group membership requirement by using Remote Desktop Gateway Manager.</maml:para></maml:listItem>
<maml:listItem><maml:para>In Remote Desktop Gateway Manager, you configure these requirements on the <maml:ui>Requirements</maml:ui> tab of a Remote Desktop connection authorization policy (RD CAP). For more information, see <maml:navigationLink><maml:linkText>Create an RD CAP</maml:linkText><maml:uri href="mshelp://windows/?id=19335e57-6a8e-433e-ad47-33bb755483ec"></maml:uri></maml:navigationLink>.</maml:para></maml:listItem></maml:list></maml:introduction><maml:content><maml:sections><maml:section>
<maml:title>Supported Windows authentication methods</maml:title><maml:introduction>
<maml:para>If you configure the supported Windows authentication method by using Remote Desktop Gateway Manager, you can specify that a user must use either a password or a smart card, or both. If you select both methods, either can be used to connect. </maml:para>
<maml:para>If you configure the supported Windows authentication method by using Group Policy, the following options are available:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:phrase>Ask for credentials, use NTLM protocol</maml:phrase> (a Windows NT challenge/response protocol). For information about the NTLM protocol, see Logon and Authentication Technologies (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=94215</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=94215"></maml:uri></maml:navigationLink>) and Microsoft NTLM (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=94216</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=94216"></maml:uri></maml:navigationLink>).</maml:para></maml:listItem>
<maml:listItem><maml:para><maml:phrase>Ask for credentials, use Basic protocol.</maml:phrase> The Basic authentication method is a widely used industry-standard method for collecting user name and password information. It is less secure, however, because the passwords are transmitted in Base64-encoded form, not encrypted. For more information, see Basic Authentication (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=94217</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=94217"></maml:uri></maml:navigationLink>).</maml:para></maml:listItem>
<maml:listItem><maml:para><maml:phrase>Use locally logged-on credentials.</maml:phrase> In this case, the same credentials that users provide to log on to their local computer will be used to connect to the RD Gateway server. Note that if you select this option, but users have previously connected to the same RD Gateway server and they have selected the <maml:ui>Remember my credentials</maml:ui> check box in the <maml:ui>RD Gateway Server Settings</maml:ui> dialog box on their client computer, their saved credentials will be used to connect to the RD Gateway server.</maml:para></maml:listItem>
<maml:listItem><maml:para><maml:phrase>Use smart card.</maml:phrase> Smart cards contain a microcomputer and a small amount of memory, and they provide secure, tamper-proof storage for private keys and X.509 security certificates. A smart card is a form of two-factor authentication that requires the user to have a smart card and know the PIN to gain access to network resources. For more information, see The Secure Access Using Smart Cards Planning Guide (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=94218</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=94218"></maml:uri></maml:navigationLink>).</maml:para></maml:listItem>
<maml:listItem><maml:para>If all of these credentials are available to users, and if users have already specified to save their credentials when connecting to the RD Gateway server, their credentials will be used in the following order:</maml:para></maml:listItem></maml:list>
<maml:list class="ordered">
<maml:listItem><maml:para>Saved credentials</maml:para></maml:listItem>
<maml:listItem><maml:para>Locally logged-on credentials</maml:para></maml:listItem>
<maml:listItem><maml:para>Other password or smart card credentials supplied by the user</maml:para></maml:listItem></maml:list>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para>For information about how to configure supported Windows authentication methods for RD Gateway by using Group Policy, see <maml:navigationLink><maml:linkText>Set the Remote Desktop Gateway Server Authentication Method</maml:linkText><maml:uri href="mshelp://windows/?id=112c0ebd-f8db-4ab3-be74-f2865d91db37"></maml:uri></maml:navigationLink>. </maml:para></maml:listItem>
<maml:listItem><maml:para>For information about how to configure supported Windows authentication methods by using Remote Desktop Gateway Manager, see <maml:navigationLink><maml:linkText>Create an RD CAP</maml:linkText><maml:uri href="mshelp://windows/?id=19335e57-6a8e-433e-ad47-33bb755483ec"></maml:uri></maml:navigationLink>.</maml:para></maml:listItem>
<maml:listItem><maml:para>For information about how to configure user group and client computer group membership requirements by using Remote Desktop Gateway Manager, see <maml:navigationLink><maml:linkText>Create an RD CAP</maml:linkText><maml:uri href="mshelp://windows/?id=19335e57-6a8e-433e-ad47-33bb755483ec"></maml:uri></maml:navigationLink>.</maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Manage Remote Desktop Connection Authorization Policies (RD CAPs)</maml:linkText><maml:uri href="mshelp://windows/?id=a870bc9f-02a2-4767-9ada-3d0241e38bd0"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections></maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Set the Remote Desktop Gateway Server Authentication Method</maml:title><maml:introduction>
<maml:para>This procedure describes how to use the Group Policy Management Console (GPMC) to set an authentication method for Remote Desktop Services clients that connect to internal network resources (computers) through an RD Gateway server. </maml:para>
<maml:alertSet class="note"><maml:title>Note </maml:title><maml:para>To manage Group Policy on a Windows Server 2008 R2-based domain controller, you must first add the Group Policy Management Console feature. To do this, start Server Manager, and then under <maml:ui>Feature Summary</maml:ui>, click <maml:ui>Add Features</maml:ui>. On the <maml:ui>Select Features</maml:ui> page, select the <maml:ui>Group Policy Management</maml:ui> check box. Follow the on-screen instructions to complete the installation.</maml:para></maml:alertSet>
<maml:para>To change Group Policy settings for a domain or an organizational unit (OU), you must be logged on as a member of the <maml:phrase>Domain Admins</maml:phrase>, <maml:phrase>Enterprise Admins</maml:phrase>, or the <maml:phrase>Group Policy Creator Owners</maml:phrase> group, or have been delegated the appropriate control over Group Policy.</maml:para>
</maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To set the Remote Desktop Gateway server authentication method</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Start the GPMC. To do so, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, and then click <maml:ui>Group Policy Management</maml:ui>. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>In the left pane, locate the OU that you want to edit.</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>To modify an existing Group Policy object (GPO) for the OU, expand the OU, and then click the GPO.</maml:para></maml:listItem>
<maml:listItem><maml:para>To create a new GPO, follow these steps:</maml:para>
<maml:list class="ordered">
<maml:listItem><maml:para>Right-click the OU, and then click <maml:ui>Create a GPO in this domain, and link it here</maml:ui>.</maml:para></maml:listItem>
<maml:listItem><maml:para>In the <maml:ui>Name</maml:ui> box, type a name for the GPO, and then click <maml:ui>OK</maml:ui>.</maml:para></maml:listItem>
<maml:listItem><maml:para>In the left pane, locate and click the new GPO.</maml:para></maml:listItem></maml:list>
</maml:listItem></maml:list>
</maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the right pane, click the <maml:ui>Settings</maml:ui> tab.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Right click <maml:ui>User Configuration</maml:ui>, and then click <maml:ui>Edit</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the left pane, under <maml:ui>User Configuration</maml:ui>, expand <maml:ui>Policies</maml:ui>, expand <maml:ui>Administrative Templates</maml:ui>, expand <maml:ui>Windows Components</maml:ui>, expand <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>RD Gateway</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the right pane, in the settings list, right-click <maml:ui>Set RD Gateway authentication method</maml:ui>, and then click <maml:ui>Edit</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the <maml:ui>Set RD Gateway authentication method</maml:ui> dialog box, do one of the following:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>Click <maml:ui>Not Configured</maml:ui>. The authentication method that is specified by the user is used. If an authentication method is not specified, the NTLM protocol that is enabled on the client or a smart card can be used for authentication.</maml:para></maml:listItem>
<maml:listItem><maml:para>Click<maml:ui> Enabled</maml:ui>, and then select the authentication method. By default, the <maml:ui>Allow users to change this setting </maml:ui>check box is not selected, meaning that the authentication method setting is suggested, and that users on the Remote Desktop Services client will be unable to specify an alternate authentication method. To allow the authentication method to be revised by users on the client, select this check box. For information about supported Windows authentication methods for RD Gateway, see <maml:navigationLink><maml:linkText>Understanding Requirements for Connecting to a Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=108df0e7-74d7-475f-8220-bd4ada9b241a"></maml:uri></maml:navigationLink>. </maml:para></maml:listItem>
<maml:listItem><maml:para>Click<maml:ui> Disabled</maml:ui>. The authentication method that is specified by the user is used. If an authentication method is not specified, the NTLM protocol that is enabled on the Remote Desktop Services client or a smart card can be used for authentication. </maml:para></maml:listItem></maml:list>
</maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Click <maml:ui>OK</maml:ui>.</maml:para></maml:section></maml:sections></maml:step></maml:procedure>
<maml:alertSet class="note"><maml:title>Note </maml:title><maml:para>To configure RD Gateway settings by using the local computer policy, use the Local Group Policy Editor. To start the Local Group Policy Editor, click <maml:ui>Start</maml:ui>, click <maml:ui>Run</maml:ui>, type <maml:userInput>gpedit.msc</maml:userInput>, and then click <maml:ui>OK</maml:ui>. To configure local Group Policy settings, you must be a member of the <maml:phrase>Administrators</maml:phrase> group on the local computer or you must have been delegated the appropriate authority.</maml:para></maml:alertSet>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Using Group Policy to Manage Client Connections Through Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=6101f2ee-3ac2-4a80-a6ea-85cbd9141a08"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Checklist: Configure Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=c9d598e5-8658-4485-b764-4c971ce5cb73"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Remove Members of a Remote Desktop Gateway Server Farm</maml:title><maml:introduction>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para></maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To remove members of a Remote Desktop Gateway server farm</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, point to <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Remote Desktop Gateway Manager</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the Remote Desktop Gateway Manager console tree, click to select the node that represents your RD Gateway server, which is named for the computer on which the RD Gateway server is running.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the results pane, under <maml:ui>Configuration Status</maml:ui>, click <maml:ui>View RD Gateway server farm members</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the <maml:ui>Properties</maml:ui> dialog box for the RD Gateway server, on the <maml:ui>Server Farm</maml:ui> tab, under <maml:ui>Remote Desktop Gateway server farm status</maml:ui>, click the RD Gateway server that you want to remove, and then click <maml:ui>Remove</maml:ui>. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the <maml:ui>RD Gateway</maml:ui> dialog box, click <maml:ui>Yes</maml:ui>. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>To remove additional RD Gateway servers, repeat steps 4 and 5 as necessary. Ensure that you repeat these steps for each server in the farm so that the list of members is the same for each server in the farm.</maml:para></maml:section></maml:sections></maml:step></maml:procedure>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Configuring the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=5e9559f6-9f0d-4cde-92bc-7e566b446e3a"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Create a Remote Desktop Gateway Server Farm</maml:linkText><maml:uri href="mshelp://windows/?id=c1acb922-d89a-4959-a436-5f844ad5acee"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Checklist: Configure Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=c9d598e5-8658-4485-b764-4c971ce5cb73"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Open the Remote Desktop Gateway Manager</maml:linkText><maml:uri href="mshelp://windows/?id=27cc58c3-b4bf-4953-bc6c-bc94ec780f73"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections></maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Configure Remote Desktop Connection Settings for Remote Desktop Gateway</maml:title><maml:introduction>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para>
</maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To configure Remote Desktop Connection settings for Remote Desktop Gateway</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>Open the Remote Desktop Connection client. To open the Remote Desktop Connection client, click <maml:ui>Start</maml:ui>, point to <maml:ui>All Programs</maml:ui>, point to <maml:ui>Accessories</maml:ui>, and then click <maml:ui>Remote Desktop Connection</maml:ui>.</maml:para>
</maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>In the <maml:ui>Remote Desktop Connection</maml:ui> dialog box, click <maml:ui>Options</maml:ui> to expand the dialog box and view settings.</maml:para>
</maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>On the <maml:ui>Advanced </maml:ui>tab, under <maml:ui>Connect from anywhere</maml:ui>, click <maml:ui>Settings</maml:ui>.</maml:para>
</maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>In the <maml:ui>RD Gateway Server Settings</maml:ui> dialog box, select the appropriate options: </maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:ui>Automatically detect RD Gateway server settings</maml:ui> (default). If you select this option, the Remote Desktop Services client attempts to use Group Policy settings that determine the behavior of client connections to RD Gateway servers or RD Gateway server farms, if these settings have been configured and enabled. For more information, see <maml:navigationLink><maml:linkText>Using Group Policy to Manage Client Connections Through Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=6101f2ee-3ac2-4a80-a6ea-85cbd9141a08"></maml:uri></maml:navigationLink>. </maml:para></maml:listItem>
<maml:listItem><maml:para><maml:ui>Use these RD Gateway server settings</maml:ui>. If an RD Gateway server or RD Gateway server farm name and a logon method are not already enabled and enforced by Group Policy, you can select this option and specify the name of the RD Gateway server or RD Gateway server farm that you want to connect to and the logon method to use for the connection. </maml:para>
<maml:alertSet class="warning"><maml:title>Warning </maml:title><maml:para>When you specify a name for the RD Gateway server or RD Gateway server farm, you must use a fully qualified domain name (FQDN).</maml:para></maml:alertSet>
<maml:para><maml:ui>Bypass RD Gateway server for local addresses</maml:ui>. This option is selected by default. </maml:para>
<maml:para>If you want the Remote Desktop Services client to automatically detect when RD Gateway is required, select this check box. If you use a mobile computer, selecting this option will optimize client connectivity performance and minimize latency because RD Gateway will only be used when it is required. If your computer is always connected to the local area network (LAN) or if it is hosted inside the internal network firewall, RD Gateway will not be used. If you are outside the internal network and connecting to the internal network over the Internet, RD Gateway will be used.</maml:para>
<maml:alertSet class="note"><maml:title>Note </maml:title><maml:para>If your system is on a LAN, but you want to test connectivity through an RD Gateway server or RD Gateway server farm, clear this check box. If this check box is selected, the client will connect directly to the RD Session Host server and will not connect through the RD Gateway server or RD Gateway server farm.</maml:para></maml:alertSet></maml:listItem>
<maml:listItem><maml:para><maml:ui>Do not use an RD Gateway server</maml:ui>. Select this option if your computer is always connected to the LAN or if it is hosted inside the internal network firewall. This option is appropriate if you know that you do not need to use RD Gateway to traverse a firewall.</maml:para></maml:listItem></maml:list>
</maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>Do one of the following:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>To save the settings and close the <maml:ui>Remote Desktop Connection</maml:ui> dialog box, click <maml:ui>Save</maml:ui>, and then click <maml:ui>Cancel</maml:ui>. The settings will be saved as an RDP file to a default location (by default, the file is saved to Drive:\<<maml:replaceable>Username</maml:replaceable>>\Documents).</maml:para></maml:listItem>
<maml:listItem><maml:para>To save the RDP file to a specified location (you can customize and distribute the file later to multiple clients as needed), click <maml:ui>Save As</maml:ui>. In the <maml:ui>Save As</maml:ui> dialog box, in the <maml:ui>File name</maml:ui> box, specify the file name and location, and then click <maml:ui>Save</maml:ui>.</maml:para></maml:listItem></maml:list>
</maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>To proceed with a connection to an internal network resource, click <maml:ui>Connect</maml:ui>, and then enter your credentials when prompted.</maml:para>
</maml:section></maml:sections></maml:step></maml:procedure>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Configuring the Remote Desktop Services Client for Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=7a03804c-b3cb-44f1-bacd-aec78ba0b3a4"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Install the Remote Desktop Gateway Role Service</maml:title><maml:introduction>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para></maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To install the Remote Desktop Gateway role service</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Open Server Manager. To open Server Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, and then click <maml:ui>Server Manager</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>If the Remote Desktop Services role is not already installed:</maml:para>
<maml:list class="ordered">
<maml:listItem><maml:para>In Server Manager, under <maml:ui>Roles Summary</maml:ui>, click <maml:ui>Add Roles</maml:ui>.</maml:para></maml:listItem>
<maml:listItem><maml:para>In the Add Roles Wizard, if the <maml:ui>Before You Begin</maml:ui> page appears, click <maml:ui>Next</maml:ui>. This page will not appear if you have already installed other roles and you have selected the <maml:ui>Skip this page by default</maml:ui> check box.</maml:para></maml:listItem>
<maml:listItem><maml:para>On the <maml:ui>Select Server Roles</maml:ui> page, under <maml:ui>Roles</maml:ui>, select <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Next</maml:ui>.</maml:para></maml:listItem>
<maml:listItem><maml:para>On the <maml:ui>Remote Desktop Services</maml:ui> page, click <maml:ui>Next</maml:ui>.</maml:para></maml:listItem>
<maml:listItem><maml:para>On the <maml:ui>Select Role Services</maml:ui> page, select the <maml:ui>Remote Desktop Gateway</maml:ui> check box.</maml:para></maml:listItem>
<maml:listItem><maml:para>If prompted to specify whether you want to install the additional role services required for Remote Desktop Gateway, click <maml:ui>Add Required Role Services</maml:ui>.</maml:para></maml:listItem>
<maml:listItem><maml:para>On the <maml:ui>Select Role Services</maml:ui> page, click <maml:ui>Next</maml:ui>.</maml:para></maml:listItem></maml:list>
<maml:para>If the Remote Desktop Services role is already installed:</maml:para>
<maml:list class="ordered">
<maml:listItem><maml:para>Under <maml:ui>Roles Summary</maml:ui>, click <maml:ui>Remote Desktop Services</maml:ui>.</maml:para></maml:listItem>
<maml:listItem><maml:para>Under <maml:ui>Role Services</maml:ui>, click <maml:ui>Add Role Services</maml:ui>.</maml:para></maml:listItem>
<maml:listItem><maml:para>On the <maml:ui>Select Role Services</maml:ui> page, select the <maml:ui>Remote Desktop Gateway</maml:ui> check box, and then click <maml:ui>Next</maml:ui>.</maml:para></maml:listItem>
<maml:listItem><maml:para>If prompted to specify whether you want to install the additional role services required for Remote Desktop Gateway, click <maml:ui>Add Required Role Services</maml:ui>.</maml:para></maml:listItem>
<maml:listItem><maml:para>On the <maml:ui>Select Role Services</maml:ui> page, click <maml:ui>Next</maml:ui>.</maml:para></maml:listItem></maml:list></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the <maml:ui>Choose a Server Authentication Certificate for SSL Encryption</maml:ui> page, specify whether to choose an existing certificate for SSL encryption (recommended), create a self-signed certificate for SSL encryption, or choose a certificate for SSL encryption later. If you are completing an installation for a new server that does not yet have certificates, see <maml:navigationLink><maml:linkText>Obtain a Certificate for the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=3dc83152-acbf-4bf7-a4c2-58dfeab1c63d"></maml:uri></maml:navigationLink> for certificate requirements and information about how to obtain and install a certificate.</maml:para>
<maml:para>Under the <maml:ui>Choose an existing certificate for SSL encryption (recommended)</maml:ui> option, only certificates that have the intended purpose (server authentication) and Enhanced Key Usage (EKU) [Server Authentication (1.3.6.1.5.5.7.3.1)] that are appropriate for the RD Gateway role service will appear in the list of certificates. If you select this option, click <maml:ui>Import</maml:ui>, and then import a new certificate. A certificate that does not meet these requirements will not appear in the list. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the <maml:ui>Create Authorization Policies for RD Gateway</maml:ui> page, specify whether you want to create authorization policies (an RD CAP and an RD RAP) during the Remote Desktop Gateway role service installation process or later. If you select <maml:ui>Later</maml:ui>, follow the procedures in <maml:navigationLink><maml:linkText>Create an RD CAP</maml:linkText><maml:uri href="mshelp://windows/?id=19335e57-6a8e-433e-ad47-33bb755483ec"></maml:uri></maml:navigationLink> to create this policy. If you select <maml:ui>Now</maml:ui>, do the following: </maml:para>
<maml:list class="ordered">
<maml:listItem><maml:para>On the <maml:ui>Select User Groups That Can Connect Through RD Gateway</maml:ui> page, click <maml:ui>Add</maml:ui> to specify additional user groups. In the <maml:ui>Select Groups</maml:ui> dialog box, specify the user group location and name, and then click <maml:ui>OK</maml:ui> as needed to check the name and to close the <maml:ui>Select Groups</maml:ui> dialog box. </maml:para>
<maml:para>To specify more than one user group, do either of the following: Type the name of each user group, separating the name of each group with a semi-colon; or add additional groups from different domains by repeating the first part of this step for each group.</maml:para></maml:listItem>
<maml:listItem><maml:para>After you finish specifying additional user groups, on the <maml:ui>Select User Groups That Can Connect Through RD Gateway</maml:ui> page, click <maml:ui>Next</maml:ui>.</maml:para></maml:listItem>
<maml:listItem><maml:para>On the <maml:ui>Create an RD CAP for RD Gateway</maml:ui> page, accept the default name for the RD CAP (RD_CAP_01) or specify a new name, select one or more supported Windows authentication methods, and then click <maml:ui>Next</maml:ui>.</maml:para></maml:listItem>
<maml:listItem><maml:para>On the <maml:ui>Create an RD RAP for RD Gateway</maml:ui> page, accept the default name for the RD RAP (RD_RAP_01) or specify a new name, and then do one of the following: Specify whether to allow users to connect only to computers in one or more computer groups, and then specify the computer group; or specify that users can connect to any computer on the network. Click <maml:ui>Next</maml:ui>. </maml:para></maml:listItem></maml:list></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the <maml:ui>Network Policy and Access Services</maml:ui> page (which appears if this role service is not already installed), review the summary information, and then click <maml:ui>Next</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the <maml:ui>Select Role Services</maml:ui> page, verify that <maml:ui>Network Policy Server</maml:ui> is selected, and then click <maml:ui>Next</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the <maml:ui>Web Server (IIS)</maml:ui> page (which appears if this role service is not already installed), review the summary information, and then click <maml:ui>Next</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the <maml:ui>Select Role Services</maml:ui> page, accept the default selections for <maml:ui>Web Server (IIS)</maml:ui>, and then click <maml:ui>Next</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the <maml:ui>Confirm Installation Selections</maml:ui> page, verify that the following role services will be installed: </maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>Remote Desktop Services\RD Gateway</maml:para></maml:listItem>
<maml:listItem><maml:para>Network Policy and Access Services\Network Policy Server</maml:para></maml:listItem>
<maml:listItem><maml:para>Web Server (IIS)</maml:para></maml:listItem>
<maml:listItem><maml:para>RPC over HTTP Proxy</maml:para></maml:listItem></maml:list></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Click <maml:ui>Install</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the <maml:ui>Installation Progress</maml:ui> page, installation progress will be noted.</maml:para>
<maml:para>If any of these roles, role services, or features has already been installed, installation progress will be noted only for the new roles, role services, or features that are being installed.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the <maml:ui>Installation Results</maml:ui> page, confirm that installation for these roles, role services, and features was successful, and then click <maml:ui>Close</maml:ui>.</maml:para></maml:section></maml:sections></maml:step></maml:procedure></maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Configuring the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=5e9559f6-9f0d-4cde-92bc-7e566b446e3a"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Checklist: Configure Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=c9d598e5-8658-4485-b764-4c971ce5cb73"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
</maml:list></maml:introduction></maml:section></maml:sections></maml:section></maml:sections></maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>What Is Device Redirection?</maml:title><maml:introduction>
<maml:para>Remote Desktop Services provides client users the ability to access their local devices and resources in remote sessions. Users can access resources such as local drives, printers, the Clipboard, and supported Plug and Play devices. This is usually referred to as device redirection. </maml:para>
<maml:para>In Windows Server 2008 R2, device redirection has been enhanced and expanded. Now you can redirect Windows Portable Devices, specifically media players based on the Media Transfer Protocol (MTP), and digital cameras based on the Picture Transfer Protocol (PTP).</maml:para>
<maml:para>For RD Gateway, when you select the option to disable device redirection for specific device types, the RD Gateway server will send the request back to the client with a list of the device types to be disabled. This list is a suggestion only; it is possible for the client to modify the device redirection settings in the list. The suggested device redirection settings can only be enforced for Remote Desktop Connection (RDC) clients. </maml:para>
<maml:alertSet class="caution"><maml:title>Caution </maml:title><maml:para>Selecting the <maml:ui>Only allow client connections to Remote Desktop Session Host servers that enforce RD Gateway device redirection</maml:ui> check box will prevent users that are running versions older than Remote Desktop Connection (RDC) 7.0 from connecting, and will enforce secure device redirection.</maml:para></maml:alertSet>
<maml:alertSet class="note"><maml:title>Note </maml:title><maml:para>RD Gateway does not have the ability to manage device redirection for smart cards and audio. </maml:para></maml:alertSet>
<maml:para>For more information about device redirection in Windows Server 2008 R2, see the Remote Desktop Services page on the Windows Server 2008 R2 TechCenter (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=140433</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=140433"></maml:uri></maml:navigationLink>).</maml:para>
</maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Enable or Disable Client Device Redirection</maml:linkText><maml:uri href="mshelp://windows/?id=edfd6893-e723-44ef-a0d3-94063897bcb3"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections></maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Disable Management for a Remote Desktop Gateway Server</maml:title><maml:introduction>
<maml:para>You can use this procedure to stop managing an RD Gateway server. To specify a different RD Gateway server to manage (or to manage the same RD Gateway server again at a later time), see <maml:navigationLink><maml:linkText>Specify a Remote Desktop Gateway Server to Manage</maml:linkText><maml:uri href="mshelp://windows/?id=5bfdffa9-b05c-4c7b-8e77-07aa51a44af3"></maml:uri></maml:navigationLink>.</maml:para>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para></maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To disable management for a Remote Desktop Gateway server</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, point to <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Remote Desktop Gateway Manager</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the Remote Desktop Gateway Manager console tree, click to select the node that represents the RD Gateway server for which you want to disable management.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Right-click the RD Gateway server, and then click <maml:ui>Do not manage this server</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>A message will appear, prompting you to confirm whether you want to stop managing the specified RD Gateway server. To confirm, click <maml:ui>Yes</maml:ui>.</maml:para></maml:section></maml:sections></maml:step></maml:procedure>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Configuring the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=5e9559f6-9f0d-4cde-92bc-7e566b446e3a"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Checklist: Configure Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=c9d598e5-8658-4485-b764-4c971ce5cb73"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections></maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Create an RD CAP</maml:title><maml:introduction>
<maml:para>Remote Desktop connection authorization policies (RD CAPs) allow you to specify who can connect to an RD Gateway server. This procedure describes how to create a new local RD CAP. Alternatively, you can specify a central RD CAP store. For more information, see <maml:navigationLink><maml:linkText>Specify a New Central RD CAP Store</maml:linkText><maml:uri href="mshelp://windows/?id=3073bf53-86a6-45df-9e65-d86eccaadf40"></maml:uri></maml:navigationLink> or <maml:navigationLink><maml:linkText>Specify an Existing Local or Central RD CAP Store</maml:linkText><maml:uri href="mshelp://windows/?id=f6b86bd9-d865-45e1-9c71-fe9fa9dbd1aa"></maml:uri></maml:navigationLink>. </maml:para>
<maml:alertSet class="important"><maml:title>Important </maml:title><maml:para>If you have not done so already, you must also create a Remote Desktop resource authorization policy (RD RAP). Until you create both an RD CAP and an RD RAP, users cannot connect to network resources through this RD Gateway server.</maml:para></maml:alertSet>
<maml:para>This procedure describes how to use Remote Desktop Gateway Manager to create a custom RD CAP. Alternatively, you can use the Authorization Policies Wizard to quickly create an RD CAP and an RD RAP for RD Gateway. </maml:para>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para>
</maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To create an RD CAP</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, point to <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Remote Desktop Gateway Manager</maml:ui>. </maml:para>
</maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>In the console tree, click to expand the node that represents the RD Gateway server, which is named for the computer on which the RD Gateway server is running. </maml:para>
</maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>In the console tree, expand <maml:ui>Policies</maml:ui>, and then click <maml:ui>Connection Authorization Policies</maml:ui>.</maml:para>
</maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>Right-click the <maml:ui>Connection Authorization Policies</maml:ui> folder, point to <maml:ui>Create New Policy</maml:ui>, and then click <maml:ui>Custom</maml:ui>.</maml:para>
</maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>In the <maml:ui>New RD CAP</maml:ui> dialog box, on the <maml:ui>General </maml:ui>tab, in the <maml:ui>Policy name</maml:ui> box, enter a name for the policy, and then verify that the <maml:ui>Enable this policy</maml:ui> check box is selected.</maml:para>
</maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>On the <maml:ui>Requirements</maml:ui> tab, under <maml:ui>Supported Windows authentication methods</maml:ui>, select one or both of the following check boxes:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:ui>Password</maml:ui></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:ui>Smart card</maml:ui></maml:para></maml:listItem></maml:list>
<maml:para>When both of these options are selected, clients that use either authentication method are allowed to connect. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Under <maml:ui>User group membership (required)</maml:ui>, click <maml:ui>Add Group</maml:ui>, and then specify a user group whose members can connect to the RD Gateway server. You must specify at least one user group. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the <maml:ui>Select Groups</maml:ui> dialog box, specify the user group location and name, and then click <maml:ui>OK</maml:ui> as needed to check the name and to close the <maml:ui>Select Groups</maml:ui> dialog box. To specify more than one user group, do either of the following:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>Type the name of each user group, separating the name of each group with a semi-colon.</maml:para></maml:listItem>
<maml:listItem><maml:para>Add additional groups from different domains by repeating this step for each group.</maml:para></maml:listItem></maml:list></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>To specify optional additional computer domain membership criteria that client computers must meet, on the <maml:ui>Requirements</maml:ui> tab, under <maml:ui>Client computer group membership (optional)</maml:ui>, click <maml:ui>Add Group</maml:ui>, and then specify the computer groups.</maml:para>
<maml:para>To specify the computer groups, you can use the same steps that you used to specify user groups. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the <maml:ui>Device Redirection</maml:ui> tab, select one of the following options to enable or disable redirection for remote client devices:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>To permit all client devices to be redirected when connecting through the RD Gateway server, click <maml:ui>Enable device redirection for all client devices</maml:ui>. By default, this option is selected.</maml:para></maml:listItem>
<maml:listItem><maml:para>To disable device redirection for only certain device types when connecting through the RD Gateway server, click <maml:ui>Disable device redirection for the following client device types</maml:ui>, and then select the check boxes that correspond to the client device types for which device redirection should be disabled.</maml:para></maml:listItem></maml:list>
</maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>To only allow client connection to servers that enforce secure device redirection, on the <maml:ui>Device Redirection</maml:ui> tab, click <maml:ui>Only allow client connections to Remote Desktop Session Host servers that enforce RD Gateway device redirection</maml:ui>.</maml:para>
<maml:alertSet class="caution"><maml:title>Caution </maml:title><maml:para>Selecting <maml:ui>Only allow client connections to Remote Desktop Session Host servers that enforce RD Gateway device redirection</maml:ui> will prevent users that are running versions older than Remote Desktop Connection (RDC) 7.0 from connecting.</maml:para></maml:alertSet></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>On the <maml:ui>Timeouts</maml:ui> tab, select the following options to enable or disable timeouts:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>To set disconnection timeout settings for an idle remote session when connecting through the RD Gateway server, select the <maml:ui>Enable idle timeout</maml:ui> check box. In the <maml:ui>Disconnect session after idle for</maml:ui> box, enter the time, in minutes, to set the maximum time that a remote session can be idle before the session is disconnected. </maml:para></maml:listItem>
<maml:listItem><maml:para>To set session timeout settings for a remote session when connecting through the RD Gateway server, select the <maml:ui>Enable session timeout</maml:ui> check box. In the <maml:ui>Time out session after</maml:ui> box, enter the time, in minutes, to set the time for session timeout to take effect. Select the action to take after the user session timeout is reached:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>To disconnect the remote session, click <maml:ui>Disconnect session</maml:ui>. </maml:para></maml:listItem>
<maml:listItem><maml:para>To have the session continue uninterrupted, unless changes to the user profile have been made, click <maml:ui>Silently re-authenticate and reauthorize session</maml:ui>. </maml:para></maml:listItem></maml:list>
</maml:listItem></maml:list></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>Click <maml:ui>OK</maml:ui>.</maml:para>
<maml:para>The new local RD CAP that you created appears in the Remote Desktop Gateway Manager results pane. When you click the name of the RD CAP, the policy details appear in the lower pane.</maml:para>
</maml:section></maml:sections></maml:step></maml:procedure></maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Manage Remote Desktop Connection Authorization Policies (RD CAPs)</maml:linkText><maml:uri href="mshelp://windows/?id=a870bc9f-02a2-4767-9ada-3d0241e38bd0"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Checklist: Configure Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=c9d598e5-8658-4485-b764-4c971ce5cb73"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Understanding Authorization Policies for Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=9febb447-fd0a-4de8-aa8c-3e0b3df813c4"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Open the Remote Desktop Gateway Manager</maml:linkText><maml:uri href="mshelp://windows/?id=27cc58c3-b4bf-4953-bc6c-bc94ec780f73"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
</maml:list></maml:introduction></maml:section></maml:sections></maml:section></maml:sections></maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Modify or Remove a Remote Desktop Gateway-Managed Computer Group</maml:title><maml:introduction>
<maml:para>You can use Remote Desktop Gateway Manager to modify or remove an RD Gateway-managed computer group. </maml:para>
<maml:para>If you associate an RD Gateway-managed computer group with multiple Remote Desktop resource authorization policies (RD RAPs) and you modify or delete the RD Gateway-managed computer group, all RD RAPs that are associated with the group will be affected.</maml:para>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para>
</maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To modify or remove a Remote Desktop Gateway-managed computer group</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, point to <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Remote Desktop Gateway Manager</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the console tree, click to select the node that represents the local RD Gateway server, which is named for the computer on which the RD Gateway server is running. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the console tree, expand <maml:ui>Policies</maml:ui>, and then click <maml:ui>Resource Authorization Policies</maml:ui>. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Right-click the <maml:ui>Resource Authorization Policies</maml:ui> folder, and then click <maml:ui>Manage Local Computer Groups</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the <maml:ui>Manage Locally Stored Computer Groups</maml:ui> dialog box, do one of the following:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>To modify an RD Gateway-managed computer group, in the list of groups, click the group that you want to modify, click <maml:ui>Properties</maml:ui>, and then modify the settings as needed.</maml:para></maml:listItem>
<maml:listItem><maml:para>To delete an RD Gateway-managed computer group, click the group that you want to delete, and then click <maml:ui>Remove</maml:ui>.</maml:para></maml:listItem>
<maml:listItem><maml:para>To specify a new RD Gateway-managed computer group, click <maml:ui>Create Group</maml:ui>, and then follow the steps in <maml:navigationLink><maml:linkText>Specify Computers That Users Can Connect to Through Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=bf055f2f-8518-4666-8b5e-09e6e1f9d1f0"></maml:uri></maml:navigationLink>.</maml:para></maml:listItem></maml:list>
</maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Click <maml:ui>OK</maml:ui>.</maml:para></maml:section></maml:sections></maml:step></maml:procedure>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Manage Remote Desktop Resource Authorization Policies (RD RAPs)</maml:linkText><maml:uri href="mshelp://windows/?id=501642ca-dcd6-475b-bd4b-373a09966de2"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Checklist: Configure Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=c9d598e5-8658-4485-b764-4c971ce5cb73"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Understanding Authorization Policies for Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=9febb447-fd0a-4de8-aa8c-3e0b3df813c4"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Specify Computers That Users Can Connect to Through Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=bf055f2f-8518-4666-8b5e-09e6e1f9d1f0"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Open the Remote Desktop Gateway Manager</maml:linkText><maml:uri href="mshelp://windows/?id=27cc58c3-b4bf-4953-bc6c-bc94ec780f73"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Understand Timeout and Reconnection Settings for Remote Sessions</maml:title><maml:introduction>
<maml:para>Timeouts can be set on the RD Gateway server for Remote Desktop Services clients. Timeouts can be used to reclaim resources from inactive user sessions or periodically enforce policies on active user connections for Remote Desktop Services clients connected by using an RD Gateway server.</maml:para></maml:introduction><maml:content><maml:sections><maml:section>
<maml:title>Remote Desktop Gateway timeouts</maml:title><maml:introduction>
<maml:para>The following timeouts can be set on the <maml:ui>Timeouts</maml:ui> tab of the <maml:ui>Properties</maml:ui> dialog box for a Remote Desktop connection authorization policy (RD CAP) for the RD Gateway server. </maml:para>
<maml:list class="ordered">
<maml:listItem><maml:para><maml:phrase>Enable idle timeout</maml:phrase> is used to reclaim resources from inactive user sessions without impacting the user’s session and data. When the idle timeout is reached, the session is disconnected and resources from the session are reclaimed by the RD Gateway server. </maml:para></maml:listItem>
<maml:listItem><maml:para><maml:phrase>Enable session timeout</maml:phrase> is used to periodically enforce policies on active user connections. When the session timeout is reached, the session can be disconnected, or the session can be reauthenticated and reauthorized with no impact to the user and their session if no policy changes have been made.</maml:para></maml:listItem></maml:list></maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Create an RD CAP</maml:linkText><maml:uri href="mshelp://windows/?id=19335e57-6a8e-433e-ad47-33bb755483ec"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Manage Remote Desktop Connection Authorization Policies (RD CAPs)</maml:linkText><maml:uri href="mshelp://windows/?id=a870bc9f-02a2-4767-9ada-3d0241e38bd0"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Checklist: Configure Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=c9d598e5-8658-4485-b764-4c971ce5cb73"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Open the Remote Desktop Gateway Manager</maml:linkText><maml:uri href="mshelp://windows/?id=27cc58c3-b4bf-4953-bc6c-bc94ec780f73"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Open the Remote Desktop Gateway Manager</maml:title><maml:introduction>
<maml:para>You can run Remote Desktop Gateway Manager from any of the following locations:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:ui>Start</maml:ui> menu</maml:para></maml:listItem>
<maml:listItem><maml:para>Server Manager</maml:para></maml:listItem>
<maml:listItem><maml:para>Microsoft Management Console</maml:para></maml:listItem></maml:list>
<maml:alertSet class="note"><maml:title>Note </maml:title><maml:para>Remote Desktop Gateway Manager is only available in Server Manager if the RD Gateway role service is installed on the computer.</maml:para></maml:alertSet>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para></maml:introduction><maml:content><maml:sections></maml:sections><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To open the Remote Desktop Gateway Manager from the start menu</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, point to <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Remote Desktop Gateway Manager</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Click <maml:ui>Start</maml:ui>, click <maml:ui>Run</maml:ui>, type <maml:userInput>tsgateway.msc</maml:userInput> and then press ENTER.</maml:para></maml:section></maml:sections></maml:step></maml:procedure>
<maml:procedure><maml:title>To open the Remote Desktop Gateway Manager from Server Manager</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, and then click <maml:ui>Server Manager</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the left pane, expand <maml:ui>Roles</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Expand <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>RD Gateway Manager</maml:ui>.</maml:para></maml:section></maml:sections></maml:step></maml:procedure>
<maml:procedure><maml:title>To run Remote Desktop Gateway Manager from the Microsoft Management Console</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Click <maml:ui>Start</maml:ui>, click <maml:ui>Run</maml:ui>, type <maml:userInput>mmc</maml:userInput> and then press ENTER.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the <maml:ui>File</maml:ui> menu, click <maml:ui>Add/Remove Snap-in</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Under <maml:ui>Available snap-ins</maml:ui>, click <maml:ui>Remote Desktop Gateway Manager</maml:ui>, and then click <maml:ui>Add</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Click <maml:ui>OK</maml:ui>.</maml:para></maml:section></maml:sections></maml:step></maml:procedure>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Configuring the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=5e9559f6-9f0d-4cde-92bc-7e566b446e3a"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Checklist: Configure Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=c9d598e5-8658-4485-b764-4c971ce5cb73"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections></maml:section></maml:sections><maml:sections></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Remote Desktop Gateway Manager</maml:title><maml:introduction></maml:introduction><maml:content><maml:sections><maml:section>
<maml:title>Remote Desktop Gateway</maml:title><maml:introduction>
<maml:para>Remote Desktop Gateway (RD Gateway) is a role service that enables authorized remote users to connect to resources on an internal corporate or private network, from any Internet-connected device that can run the Remote Desktop Connection (RDC) client. The network resources can be Remote Desktop Session Host (RD Session Host) servers, RD Session Host servers running RemoteApp programs, or computers with Remote Desktop enabled. </maml:para>
<maml:para>RD Gateway uses the Remote Desktop Protocol (RDP) over HTTPS to establish a secure, encrypted connection between remote users on the Internet and the internal network resources on which their productivity applications run. </maml:para>
<maml:para>The following topics are covered:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Overview of Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=9bf8bd81-6bef-4bff-a976-db5e9fb3fcc4"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Checklist: Configure Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=c9d598e5-8658-4485-b764-4c971ce5cb73"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Remote Desktop Gateway Installation Prerequisites</maml:linkText><maml:uri href="mshelp://windows/?id=afef1cdb-3d55-41bf-80af-a9c89c59d825"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Configuring the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=5e9559f6-9f0d-4cde-92bc-7e566b446e3a"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Configuring the Remote Desktop Services Client for Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=7a03804c-b3cb-44f1-bacd-aec78ba0b3a4"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Using Group Policy to Manage Client Connections Through Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=6101f2ee-3ac2-4a80-a6ea-85cbd9141a08"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Monitoring a Remote Desktop Gateway Server for Connection Status and Reporting</maml:linkText><maml:uri href="mshelp://windows/?id=fb2cccec-2d8b-4225-a406-e3933f992851"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Enable or Disable Credential Sharing for Connections Through Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=c7599759-3f3f-4c9f-8e45-9b6d79644d7d"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
</maml:list></maml:introduction></maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Specify a New Central RD CAP Store</maml:title><maml:introduction>
<maml:para>Remote Desktop connection authorization policies (RD CAPs) allow you to specify who can connect to an RD Gateway server. You can specify a local RD CAP store (RD CAPs that are stored on the RD Gateway server) or a central RD CAP store [RD CAPs that are stored on a central server that is running Network Policy Server (NPS), formerly known as a Remote Authentication Dial-In User Service (RADIUS) server]. </maml:para>
<maml:para>By using a central server running NPS for RD Gateway, you can centralize the storage, management, and validation of RD CAPs.</maml:para>
<maml:para>If you use a central RD CAP store, you must establish a network connection from the RD Gateway server to the server running NPS. To do this, you must specify a shared secret. </maml:para>
<maml:para>When you create and use the shared secret, you must use the same case-sensitive shared secret that you specified when configuring the RD Gateway server as a RADIUS client on the central server running NPS.</maml:para>
<maml:para>We also recommend that you do the following:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>Generate long shared secrets (more than 22 characters) comprised of a random sequence of letters, numbers, and punctuation.</maml:para></maml:listItem>
<maml:listItem><maml:para>Change the shared secret often.</maml:para></maml:listItem></maml:list>
<maml:alertSet class="important"><maml:title>Important </maml:title><maml:para>If you have not done so already, you must also create a Remote Desktop resource authorization policy (RD RAP). </maml:para></maml:alertSet>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para></maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To specify a new central RD CAP store</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, point to <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Remote Desktop Gateway Manager</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the console tree, click to expand the node that represents the local RD Gateway server, which is named for the computer on which the RD Gateway server is running. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the console tree, expand <maml:ui>Policies</maml:ui>, and then click <maml:ui>Connection Authorization Policies</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Right-click the <maml:ui>Connection Authorization Policies</maml:ui> folder, and then click<maml:ui> Configure Central RD CAP</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the <maml:ui>Properties</maml:ui> dialog box for the RD Gateway server, on the <maml:ui>RD CAP Store</maml:ui> tab, click <maml:ui>Central server running NPS</maml:ui>, enter the name or IP address of the server running NPS that you want to add, and then click <maml:ui>Add</maml:ui>. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the <maml:ui>Shared Secret</maml:ui> dialog box, in the <maml:ui>Enter a new shared secret</maml:ui> box, enter the shared secret.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Click <maml:ui>OK</maml:ui> to close the <maml:ui>Shared Secret</maml:ui> dialog box, and then click <maml:ui>OK</maml:ui> to close the <maml:ui>Properties</maml:ui> dialog box for the RD Gateway server.</maml:para>
<maml:para>The new central RD CAP store that you specified appears in the Remote Desktop Gateway Manager results pane. </maml:para>
<maml:para>After you specify the new central RD CAP store, you must also configure settings and policies as needed on the central server running NPS. For more information about RD Gateway, see the Remote Desktop Services page on the Windows Server 2008 R2 TechCenter (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=140433</maml:linkText><maml:uri href=" http://go.microsoft.com/fwlink/?LinkId=140433"></maml:uri></maml:navigationLink>).</maml:para>
</maml:section></maml:sections></maml:step></maml:procedure>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Manage Remote Desktop Connection Authorization Policies (RD CAPs)</maml:linkText><maml:uri href="mshelp://windows/?id=a870bc9f-02a2-4767-9ada-3d0241e38bd0"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Checklist: Configure Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=c9d598e5-8658-4485-b764-4c971ce5cb73"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Understanding Authorization Policies for Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=9febb447-fd0a-4de8-aa8c-3e0b3df813c4"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Open the Remote Desktop Gateway Manager</maml:linkText><maml:uri href="mshelp://windows/?id=27cc58c3-b4bf-4953-bc6c-bc94ec780f73"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Enable or Disable an RD CAP</maml:title><maml:introduction>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para>
</maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To enable or disable an RD CAP</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, point to <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Remote Desktop Gateway Manager</maml:ui>.</maml:para>
</maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the console tree, click to expand the node that represents the local RD Gateway server, which is named for the computer on which the RD Gateway server is running. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the console tree, expand <maml:ui>Policies</maml:ui>, and then click <maml:ui>Connection Authorization Policies</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the results pane, in the list of RD CAPs, right-click the RD CAP that you want to enable or disable, and then click <maml:ui>Enable</maml:ui> or <maml:ui>Disable</maml:ui>.</maml:para></maml:section></maml:sections></maml:step></maml:procedure></maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Manage Remote Desktop Connection Authorization Policies (RD CAPs)</maml:linkText><maml:uri href="mshelp://windows/?id=a870bc9f-02a2-4767-9ada-3d0241e38bd0"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Open the Remote Desktop Gateway Manager</maml:linkText><maml:uri href="mshelp://windows/?id=27cc58c3-b4bf-4953-bc6c-bc94ec780f73"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections></maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Obtain a Certificate for the Remote Desktop Gateway Server</maml:title><maml:introduction>
<maml:para>This topic assumes an understanding of certificate trust chaining, certificate signing, and general public key infrastructure and certificate configuration principles. For information about PKI configuration in Windows Server 2008, see ITPROADD-204: PKI Enhancement in Windows Vista and Windows Server 2008 (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=93995</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=93995"></maml:uri></maml:navigationLink>). For information about PKI configuration in Windows Server 2003, see Public Key Infrastructure (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkID=54917</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkID=54917"></maml:uri></maml:navigationLink>).</maml:para>
<maml:para>By default, Transport Layer Security (TLS) 1.0 is used to encrypt communications between Remote Desktop Services clients and RD Gateway servers over the Internet. TLS is a standard protocol that is used to provide secure Web communications on the Internet or intranets. TLS is the latest and most secure version of the Secure Sockets Layer (SSL) protocol. For more information about TLS, see: </maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>SSL/TLS in Windows Server 2003 (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkID=19646</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkID=19646"></maml:uri></maml:navigationLink>)</maml:para></maml:listItem>
<maml:listItem><maml:para>RFC 2246, The TLS Protocol Version 1.0 (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkID=40979</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkID=40979"></maml:uri></maml:navigationLink>)</maml:para></maml:listItem></maml:list>
<maml:para>For TLS to function correctly, you must install an SSL-compatible X.509 certificate on the RD Gateway server.</maml:para></maml:introduction><maml:content><maml:sections><maml:section>
<maml:title>Certificate installation and configuration process overview</maml:title><maml:introduction>
<maml:para>The process of obtaining, installing, and configuring a certificate for the RD Gateway server involves these steps. </maml:para>
</maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Step 1: Obtain a certificate for the Remote Desktop Gateway server</maml:title><maml:introduction>
<maml:para>You can obtain a certificate for the RD Gateway server by using one of the following methods:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>If your company maintains a stand-alone or enterprise CA that is configured to issue SSL-compatible X.509 certificates that meet RD Gateway requirements, you can generate and submit a certificate request in several ways, depending on the policies and configuration of your organization's CA. Methods for obtaining a certificate include: </maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>Initiating auto-enrollment from the Certificates snap-in.</maml:para></maml:listItem>
<maml:listItem><maml:para>Requesting certificates by using the Certificate Request Wizard.</maml:para></maml:listItem>
<maml:listItem><maml:para>Requesting a certificate over the Web. </maml:para>
<maml:alertSet class="note"><maml:title>Note </maml:title><maml:para>If you have a Windows Server 2003 CA, be aware that the Windows Server 2003 Certificate Services Web enrollment functionality relies on an ActiveX control that is named Xenroll. This ActiveX control is available in Microsoft Windows Server 2003, Windows 2000, and Windows XP. However, Xenroll has been deprecated in Windows Server 2008 and Windows Vista. The sample certificate enrollment Web pages that are included with the original release version of Windows Server 2003, Windows Server 2003 Service Pack 1 (SP1), and Windows Server 2003 Service Pack 2 (SP2) are not designed to handle the change in how Windows Server 2008 and Windows Vista perform Web-based certificate enrollment operations. For information about the steps that you can take to address this issue, see article 922706 in the Microsoft Knowledge Base (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=94472</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=94472"></maml:uri></maml:navigationLink>).</maml:para></maml:alertSet></maml:listItem>
<maml:listItem><maml:para>Using the Certreq command-line tool.</maml:para></maml:listItem></maml:list>
<maml:para>For more information about using any of these methods to obtain certificates for Windows Server 2008 R2, see the "Obtain a Certificate" topic in the Certificates snap-in Help and the "Certreq" topic in the Windows Server 2008 R2 Command Reference. To review the Certificates snap-in Help topics, click <maml:ui>Start</maml:ui>, click <maml:ui>Run</maml:ui>, type <maml:userInput>hh certmgr.chm</maml:userInput>, and then click <maml:ui>OK</maml:ui>. For information about how to request certificates for Windows Server 2003, see Requesting Certificates (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkID=19638</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkID=19638"></maml:uri></maml:navigationLink>).</maml:para>
<maml:para>A stand-alone or enterprise CA-issued certificate must be co-signed by a trusted public CA that participates in the Microsoft Root Certification Program Members program (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkID=59547</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkID=59547"></maml:uri></maml:navigationLink>). Otherwise, users connecting from home computers or kiosks might not be able to connect to TS Gateway or RD Gateway servers. These connections might fail because the CA-issued root might not be trusted by computers that are not members of domains, such as home computers or kiosks.</maml:para></maml:listItem>
<maml:listItem><maml:para>If your company does not maintain a stand-alone or enterprise CA that is configured to issue SSL-compatible X.509 certificates, you can purchase a certificate from a trusted public CA that participates in the Microsoft Root Certificate Program Members program (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkID=59547</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkID=59547"></maml:uri></maml:navigationLink>). Some of these public CAs might offer certificates at no cost on a trial basis.</maml:para></maml:listItem>
<maml:listItem><maml:para>Alternatively, if your company does not maintain a stand-alone or enterprise CA and you do not have a compatible certificate from a trusted public CA, you can create and import a self-signed certificate for your RD Gateway server for technical evaluation and testing purposes. For more information, see <maml:navigationLink><maml:linkText>Create a Self-Signed Certificate for the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=64c82f36-c887-44af-997a-63063aa36136"></maml:uri></maml:navigationLink>. </maml:para>
<maml:alertSet class="important"><maml:title>Important </maml:title><maml:para>If you use either of the first two methods to obtain a certificate (that is, if you obtain a certificate from a stand-alone or enterprise CA or a trusted public CA), you must also <maml:navigationLink><maml:linkText>Import a Certificate into Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=d65ea2bf-6a7a-47a7-81f9-83c0322d0103"></maml:uri></maml:navigationLink> and <maml:navigationLink><maml:linkText>Select an Existing Certificate for Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=496e8935-e910-4692-a465-f6c7b3cfda16"></maml:uri></maml:navigationLink>. However, if you create a self-signed certificate by using the Add Roles Wizard during installation of the Remote Desktop Gateway role service or by using Remote Desktop Gateway Manager after installation (as described in <maml:navigationLink><maml:linkText>Create a Self-Signed Certificate for the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=64c82f36-c887-44af-997a-63063aa36136"></maml:uri></maml:navigationLink>), you do not need to install or map the certificate to the RD Gateway server. In this case, the certificate is automatically created, installed in the correct location on the RD Gateway server, and mapped to the RD Gateway server.</maml:para></maml:alertSet>
<maml:para>Note that Remote Desktop Services clients must have the certificate of the CA that issued the server certificate in their Trusted Root Certification Authorities store. For step-by-step instructions for installing the certificate on the client, see <maml:navigationLink><maml:linkText>Install the Remote Desktop Gateway Server Root Certificate on the Remote Desktop Services Client</maml:linkText><maml:uri href="mshelp://windows/?id=4c15509d-daed-4b4a-bffa-28de41355bbf"></maml:uri></maml:navigationLink>.</maml:para>
<maml:para>If you used one of the first two methods to obtain a certificate and the Remote Desktop Services client computer trusts the issuing CA, you do not need to install the certificate of the CA that issued the server certificate in the client computer certificate store. For example, you do not need to install the certificate of the issuing CA in the client computer certificate store if a VeriSign or other public, trusted CA certificate is installed on the RD Gateway server. If you use the third method to obtain a certificate (that is, if you create a self-signed certificate), you do need to install the certificate of the CA that issued the server certificate in the Trusted Root Certification Authorities store on the client computer. For more information, see <maml:navigationLink><maml:linkText>Install the Remote Desktop Gateway Server Root Certificate on the Remote Desktop Services Client</maml:linkText><maml:uri href="mshelp://windows/?id=4c15509d-daed-4b4a-bffa-28de41355bbf"></maml:uri></maml:navigationLink>.</maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section>
<maml:section>
<maml:title>Step 2: Import a certificate</maml:title><maml:introduction>
<maml:para>After you obtain a certificate, you can import the certificate to the RD Gateway server by using one of the following methods:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>To install a certificate to the certificate store and import the certificate to the RD Gateway server, see <maml:navigationLink><maml:linkText>Import a Certificate into Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=d65ea2bf-6a7a-47a7-81f9-83c0322d0103"></maml:uri></maml:navigationLink>.</maml:para></maml:listItem>
<maml:listItem><maml:para>To import an existing certificate from the certificate store to the RD Gateway server, see <maml:navigationLink><maml:linkText>Select an Existing Certificate for Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=496e8935-e910-4692-a465-f6c7b3cfda16"></maml:uri></maml:navigationLink>.</maml:para></maml:listItem></maml:list>
</maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Configure a Certificate for the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=c1066750-4cd7-41dc-ab9c-a7bbc8959a7c"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
</maml:list></maml:introduction></maml:section></maml:sections></maml:section></maml:sections></maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Enable Connections Through Remote Desktop Gateway</maml:title><maml:introduction>
<maml:para>This procedure describes how to use the Group Policy Management Console (GPMC) to enable connections through RD Gateway. When this policy setting is enabled, when Remote Desktop Services clients cannot connect directly to an internal network resource (computer), the clients will attempt to connect to the computer through the RD Gateway server that is specified in the <maml:ui>Set RD Gateway server address</maml:ui> policy setting.</maml:para>
<maml:alertSet class="note"><maml:title>Note </maml:title><maml:para>To manage Group Policy on a Windows Server 2008 R2-based domain controller, you must first add the Group Policy Management Console feature. To do this, start Server Manager, and then under <maml:ui>Feature Summary</maml:ui>, click <maml:ui>Add Features</maml:ui>. On the <maml:ui>Select Features</maml:ui> page, select the <maml:ui>Group Policy Management</maml:ui> check box. Follow the on-screen instructions to complete the installation.</maml:para></maml:alertSet>
<maml:para>To change Group Policy settings for a domain or an organizational unit (OU), you must be logged on as a member of the <maml:phrase>Domain Admins</maml:phrase>, <maml:phrase>Enterprise Admins</maml:phrase>, or the <maml:phrase>Group Policy Creator Owners</maml:phrase> group, or have been delegated the appropriate control over Group Policy.</maml:para>
</maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To enable connections through RD Gateway</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Start the GPMC. To do so, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, and then click <maml:ui>Group Policy Management</maml:ui>. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the left pane, locate the OU that you want to edit.</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>To modify an existing Group Policy object (GPO) for the OU, expand the OU, and then click the GPO.</maml:para></maml:listItem>
<maml:listItem><maml:para>To create a new GPO, follow these steps:</maml:para>
<maml:list class="ordered">
<maml:listItem><maml:para>Right-click the OU, and then click <maml:ui>Create a GPO in this domain, and link it here</maml:ui>.</maml:para></maml:listItem>
<maml:listItem><maml:para>In the <maml:ui>Name</maml:ui> box, type a name for the GPO, and then click <maml:ui>OK</maml:ui>.</maml:para></maml:listItem>
<maml:listItem><maml:para>In the left pane, locate and click the new GPO.</maml:para></maml:listItem></maml:list>
</maml:listItem></maml:list></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the right pane, click the <maml:ui>Settings</maml:ui> tab.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Right click <maml:ui>User Configuration</maml:ui>, and then click <maml:ui>Edit</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the left pane, under <maml:ui>User Configuration</maml:ui>, expand <maml:ui>Administrative Templates</maml:ui>, expand <maml:ui>Windows Components</maml:ui>, expand <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>RD Gateway</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the right pane, in the settings list, right-click <maml:ui>Enable connection through RD Gateway</maml:ui>, and then click <maml:ui>Edit</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the <maml:ui>Settings</maml:ui> tab, do one of the following:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>Click <maml:ui>Not Configured</maml:ui>. Remote Desktop Services clients will not use the RD Gateway server address that is specified in the <maml:ui>Set RD Gateway server address</maml:ui> policy setting. If an RD Gateway server is specified by the user, a client connection attempt will be made through that RD Gateway server.</maml:para></maml:listItem>
<maml:listItem><maml:para>Click<maml:ui> Enabled</maml:ui>. When Remote Desktop Services clients cannot connect directly to an internal network resource, the clients will attempt to connect to the internal network resource through the RD Gateway server that is specified in the <maml:ui>Set RD Gateway server address</maml:ui> policy setting.</maml:para></maml:listItem>
<maml:listItem><maml:para>Click<maml:ui> Disabled</maml:ui>. Remote Desktop Services clients will not use the RD Gateway server address that is specified in the <maml:ui>Set RD Gateway server address</maml:ui> policy setting. If an RD Gateway server is specified by the user, a client connection attempt will be made through that RD Gateway server.</maml:para></maml:listItem></maml:list>
</maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Click <maml:ui>OK</maml:ui>.</maml:para></maml:section></maml:sections></maml:step></maml:procedure>
<maml:alertSet class="note"><maml:title>Note </maml:title><maml:para>To configure RD Gateway settings by using the local computer policy, use the Local Group Policy Editor. To start the Local Group Policy Editor, click <maml:ui>Start</maml:ui>, click <maml:ui>Run</maml:ui>, type <maml:userInput>gpedit.msc</maml:userInput> and then click <maml:ui>OK</maml:ui>. To configure local Group Policy settings, you must be a member of the <maml:phrase>Administrators</maml:phrase> group on the local computer or you must have been delegated the appropriate authority. </maml:para></maml:alertSet>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Using Group Policy to Manage Client Connections Through Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=6101f2ee-3ac2-4a80-a6ea-85cbd9141a08"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Checklist: Configure Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=c9d598e5-8658-4485-b764-4c971ce5cb73"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections></maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Select an Existing Certificate for Remote Desktop Gateway</maml:title><maml:introduction>
<maml:para>After you obtain and install a certificate for the RD Gateway server, you must map the certificate to the RD Gateway server by using Remote Desktop Gateway Manager. If you map an RD Gateway server certificate by using any other method, RD Gateway will not function correctly.</maml:para>
<maml:alertSet class="note"><maml:title>Note </maml:title><maml:para>This procedure is not required if you created a self-signed certificate for RD Gateway.</maml:para></maml:alertSet>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para></maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To import the Remote Desktop Gateway certificate</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, point to <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Remote Desktop Gateway Manager</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the Remote Desktop Gateway Manager console tree, right-click the local RD Gateway server, and then click <maml:ui>Properties</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the <maml:ui>Properties</maml:ui> dialog box for the RD Gateway server, on the <maml:ui>SSL Certificate</maml:ui> tab, click <maml:ui>Select an existing certificate from the RD Gateway </maml:ui><maml:replaceable><RD Gateway Server Name></maml:replaceable><maml:ui> Certificates (Local Computer)/Personal store</maml:ui>, where <maml:replaceable><RD Gateway Server Name></maml:replaceable> is the name for the computer on which the RD Gateway server is running.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Click <maml:ui>Import Certificate</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the <maml:ui>Import Certificate</maml:ui> dialog box, click the certificate that you want to use, and then click <maml:ui>Import</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Click <maml:ui>OK</maml:ui> to close the <maml:ui>Properties</maml:ui> dialog box for the RD Gateway server.</maml:para>
<maml:para>If this is the first time that you have mapped the RD Gateway certificate, after the certificate mapping is completed, you can verify that the mapping was successful by viewing the <maml:ui>RD Gateway Server Status</maml:ui> area in Remote Desktop Gateway Manager. Under <maml:ui>Configuration Status</maml:ui> and <maml:ui>Configuration Tasks</maml:ui>, the warning stating that a server certificate is not yet installed or selected and the <maml:ui>View or modify certificate properties</maml:ui> hyperlink are no longer displayed.</maml:para></maml:section></maml:sections></maml:step></maml:procedure>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Configure a Certificate for the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=c1066750-4cd7-41dc-ab9c-a7bbc8959a7c"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Open the Remote Desktop Gateway Manager</maml:linkText><maml:uri href="mshelp://windows/?id=27cc58c3-b4bf-4953-bc6c-bc94ec780f73"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Obtain a Certificate for the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=3dc83152-acbf-4bf7-a4c2-58dfeab1c63d"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Checklist: Configure Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=c9d598e5-8658-4485-b764-4c971ce5cb73"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections></maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Modify the Refresh Interval for Displaying Remote Desktop Gateway Connection Information</maml:title><maml:introduction>
<maml:para>By default, the display of RD Gateway connection status is refreshed automatically every 30 minutes. You can modify the refresh interval or specify that the display of this information not be refreshed automatically.</maml:para>
<maml:alertSet class="important"><maml:title>Important </maml:title><maml:para>Setting the refresh interval to a value of less than 10 minutes can adversely impact the performance of the RD Gateway server.</maml:para></maml:alertSet>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para>
</maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To modify the refresh interval for displaying Remote Desktop Gateway connection information</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, point to <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Remote Desktop Gateway Manager</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the Remote Desktop Gateway Manager console tree, click to expand the node that represents your RD Gateway server, which is named for the computer on which the RD Gateway server is running.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the console tree, right-click the <maml:ui>Monitoring</maml:ui> folder, and then click <maml:ui>Set Automatic Refresh Options</maml:ui>. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the <maml:ui>Set Automatic Refresh Options</maml:ui> dialog box, do either of the following:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>To specify that the display of RD Gateway connection information not be refreshed automatically, click <maml:ui>Do not refresh automatically</maml:ui>.</maml:para></maml:listItem>
<maml:listItem><maml:para>To specify that the display of RD Gateway connection information be refreshed automatically, click <maml:ui>Refresh automatically</maml:ui>, and then specify a value as needed.</maml:para></maml:listItem></maml:list>
</maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Click <maml:ui>OK</maml:ui>. </maml:para></maml:section></maml:sections></maml:step></maml:procedure>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Monitoring a Remote Desktop Gateway Server for Connection Status and Reporting</maml:linkText><maml:uri href="mshelp://windows/?id=fb2cccec-2d8b-4225-a406-e3933f992851"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Open the Remote Desktop Gateway Manager</maml:linkText><maml:uri href="mshelp://windows/?id=27cc58c3-b4bf-4953-bc6c-bc94ec780f73"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Install the Remote Desktop Gateway Server Root Certificate on the Remote Desktop Services Client</maml:title><maml:introduction>
<maml:para>The Remote Desktop Services client computer must verify and trust the identity of the RD Gateway server before the client can send the user's password and logon credentials securely and complete the authentication process. To establish this trust, the clients must trust the root of the server’s certificate. That is, clients must have the certificate of the certification authority (CA) that issued the server certificate in their Trusted Root Certification Authorities store. You can view this store by using the Certificates snap-in.</maml:para>
<maml:para>As mentioned, this procedure is not required if:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>A certificate that is issued by one of the trusted public CAs that participate in the Microsoft Root Certificate Program Members program [as listed in article 931125 in the Microsoft Knowledge Base (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink?LinkID=59547</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink?LinkID=59547"></maml:uri></maml:navigationLink>)] is installed on the RD Gateway server; and </maml:para></maml:listItem>
<maml:listItem><maml:para>The Remote Desktop Services client computer already trusts the issuing CA. </maml:para></maml:listItem></maml:list>
<maml:para>For more information, see <maml:navigationLink><maml:linkText>Obtain a Certificate for the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=3dc83152-acbf-4bf7-a4c2-58dfeab1c63d"></maml:uri></maml:navigationLink>.</maml:para>
<maml:para>If the RD Gateway server is using a certificate that is issued by one of the trusted public CAs, and the certificate is recognized and trusted by your client computer, proceed to complete the steps in <maml:navigationLink><maml:linkText>Configure Remote Desktop Connection Settings for Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=13337aba-9d4f-4097-bd9b-33ed3567608c"></maml:uri></maml:navigationLink>.</maml:para>
<maml:alertSet class="note"><maml:title>Notes </maml:title><maml:alert>If you are configuring the Remote Desktop Services client for use with Network Access Protection (NAP), you must install the RD Gateway server root certificate by using the computer account. If not, you can install the RD Gateway server root certificate by using the user account.</maml:alert><maml:alert>For more information about RD Gateway, see the Remote Desktop Services page on the Windows Server 2008 R2 TechCenter (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=140433</maml:linkText><maml:uri href=" http://go.microsoft.com/fwlink/?LinkId=140433"></maml:uri></maml:navigationLink>).</maml:alert></maml:alertSet>
<maml:para>Membership in the <maml:phrase>Users</maml:phrase> group or local <maml:phrase>Administrators</maml:phrase> group, or equivalent, is the minimum group membership required to complete this procedure. To open the Certificates snap-in for a computer account, membership in the local <maml:phrase>Administrators</maml:phrase> group, or equivalent, is required on the Remote Desktop Services client on which you plan to install the certificate. To open the Certificates snap-in for a user account, membership in the <maml:phrase>Users</maml:phrase> group on the client is sufficient. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para>
</maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To install the Remote Desktop Gateway server root certificate on the Remote Desktop Services client</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Open the Certificates snap-in console. If you have not already added the Certificates snap-in console, you can do so by doing the following:</maml:para>
<maml:list class="ordered">
<maml:listItem><maml:para>Click <maml:ui>Start</maml:ui>, click <maml:ui>Run</maml:ui>, type <maml:userInput>mmc</maml:userInput> and then click <maml:ui>OK</maml:ui>. </maml:para></maml:listItem>
<maml:listItem><maml:para>On the <maml:ui>File</maml:ui> menu, click <maml:ui>Add/Remove Snap-in</maml:ui>. </maml:para></maml:listItem>
<maml:listItem><maml:para>In the <maml:ui>Add or Remove Snap-ins</maml:ui> dialog box, in the <maml:ui>Available snap-ins</maml:ui> list, click <maml:ui>Certificates</maml:ui>, and then click <maml:ui>Add</maml:ui>.</maml:para></maml:listItem>
<maml:listItem><maml:para>In the <maml:ui>Certificates snap-in</maml:ui> dialog box, do one of the following: </maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>To open the snap-in for a computer account, click <maml:ui>Computer account</maml:ui>, and then click <maml:ui>Next</maml:ui>. In the <maml:ui>Select Computer</maml:ui> dialog box, click <maml:ui>Local computer: (the computer this console is running on)</maml:ui>, and then click <maml:ui>Finish</maml:ui>. </maml:para></maml:listItem>
<maml:listItem><maml:para>To open the snap-in for a user account, click <maml:ui>My user account</maml:ui>, and then click <maml:ui>Finish</maml:ui>. </maml:para></maml:listItem></maml:list>
</maml:listItem>
<maml:listItem><maml:para>In the <maml:ui>Add or Remove Snap-ins</maml:ui> dialog box, click <maml:ui>OK</maml:ui>.</maml:para></maml:listItem></maml:list>
</maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the <maml:ui>Certificates</maml:ui> snap-in console, in the console tree, expand <maml:ui>Certificates (Local Computer)</maml:ui>, expand <maml:ui>Trusted Root Certification Authorities</maml:ui>, right-click <maml:ui>Certificates</maml:ui>, point to <maml:ui>All Tasks</maml:ui>, and then click <maml:ui>Import</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the <maml:ui>Certificate Import Wizard</maml:ui>, on the <maml:ui>Welcome to the Certificate Import Wizard</maml:ui> page, click <maml:ui>Next</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the <maml:ui>File to Import</maml:ui> page, in the <maml:ui>File name</maml:ui> box, specify the name of the RD Gateway server root certificate, and then click <maml:ui>Next</maml:ui>. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the <maml:ui>Certificate Store</maml:ui> page, accept the default option <maml:ui>Place all certificates in the following store</maml:ui> (in the certificate store <maml:ui>Trusted Root Certification Authorities</maml:ui>), and then click <maml:ui>Next</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the <maml:ui>Completing the Certificate Import Wizard</maml:ui> page, confirm that the following certificate settings appear:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>Certificate Store Selected by User: Trusted Root Certification Authorities</maml:para></maml:listItem>
<maml:listItem><maml:para>Content: Certificate</maml:para></maml:listItem>
<maml:listItem><maml:para>File Name: FilePath\<<maml:replaceable>Root_Certificate_Name.cer</maml:replaceable>>, where <<maml:replaceable>Root_Certificate_Name</maml:replaceable>> is the name of the RD Gateway server root certificate.</maml:para></maml:listItem></maml:list>
</maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Click <maml:ui>Finish</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the <maml:ui>Certificate Import Wizard</maml:ui> dialog box, click <maml:ui>OK</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>With <maml:ui>Certificates (Local Computer)\Trusted Root Certification Authorities\Certificates</maml:ui> selected in the console tree, in the details pane, verify that the root certificate of the RD Gateway server appears in the list of certificates on the client. </maml:para></maml:section></maml:sections></maml:step></maml:procedure>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Configuring the Remote Desktop Services Client for Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=7a03804c-b3cb-44f1-bacd-aec78ba0b3a4"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Obtain a Certificate for the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=3dc83152-acbf-4bf7-a4c2-58dfeab1c63d"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections></maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Manage Remote Desktop Resource Authorization Policies (RD RAPs)</maml:title><maml:introduction>
<maml:para>This section provides procedures for managing Remote Desktop resource authorization policies (RD RAPs), which allow you to specify the internal network resources (computers) that remote users can connect to through an RD Gateway server. The following topics are covered:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Create an RD RAP</maml:linkText><maml:uri href="mshelp://windows/?id=f90e0f61-e72e-46d1-a179-1d912ded2757"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Specify Computers That Users Can Connect to Through Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=bf055f2f-8518-4666-8b5e-09e6e1f9d1f0"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Enable or Disable an RD RAP</maml:linkText><maml:uri href="mshelp://windows/?id=ffbf3b3d-c4cb-4e9e-b84c-2d0bc6208ba2"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>View Details about RD RAPs</maml:linkText><maml:uri href="mshelp://windows/?id=51ecc12f-21d6-43fb-968e-b49154913127"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Modify or Remove a Remote Desktop Gateway-Managed Computer Group</maml:linkText><maml:uri href="mshelp://windows/?id=1c0ef440-c144-4b2a-a32a-79b17b033879"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Modify or Remove an RD RAP</maml:linkText><maml:uri href="mshelp://windows/?id=c23912c7-372c-4dc4-974f-e84c097dcdee"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction><maml:content><maml:sections></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>View Details about RD RAPs</maml:title><maml:introduction>
<maml:para>You can use Remote Desktop Gateway Manager to view details about Remote Desktop resource authorization policies (RD RAPs), including the names of the security groups or RD Gateway-managed computer groups and user groups associated with an RD RAP.</maml:para>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para>
</maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To view details about RD RAPs</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, point to <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Remote Desktop Gateway Manager</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the Remote Desktop Gateway Manager console tree, click to expand the node that represents the local RD Gateway server, which is named for the computer on which the RD Gateway server is running. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the console tree, expand <maml:ui>Policies</maml:ui>, and then click <maml:ui>Resource Authorization Policies</maml:ui>. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the results pane, in the list of RD RAPs, click the RD RAP for which you want to view details. Details for the RD RAP that you select appear in the lower section of the results pane.</maml:para></maml:section></maml:sections></maml:step></maml:procedure>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Manage Remote Desktop Resource Authorization Policies (RD RAPs)</maml:linkText><maml:uri href="mshelp://windows/?id=501642ca-dcd6-475b-bd4b-373a09966de2"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>View Details About Local RD CAPs</maml:title><maml:introduction>
<maml:para>You can use Remote Desktop Gateway Manager to view details about local Remote Desktop connection authorization policies (RD CAPs), including the requirements that users must meet to connect to an RD Gateway server and whether the RD CAP is enabled or disabled. </maml:para>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para>
</maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To view details about local RD CAPs</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, point to <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Remote Desktop Gateway Manager</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the console tree, click to expand the node that represents the local RD Gateway server, which is named for the computer on which the RD Gateway server is running. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the console tree, expand <maml:ui>Policies</maml:ui>, and then click <maml:ui>Connection Authorization Policies</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the results pane, in the list of local RD CAPs, click the local RD CAP for which you want to view details. Details for the local RD CAP that you select appear in the lower section of the results pane.</maml:para></maml:section></maml:sections></maml:step></maml:procedure>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Manage Remote Desktop Connection Authorization Policies (RD CAPs)</maml:linkText><maml:uri href="mshelp://windows/?id=a870bc9f-02a2-4767-9ada-3d0241e38bd0"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Open the Remote Desktop Gateway Manager</maml:linkText><maml:uri href="mshelp://windows/?id=27cc58c3-b4bf-4953-bc6c-bc94ec780f73"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections></maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Specify Conditions That Users Must Meet to Connect to an RD Gateway Server</maml:title><maml:introduction>
<maml:para>Remote Desktop connection authorization policies (RD CAPs) allow you to specify who can connect to an RD Gateway server. </maml:para>
<maml:alertSet class="important"><maml:title>Important </maml:title><maml:para>If you have not done so already, you must also create a Remote Desktop resource authorization policy (RD RAP). Until you create both an RD CAP and an RD RAP, users cannot connect to network resources through this RD Gateway server.</maml:para></maml:alertSet>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para></maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To specify conditions that users must meet to connect to an RD Gateway server</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, point to <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Remote Desktop Gateway Manager</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the Remote Desktop Gateway Manager console tree, click to select the node that represents the RD Gateway server, which is named for the computer on which the RD Gateway server is running. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the console tree, expand <maml:ui>Policies</maml:ui>, and then click <maml:ui>Connection Authorization Policies</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the results pane, right-click the RD CAP for which you want to specify conditions, and then click <maml:ui>Properties</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the <maml:ui>Requirements</maml:ui> tab, under <maml:ui>Supported Windows authentication methods</maml:ui>, select one or both of the following check boxes:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:ui>Password</maml:ui></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:ui>Smart card</maml:ui></maml:para></maml:listItem></maml:list>
<maml:para>When both of these options are selected, clients that use either authentication method are allowed to connect. For information about supported Windows authentication methods for RD Gateway, see <maml:navigationLink><maml:linkText>Understanding Requirements for Connecting to a Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=108df0e7-74d7-475f-8220-bd4ada9b241a"></maml:uri></maml:navigationLink>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Under <maml:ui>User group membership (required)</maml:ui>, click <maml:ui>Add Group</maml:ui>, and then specify a user group whose members can connect to the RD Gateway server. You must specify at least one user group. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the <maml:ui>Select Groups</maml:ui> dialog box, specify the user group location and name, and then click <maml:ui>OK</maml:ui> as needed to check the name and to close the <maml:ui>Select Groups</maml:ui> dialog box. To specify more than one user group, do either of the following:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>Type the name of each user group, separating the name of each group with a semi-colon.</maml:para></maml:listItem>
<maml:listItem><maml:para>Add additional groups from different domains by repeating step 7 for each group.</maml:para></maml:listItem></maml:list></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>To specify computer domain membership criteria that client computers should meet (optional), on the <maml:ui>Requirements</maml:ui> tab, under <maml:ui>Client computer group membership (optional)</maml:ui>, click <maml:ui>Add Group</maml:ui>, and then specify the computer groups.</maml:para>
<maml:para>To specify the computer groups, you can use the same steps that you used to specify user groups.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Click <maml:ui>OK</maml:ui> as needed to close the <maml:ui>Properties</maml:ui> dialog box for the RD CAP.</maml:para></maml:section></maml:sections></maml:step></maml:procedure>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Manage Remote Desktop Connection Authorization Policies (RD CAPs)</maml:linkText><maml:uri href="mshelp://windows/?id=a870bc9f-02a2-4767-9ada-3d0241e38bd0"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Checklist: Configure Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=c9d598e5-8658-4485-b764-4c971ce5cb73"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Understanding Authorization Policies for Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=9febb447-fd0a-4de8-aa8c-3e0b3df813c4"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Open the Remote Desktop Gateway Manager</maml:linkText><maml:uri href="mshelp://windows/?id=27cc58c3-b4bf-4953-bc6c-bc94ec780f73"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Specify a Remote Desktop Gateway Server to Manage</maml:title><maml:introduction>
<maml:para>After you install the RD Gateway role service and open Remote Desktop Gateway Manager on that server, by default, Remote Desktop Gateway Manager will display the details for that server.</maml:para>
<maml:para>If you plan to manage a remote RD Gateway server, membership in the <maml:phrase>Administrators</maml:phrase> group, or equivalent, on the RD Gateway server that you plan to manage remotely, is the minimum required to complete this procedure. Specifically, you must log on to the local computer with a domain account that is a member of the <maml:phrase>Administrators</maml:phrase> group or equivalent, on the RD Gateway server that you plan to manage remotely. Alternatively, you can open Remote Desktop Gateway Manager while logged on under such an account. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para></maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To manage a Remote Desktop Gateway server</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, point to <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Remote Desktop Gateway Manager</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the Remote Desktop Gateway Manager console tree, right-click <maml:ui>Remote Desktop Gateway Manager</maml:ui>, and then click <maml:ui>Connect to RD Gateway Server</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the <maml:ui>Add an RD Gateway Server to Manage</maml:ui> dialog box, specify whether to connect to a local server or to a remote server by doing either of the following:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>To connect to a local RD Gateway server, click <maml:ui>Local Server (the server this snap-in console is running on)</maml:ui>.</maml:para></maml:listItem>
<maml:listItem><maml:para>To connect to a remote RD Gateway server, enter the name of the RD Gateway server that you want to connect to in the <maml:ui>Remote server</maml:ui> box. Alternatively, click <maml:ui>Browse</maml:ui> to select the RD Gateway server, and in the <maml:ui>Select Computer</maml:ui> dialog box, specify the domain in which the server is located, specify all or part of the server name, and then click <maml:ui>OK</maml:ui> to close the <maml:ui>Select Computer</maml:ui> dialog box.</maml:para></maml:listItem></maml:list></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Click <maml:ui>OK</maml:ui>.</maml:para></maml:section></maml:sections></maml:step></maml:procedure>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Configuring the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=5e9559f6-9f0d-4cde-92bc-7e566b446e3a"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Install the Remote Desktop Gateway Role Service</maml:linkText><maml:uri href="mshelp://windows/?id=1526d6c4-e87b-465e-9f5e-2b31680ea4f5"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Obtain a Certificate for the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=3dc83152-acbf-4bf7-a4c2-58dfeab1c63d"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Open the Remote Desktop Gateway Manager</maml:linkText><maml:uri href="mshelp://windows/?id=27cc58c3-b4bf-4953-bc6c-bc94ec780f73"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections></maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Configuring the Remote Desktop Gateway Server</maml:title><maml:introduction>
<maml:para>This section provides procedures for installing RD Gateway and configuring authorization policies to define conditions that users must meet to connect to internal network resources (computers) through RD Gateway. In addition, procedures are included for specifying the users who can access internal network computers and the computers that they can access. The following topics are covered:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Install the Remote Desktop Gateway Role Service</maml:linkText><maml:uri href="mshelp://windows/?id=1526d6c4-e87b-465e-9f5e-2b31680ea4f5"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Open the Remote Desktop Gateway Manager</maml:linkText><maml:uri href="mshelp://windows/?id=27cc58c3-b4bf-4953-bc6c-bc94ec780f73"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Configure a Certificate for the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=c1066750-4cd7-41dc-ab9c-a7bbc8959a7c"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Specify a Remote Desktop Gateway Server to Manage</maml:linkText><maml:uri href="mshelp://windows/?id=5bfdffa9-b05c-4c7b-8e77-07aa51a44af3"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Create a Remote Desktop Gateway Server Farm</maml:linkText><maml:uri href="mshelp://windows/?id=c1acb922-d89a-4959-a436-5f844ad5acee"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Remove Members of a Remote Desktop Gateway Server Farm</maml:linkText><maml:uri href="mshelp://windows/?id=11b0b5ae-7286-4dba-b328-5858565d7db6"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Disable Management for a Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=175febeb-aab7-4a34-9b74-08cf92517b8d"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Understanding Authorization Policies for Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=9febb447-fd0a-4de8-aa8c-3e0b3df813c4"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Manage Remote Desktop Connection Authorization Policies (RD CAPs)</maml:linkText><maml:uri href="mshelp://windows/?id=a870bc9f-02a2-4767-9ada-3d0241e38bd0"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Manage Remote Desktop Resource Authorization Policies (RD RAPs)</maml:linkText><maml:uri href="mshelp://windows/?id=501642ca-dcd6-475b-bd4b-373a09966de2"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Enable SSL Bridging on the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=f7bb15f8-f7f9-414a-af98-c845e4237646"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Enable NAP Health Policy Checking on the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=5feddf36-b7d9-415e-81b8-c944f6bc3bc6"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Limit the Maximum Number of Simultaneous Connections Through a Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=68002f1c-6573-4d6d-bf76-9d7770925534"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Import or Export Settings for a Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=7d9b8192-42bf-4d62-889f-584648806fc7"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Configure Messaging for a Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=77f9be0d-7b64-46db-902e-31c6ce81ab3e"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list></maml:introduction><maml:content><maml:sections></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Enable NAP Health Policy Checking on the Remote Desktop Gateway Server</maml:title><maml:introduction>
<maml:para>To enhance security, you can configure RD Gateway servers and clients to use Network Access Protection (NAP). NAP is a health policy creation, enforcement, and remediation technology that is included in Windows Server 2008 R2, Windows Server 2008, Windows 7, Windows Vista, and Windows XP Service Pack 3. With NAP, system administrators can enforce health requirements on Remote Desktop Services clients that connect to the RD Gateway server, which can include firewalls being enabled, security update requirements, required computer configurations, and other settings. </maml:para>
<maml:para>By using NAP, you can help ensure that Remote Desktop Services clients meet the health policy requirements of your organization before they are allowed to connect to computers on the corporate network through RD Gateway servers. </maml:para>
<maml:alertSet class="note"><maml:title>Note </maml:title><maml:para>Computers running Windows Server 2008 R2 and Windows Server 2008 cannot be used as NAP clients. Only computers running Windows 7, Windows Vista, and Windows XP Service Pack 3 can be used as NAP clients.</maml:para></maml:alertSet>
<maml:para>To enable NAP health policy checking on the RD Gateway server, you enable a setting on the server that requests that the Remote Desktop Services client sends a statement of health (SoH).</maml:para>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para>
</maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To enable NAP health policy checking on the RD Gateway server</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, point to <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Remote Desktop Gateway Manager</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the Remote Desktop Gateway Manager console tree, right-click the local RD Gateway server, and then click <maml:ui>Properties</maml:ui>. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the <maml:ui>Properties</maml:ui> dialog box for the RD Gateway server, on the <maml:ui>RD CAP Store</maml:ui> tab, verify that the <maml:ui>Request clients to send a statement of health</maml:ui> check box is selected, and then click <maml:ui>OK</maml:ui>.</maml:para>
<maml:para>Ensure that you have properly configured the Remote Desktop Services clients, the RD Gateway server, and the server running NPS. For more information about RD Gateway, see the Remote Desktop Services page on the Windows Server 2008 R2 TechCenter (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=140433</maml:linkText><maml:uri href=" http://go.microsoft.com/fwlink/?LinkId=140433"></maml:uri></maml:navigationLink>).</maml:para></maml:section></maml:sections></maml:step></maml:procedure>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Manage Remote Desktop Connection Authorization Policies (RD CAPs)</maml:linkText><maml:uri href="mshelp://windows/?id=a870bc9f-02a2-4767-9ada-3d0241e38bd0"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Checklist: Configure Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=c9d598e5-8658-4485-b764-4c971ce5cb73"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Open the Remote Desktop Gateway Manager</maml:linkText><maml:uri href="mshelp://windows/?id=27cc58c3-b4bf-4953-bc6c-bc94ec780f73"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections></maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Using Group Policy to Manage Client Connections Through Remote Desktop Gateway</maml:title><maml:introduction>
<maml:para>You can use Group Policy and Active Directory Domain Services to centralize and simplify the administration of RD Gateway policy settings. You use the Local Group Policy Editor to configure these settings, which are contained within Group Policy objects (GPOs). You use the Group Policy Management Console (GPMC) to link GPOs to sites, domains, or organizational units (OUs) in Active Directory Domain Services.</maml:para>
<maml:para>The Local Group Policy Editor operates as an extension to the GPMC. When you edit a GPO from within the GPMC, the Local Group Policy Editor appears, displaying the settings for that particular GPO. You must have edit rights on a GPO in order to open it in the Local Group Policy Editor. </maml:para>
<maml:para>The Default Domain Policy GPO and the Default Domain Controllers Policy GPO are vital to the health of any domain. As a best practice, you should not edit the Default Domain Policy GPO or the Default Domain Controllers Policy GPO, except in the following cases: </maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>It is required that account policy settings be configured in the Default Domain Policy GPO.</maml:para></maml:listItem>
<maml:listItem><maml:para>If you install applications on domain controllers requiring modifications to <maml:ui>User Rights</maml:ui> or <maml:ui>Audit</maml:ui> policy settings, you must modify the policy settings in the Default Domain Controllers Policy GPO.</maml:para></maml:listItem></maml:list>
<maml:para>Group Policy settings for Remote Desktop Services client connections through RD Gateway can be applied in one of two ways. These policy settings can either be suggested (that is, they can be enabled, but not enforced) or they can be enabled and enforced. </maml:para>
<maml:para>To suggest a policy setting for RD Gateway, enable the setting in Group Policy, but do not clear the <maml:ui>Allow users to change this setting</maml:ui> check box. Doing this allows users on the client to enter alternate RD Gateway connection settings. To specify alternate policy settings, users select the <maml:ui>Use these RD Gateway server settings</maml:ui> option in the <maml:ui>RD Gateway Server Settings </maml:ui> dialog box on the client, and then specify the alternate RD Gateway connection settings.</maml:para>
<maml:para>To enforce a policy setting for RD Gateway, enable the setting in Group Policy and clear the <maml:ui>Allow users to change this setting</maml:ui> check box. When you do this, users cannot change the RD Gateway connection setting, even if they select the <maml:ui>Use these RD Gateway server settings</maml:ui> option on the client. For information about how to configure Remote Desktop Services client settings, see <maml:navigationLink><maml:linkText>Configuring the Remote Desktop Services Client for Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=7a03804c-b3cb-44f1-bacd-aec78ba0b3a4"></maml:uri></maml:navigationLink>.</maml:para>
<maml:para>This section provides procedures for using Group Policy to manage Remote Desktop Services client connections to the network through RD Gateway. The following topics are covered:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Set the Remote Desktop Gateway Server Authentication Method</maml:linkText><maml:uri href="mshelp://windows/?id=112c0ebd-f8db-4ab3-be74-f2865d91db37"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Enable Connections Through Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=3e36b1a9-77b9-444f-aa47-4cc4132a2772"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Set the Remote Desktop Gateway Server Address</maml:linkText><maml:uri href="mshelp://windows/?id=72965a27-d33a-4e6e-aeac-f8f6978ecd20"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
</maml:list></maml:introduction><maml:content><maml:sections></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Create a Self-Signed Certificate for the Remote Desktop Gateway Server</maml:title><maml:introduction>
<maml:para>This procedure describes how to use Remote Desktop Gateway Manager to create a self-signed certificate, if you did not already create one by using the Add Roles Wizard when you installed the Remote Desktop Gateway role service.</maml:para>
<maml:alertSet class="important"><maml:title>Important </maml:title><maml:para>We recommend that you use self-signed certificates only for testing and evaluation purposes. </maml:para></maml:alertSet>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para></maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To create a self-signed certificate for the Remote Desktop Gateway server</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, point to <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Remote Desktop Gateway Manager</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the Remote Desktop Gateway Manager console tree, right-click the local RD Gateway server, which is named for the computer on which the RD Gateway server is running, and then click <maml:ui>Properties</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the results pane, under <maml:ui>Configuration Status</maml:ui>, click <maml:ui>View or modify certificate properties</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the <maml:ui>SSL Certificate</maml:ui> tab, click <maml:ui>Create a self-signed certificate</maml:ui>, and then click <maml:ui>Create and Import Certificate</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the <maml:ui>Create Self-Signed Certificate</maml:ui> dialog box, do the following:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>In the <maml:ui>Certificate name</maml:ui> box, verify that the correct fully qualified domain name (FQDN) is specified for the self-signed certificate, or specify a new name. The FQDN must match the DNS name that the client uses to connect to the RD Gateway server, unless you are using wildcard certificates or the SAN attributes of certificates.</maml:para></maml:listItem>
<maml:listItem><maml:para>To store the root certificate in a specified location so that you can manually distribute the root certificate to clients, verify that the <maml:ui>Store the root certificate</maml:ui> check box is selected, and then specify where to store the certificate. By default, this check box is selected and the certificate is stored under the %Windir%\Users\<Username>\Documents folder.</maml:para></maml:listItem>
<maml:listItem><maml:para>Click <maml:ui>OK</maml:ui>.</maml:para></maml:listItem></maml:list></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>If you selected the <maml:ui>Store the root certificate</maml:ui> check box and specified a location for the certificate, a message will appear stating that RD Gateway has successfully created the self-signed certificate, and confirming the location of the stored certificate. Click <maml:ui>OK</maml:ui> to close the message. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Click <maml:ui>OK </maml:ui>again to close the RD Gateway server <maml:ui>Properties </maml:ui>dialog box.</maml:para></maml:section></maml:sections></maml:step></maml:procedure>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional considerations</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para>For information about other methods for obtaining a certificate and certificate requirements for RD Gateway, see <maml:navigationLink><maml:linkText>Obtain a Certificate for the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=3dc83152-acbf-4bf7-a4c2-58dfeab1c63d"></maml:uri></maml:navigationLink>.</maml:para></maml:listItem>
</maml:list>
</maml:introduction></maml:section>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Configure a Certificate for the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=c1066750-4cd7-41dc-ab9c-a7bbc8959a7c"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Checklist: Configure Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=c9d598e5-8658-4485-b764-4c971ce5cb73"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Obtain a Certificate for the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=3dc83152-acbf-4bf7-a4c2-58dfeab1c63d"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section>
</maml:sections></maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Limit the Maximum Number of Simultaneous Connections Through a Remote Desktop Gateway Server</maml:title><maml:introduction>
<maml:para>By default, with the exception of RD Gateway servers that are running on Windows Server 2008 R2 Standard, no limit is set for the number of simultaneous connections that Remote Desktop Services clients can make to internal network resources (computers) through an RD Gateway server. You can optimize RD Gateway server performance by setting a limit for the number of simultaneous connections that clients can make to internal network resources through an RD Gateway server.</maml:para>
<maml:alertSet class="note"><maml:title>Note </maml:title><maml:para>For RD Gateway servers that are running on Windows Server 2008 R2 Standard, a maximum of 250 simultaneous connections is supported.</maml:para></maml:alertSet>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para>
</maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To limit the maximum number of simultaneous connections through a Remote Desktop Gateway server</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, point to <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Remote Desktop Gateway Manager</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the Remote Desktop Gateway Manager console tree, right-click the local RD Gateway server, and then click <maml:ui>Properties</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the <maml:ui>Properties</maml:ui> dialog box for the RD Gateway server, on the <maml:ui>General</maml:ui> tab, under <maml:ui>Maximum Connections</maml:ui>, do one of the following:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>To set a limit for the maximum number of simultaneous connections that Remote Desktop Services clients can make to network resources through RD Gateway, click <maml:ui>Limit maximum allowed simultaneous connections to</maml:ui>, and then specify the number of allowable connections.</maml:para></maml:listItem>
<maml:listItem><maml:para>To set no limit on the number of allowable connections between clients and internal network resources through RD Gateway, click <maml:ui>Allow the maximum supported simultaneous connections</maml:ui>. This is the default option. </maml:para>
<maml:alertSet class="note"><maml:title>Note </maml:title><maml:para>For RD Gateway servers that are running on Windows Server 2008 R2 Standard, a maximum of 250 simultaneous connections is supported.</maml:para></maml:alertSet></maml:listItem>
<maml:listItem><maml:para>To prevent new connections from being made between clients and network resources through RD Gateway, click <maml:ui>Disable new connections</maml:ui>. If you select this option, only new connection attempts will be rejected. Current connections will not be ended by RD Gateway.</maml:para></maml:listItem></maml:list>
</maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Click <maml:ui>OK</maml:ui>.</maml:para></maml:section></maml:sections></maml:step></maml:procedure></maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Configuring the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=5e9559f6-9f0d-4cde-92bc-7e566b446e3a"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Checklist: Configure Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=c9d598e5-8658-4485-b764-4c971ce5cb73"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Open the Remote Desktop Gateway Manager</maml:linkText><maml:uri href="mshelp://windows/?id=27cc58c3-b4bf-4953-bc6c-bc94ec780f73"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections></maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Modify or Remove a Local RD CAP</maml:title><maml:introduction>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para></maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To modify or remove a local RD CAP</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, point to <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Remote Desktop Gateway Manager</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the console tree, click to expand the node that represents the local RD Gateway server, which is named for the computer on which the RD Gateway server is running. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the console tree, expand <maml:ui>Policies</maml:ui>, and then click <maml:ui>Connection Authorization Policies</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Do one of the following:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>To modify the RD CAP, in the results pane, in the list of RD CAPs, right-click the RD CAP, click <maml:ui>Properties</maml:ui>, modify settings as needed, and then click <maml:ui>OK</maml:ui>.</maml:para></maml:listItem>
<maml:listItem><maml:para>To remove the RD CAP, in the results pane, in the list of RD CAPs, right-click the RD CAP, and then click <maml:ui>Delete</maml:ui>.</maml:para></maml:listItem></maml:list>
</maml:section></maml:sections></maml:step></maml:procedure>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Manage Remote Desktop Connection Authorization Policies (RD CAPs)</maml:linkText><maml:uri href="mshelp://windows/?id=a870bc9f-02a2-4767-9ada-3d0241e38bd0"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Open the Remote Desktop Gateway Manager</maml:linkText><maml:uri href="mshelp://windows/?id=27cc58c3-b4bf-4953-bc6c-bc94ec780f73"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Set the Remote Desktop Gateway Server Address</maml:title><maml:introduction>
<maml:para>This procedure describes how to use the Group Policy Management Console (GPMC) to specify the RD Gateway server that Remote Desktop Services clients use when connecting to internal network resources (computers) through an RD Gateway server.</maml:para>
<maml:para>By default, Remote Desktop Services clients automatically detect when RD Gateway is required. </maml:para>
<maml:alertSet class="note"><maml:title>Note </maml:title><maml:para>To manage Group Policy on a Windows Server 2008 R2-based domain controller, you must first add the Group Policy Management Console feature. To do this, start Server Manager, and then under <maml:ui>Feature Summary</maml:ui>, click <maml:ui>Add Features</maml:ui>. On the <maml:ui>Select Features</maml:ui> page, select the <maml:ui>Group Policy Management</maml:ui> check box. Follow the on-screen instructions to complete the installation.</maml:para></maml:alertSet>
<maml:para>To change Group Policy settings for a domain or an organizational unit (OU), you must be logged on as a member of the <maml:phrase>Domain Admins</maml:phrase>, <maml:phrase>Enterprise Admins</maml:phrase>, or the <maml:phrase>Group Policy Creator Owners</maml:phrase> group, or have been delegated the appropriate control over Group Policy.</maml:para>
</maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To set the Remote Desktop Gateway server address</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Start the GPMC. To do so, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, and then click <maml:ui>Group Policy Management</maml:ui>. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the left pane, locate the OU that you want to edit.</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>To modify an existing Group Policy object (GPO) for the OU, expand the OU, and then click the GPO.</maml:para></maml:listItem>
<maml:listItem><maml:para>To create a new GPO, follow these steps:</maml:para>
<maml:list class="ordered">
<maml:listItem><maml:para>Right-click the OU, and then click <maml:ui>Create a GPO in this domain, and link it here</maml:ui>.</maml:para></maml:listItem>
<maml:listItem><maml:para>In the <maml:ui>Name</maml:ui> box, type a name for the GPO, and then click <maml:ui>OK</maml:ui>.</maml:para></maml:listItem>
<maml:listItem><maml:para>In the left pane, locate and click the new GPO.</maml:para></maml:listItem>
</maml:list></maml:listItem>
</maml:list>
</maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the right pane, click the <maml:ui>Settings</maml:ui> tab.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Right click <maml:ui>User Configuration</maml:ui>, and then click <maml:ui>Edit</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the left pane, under <maml:ui>User Configuration</maml:ui>, expand <maml:ui>Administrative Templates</maml:ui>, expand <maml:ui>Windows Components</maml:ui>, expand <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>RD Gateway</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the right pane, in the list of settings, right-click <maml:ui>Set RD Gateway server address</maml:ui>, and then click <maml:ui>Properties</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the <maml:ui>Settings</maml:ui> tab, do one of the following:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>Click <maml:ui>Not Configured</maml:ui>. Remote Desktop Services clients automatically detect when RD Gateway is required. When a connection through RD Gateway is required, the RD Gateway server or RD Gateway server farm specified by the user is used.</maml:para></maml:listItem>
<maml:listItem><maml:para>Click<maml:ui> Enabled</maml:ui>, and then specify a valid, fully qualified domain name (FQDN) of the RD Gateway server or RD Gateway server farm that clients are to use when connecting to internal network resources. The name must match the name that appears in the Secure Sockets Layer (SSL) certificate for the RD Gateway server. </maml:para>
<maml:para>By default, the <maml:ui>Allow users to change this setting</maml:ui> check box is selected, meaning that this setting is suggested, and users can specify an alternate RD Gateway server or RD Gateway server farm. To enforce this setting so that users cannot specify an alternate RD Gateway server or RD Gateway farm, clear this check box.</maml:para></maml:listItem>
<maml:listItem><maml:para>Click <maml:ui>Disabled</maml:ui>. Remote Desktop Services clients automatically detect when RD Gateway is required.</maml:para>
<maml:alertSet class="important"><maml:title>Important </maml:title><maml:para>If you disable or do not configure this policy setting, but enable the <maml:ui>Enable connections through RD Gateway</maml:ui> policy setting, client connection attempts to any internal network resource will fail, if the client cannot connect directly to the internal network resource. </maml:para></maml:alertSet></maml:listItem>
</maml:list>
</maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Click <maml:ui>OK</maml:ui>.</maml:para></maml:section></maml:sections></maml:step></maml:procedure>
<maml:alertSet class="note"><maml:title>Note </maml:title><maml:para>To configure RD Gateway settings by using the local computer policy, use the Local Group Policy Editor. To start the Local Group Policy Editor, click <maml:ui>Start</maml:ui>, click <maml:ui>Run</maml:ui>, type <maml:userInput>gpedit.msc</maml:userInput> and then click <maml:ui>OK</maml:ui>. To configure local Group Policy settings, you must be a member of the <maml:phrase>Administrators</maml:phrase> group on the local computer or you must have been delegated the appropriate authority.</maml:para></maml:alertSet>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Using Group Policy to Manage Client Connections Through Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=6101f2ee-3ac2-4a80-a6ea-85cbd9141a08"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Checklist: Configure Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=c9d598e5-8658-4485-b764-4c971ce5cb73"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Configure Messaging for a Remote Desktop Gateway Server</maml:title><maml:introduction>
<maml:para>This procedure describes how to create and enable a system message or a logon message for an RD Gateway server. </maml:para>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para>
</maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To configure messaging on RD Gateway</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, point to <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Remote Desktop Gateway Manager</maml:ui>. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the Remote Desktop Gateway Manager console tree, right-click the local RD Gateway server, and then click <maml:ui>Properties</maml:ui>. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the <maml:ui>Properties</maml:ui> dialog box for the RD Gateway server, on the <maml:ui>Messaging</maml:ui> tab, set messaging as follows:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>To set a system message:</maml:para>
<maml:list class="ordered">
<maml:listItem><maml:para>Select the <maml:ui>Enable system message</maml:ui> check box. </maml:para></maml:listItem>
<maml:listItem><maml:para>In the box under <maml:ui>Enable system message</maml:ui>, type the administrative message to be displayed to users. </maml:para></maml:listItem>
<maml:listItem><maml:para>Select the date and time for the administrative message to be displayed by using the <maml:ui>Start Time</maml:ui> and <maml:ui>End Time</maml:ui> lists.</maml:para></maml:listItem>
<maml:listItem><maml:para>To review the message before enabling it, click <maml:ui>Preview</maml:ui>. Verify the message and then click <maml:ui>OK</maml:ui>.</maml:para></maml:listItem></maml:list></maml:listItem>
<maml:listItem><maml:para>To set a logon message:</maml:para>
<maml:list class="ordered">
<maml:listItem><maml:para>To display a logon message to users, you first need to create and save the text to be displayed to users in a separate text file.</maml:para></maml:listItem>
<maml:listItem><maml:para>Select the <maml:ui>Enable logon message</maml:ui> check box. </maml:para></maml:listItem>
<maml:listItem><maml:para>Under <maml:ui>Enable logon message</maml:ui>, click <maml:ui>Browse</maml:ui>. In the <maml:ui>Open</maml:ui> dialog box, select the file to display to users, and then click <maml:ui>Open</maml:ui>.</maml:para></maml:listItem>
<maml:listItem><maml:para>To review the message before enabling it, click <maml:ui>Preview</maml:ui>. Verify the message and then click <maml:ui>OK</maml:ui>.</maml:para></maml:listItem>
</maml:list></maml:listItem></maml:list></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>To limit connections to the Remote Desktop Connection client 7.0, select the <maml:ui>Only allow connections from Remote Desktop Services clients that support RD Gateway messaging</maml:ui> check box. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Click <maml:ui>OK</maml:ui>.</maml:para></maml:section></maml:sections></maml:step></maml:procedure>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Configuring the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=5e9559f6-9f0d-4cde-92bc-7e566b446e3a"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Checklist: Configure Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=c9d598e5-8658-4485-b764-4c971ce5cb73"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Understanding Authorization Policies for Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=9febb447-fd0a-4de8-aa8c-3e0b3df813c4"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Open the Remote Desktop Gateway Manager</maml:linkText><maml:uri href="mshelp://windows/?id=27cc58c3-b4bf-4953-bc6c-bc94ec780f73"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Configuring the Remote Desktop Services Client for Remote Desktop Gateway</maml:title><maml:introduction>
<maml:para>This section provides procedures for configuring your Remote Desktop Services clients to connect to internal network resources (computers) through RD Gateway. The following topics are covered:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Install the Remote Desktop Gateway Server Root Certificate on the Remote Desktop Services Client</maml:linkText><maml:uri href="mshelp://windows/?id=4c15509d-daed-4b4a-bffa-28de41355bbf"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Configure Remote Desktop Connection Settings for Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=13337aba-9d4f-4097-bd9b-33ed3567608c"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction><maml:content><maml:sections></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Import or Export Settings for a Remote Desktop Gateway Server</maml:title><maml:introduction>
<maml:para>To simplify administration and configuration for multiple RD Gateway servers, you can use Remote Desktop Gateway Manager to import or export policy and configuration settings for an RD Gateway server. </maml:para>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para>
</maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To import or export settings for a Remote Desktop Gateway server</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, point to <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Remote Desktop Gateway Manager</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the Remote Desktop Gateway Manager console tree, right-click the local RD Gateway server, and then do one of the following:</maml:para>
<maml:list class="unordered">
<maml:listItem>
<maml:para>To export settings for the RD Gateway server, click <maml:ui>Export policy and configuration settings</maml:ui>. </maml:para>
<maml:list class="ordered">
<maml:listItem><maml:para>In the <maml:ui>Export policy and configuration settings</maml:ui> dialog box, in the <maml:ui>Specify a name for the file</maml:ui> box, enter a name for the file, and in the <maml:ui>Location</maml:ui> box, enter a location for the file. </maml:para></maml:listItem>
<maml:listItem><maml:para>Click <maml:ui>OK</maml:ui>. </maml:para>
<maml:alertSet class="note"><maml:title>Note </maml:title><maml:para>If the directory that you specify does not already exist, or if a file with the same name already exists, appropriate messages will appear to allow you to create the directory, or to overwrite the existing file, respectively.</maml:para></maml:alertSet></maml:listItem>
<maml:listItem><maml:para>In the <maml:ui>RD Gateway</maml:ui> dialog box, click <maml:ui>OK</maml:ui>.</maml:para></maml:listItem></maml:list></maml:listItem>
<maml:listItem><maml:para>To import settings for an RD Gateway server, click <maml:ui>Import policy and configuration settings</maml:ui>. </maml:para>
<maml:list class="ordered">
<maml:listItem><maml:para>In the <maml:ui>Import policy and configuration settings</maml:ui> dialog box, in the <maml:ui>Specify the file that you want to import</maml:ui> box, enter a name and location for the file that you want to import. </maml:para></maml:listItem>
<maml:listItem><maml:para>Click <maml:ui>OK</maml:ui>. </maml:para>
<maml:alertSet class="warning"><maml:title>Warning </maml:title><maml:para>Importing the file will cause existing policy and configuration settings for the RD Gateway server to be overwritten.</maml:para></maml:alertSet></maml:listItem>
<maml:listItem><maml:para>In the <maml:ui>RD Gateway</maml:ui> dialog box, click <maml:ui>Yes</maml:ui>. An <maml:ui>RD Gateway</maml:ui> message indicates that the import is in progress. </maml:para></maml:listItem>
<maml:listItem><maml:para>In the <maml:ui>RD Gateway</maml:ui> dialog box, click <maml:ui>OK</maml:ui>. </maml:para></maml:listItem></maml:list>
</maml:listItem></maml:list></maml:section></maml:sections></maml:step></maml:procedure></maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Configuring the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=5e9559f6-9f0d-4cde-92bc-7e566b446e3a"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Checklist: Configure Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=c9d598e5-8658-4485-b764-4c971ce5cb73"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Open the Remote Desktop Gateway Manager</maml:linkText><maml:uri href="mshelp://windows/?id=27cc58c3-b4bf-4953-bc6c-bc94ec780f73"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections></maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>View or Modify Certificate Properties</maml:title><maml:introduction>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para></maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To view or modify certificate properties</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, point to <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Remote Desktop Gateway Manager</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the Remote Desktop Gateway Manager console tree, right-click the local RD Gateway server, and then click <maml:ui>Properties</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the <maml:ui>Properties</maml:ui> dialog box for the RD Gateway server, on the <maml:ui>SSL Certificate</maml:ui> tab, click <maml:ui>Select an existing certificate from the RD Gateway</maml:ui> <maml:replaceable><RD Gateway Server Name></maml:replaceable> <maml:ui>Certificates (Local Computer)/Personal store</maml:ui>, where <maml:replaceable><RD Gateway Server Name></maml:replaceable> is the name for the computer on which the RD Gateway server is running.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Click <maml:ui>Import Certificate</maml:ui>, and then do one of the following in the <maml:ui>Import Certificate</maml:ui> dialog box:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>To map a different certificate to the RD Gateway server, select the certificate that you want this RD Gateway server to use, and then click <maml:ui>Import</maml:ui>. On the <maml:ui>SSL Certificates</maml:ui> tab, review the <maml:ui>Issued to</maml:ui>, <maml:ui>Issued by</maml:ui>, and <maml:ui>Expiration date </maml:ui>fields to verify that the correct certificate is mapped to the RD Gateway server.</maml:para></maml:listItem>
<maml:listItem><maml:para>To view the properties for a certificate that is installed on the RD Gateway server, select the certificate that you want to view, and then click <maml:ui>View Certificate</maml:ui>. In the <maml:ui>Certificate</maml:ui> dialog box, review the certificate properties, click <maml:ui>OK</maml:ui> to close the <maml:ui>Certificate</maml:ui> dialog box, and then click <maml:ui>Cancel</maml:ui> to close the <maml:ui>Install Certificate</maml:ui> dialog box. </maml:para></maml:listItem></maml:list></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Click <maml:ui>OK</maml:ui> to close the RD Gateway server <maml:ui>Properties</maml:ui> dialog box. </maml:para></maml:section></maml:sections></maml:step></maml:procedure>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Configure a Certificate for the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=c1066750-4cd7-41dc-ab9c-a7bbc8959a7c"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Open the Remote Desktop Gateway Manager</maml:linkText><maml:uri href="mshelp://windows/?id=27cc58c3-b4bf-4953-bc6c-bc94ec780f73"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Checklist: Configure Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=c9d598e5-8658-4485-b764-4c971ce5cb73"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Overview of Remote Desktop Gateway</maml:title><maml:introduction></maml:introduction><maml:content><maml:sections><maml:section>
<maml:title>What is Remote Desktop Gateway?</maml:title><maml:introduction>
<maml:para>Remote Desktop Gateway (RD Gateway) is a role service that enables authorized remote users to connect to resources on an internal corporate or private network, from any Internet-connected device that can run the Remote Desktop Connection (RDC) client. The network resources can be Remote Desktop Session Host (RD Session Host) servers, RD Session Host servers running RemoteApp programs, or computers with Remote Desktop enabled. </maml:para>
<maml:para>RD Gateway uses the Remote Desktop Protocol (RDP) over HTTPS to establish a secure, encrypted connection between remote users on the Internet and the internal network resources on which their productivity applications run. </maml:para></maml:introduction></maml:section><maml:section>
<maml:title>Why use Remote Desktop Gateway?</maml:title><maml:introduction>
<maml:para>RD Gateway provides many benefits, including:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>RD Gateway enables remote users to connect to internal network resources over the Internet, by using an encrypted connection, without needing to configure virtual private network (VPN) connections.</maml:para></maml:listItem>
<maml:listItem><maml:para>RD Gateway provides a comprehensive security configuration model that enables you to control access to specific internal network resources. RD Gateway provides a point-to-point RDP connection, rather than allowing remote users access to all internal network resources.</maml:para></maml:listItem>
<maml:listItem><maml:para>RD Gateway enables most remote users to connect to internal network resources that are hosted behind firewalls in private networks and across network address translators (NATs). With RD Gateway, you do not need to perform additional configuration for the RD Gateway server or clients for this scenario.</maml:para>
<maml:para>Prior to this release of Windows Server, security measures prevented remote users from connecting to internal network resources across firewalls and NATs. This is because port 3389, the port used for RDP connections, is typically blocked for network security purposes. RD Gateway transmits RDP traffic to port 443 instead, by using an HTTP Secure Sockets Layer/Transport Layer Security (SSL/TLS) tunnel. Because most corporations open port 443 to enable Internet connectivity, RD Gateway takes advantage of this network design to provide remote access connectivity across multiple firewalls. </maml:para></maml:listItem>
<maml:listItem><maml:para>The Remote Desktop Gateway Manager enables you to configure authorization policies to define conditions that must be met for remote users to connect to internal network resources. For example, you can specify:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>Who can connect to internal network resources (in other words, the user groups who can connect). </maml:para></maml:listItem>
<maml:listItem><maml:para>What network resources (computer groups) users can connect to.</maml:para></maml:listItem>
<maml:listItem><maml:para>Whether client computers must be members of Active Directory security groups.</maml:para></maml:listItem>
<maml:listItem><maml:para>Whether device redirection is allowed.</maml:para></maml:listItem>
<maml:listItem><maml:para>Whether clients need to use smart card authentication or password authentication, or whether they can use either method.</maml:para></maml:listItem></maml:list></maml:listItem>
<maml:listItem><maml:para>You can configure RD Gateway servers and Remote Desktop Services clients to use Network Access Protection (NAP) to further enhance security. NAP is a health policy creation, enforcement, and remediation technology that is included in Windows Server® 2008 R2, Windows Server® 2008, Windows® 7, Windows Vista®, and Windows® XP Service Pack 3. With NAP, system administrators can enforce health requirements, which can include software requirements, security update requirements, required computer configurations, and other settings. </maml:para>
<maml:alertSet class="note"><maml:title>Note </maml:title><maml:para>Computers running Windows Server 2008 R2 or Windows Server 2008 cannot be used as NAP clients when RD Gateway enforces NAP. Only computers running Windows 7, Windows Vista, or Windows XP SP3 can be used as NAP clients when RD Gateway enforces NAP.</maml:para></maml:alertSet>
<maml:para>For information about how to configure RD Gateway to use NAP for health policy enforcement for Remote Desktop Services clients that connect to RD Gateway servers, see the Remote Desktop Services page on the Windows Server 2008 R2 TechCenter (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?linkid=140433</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?linkid=140433"></maml:uri></maml:navigationLink>).</maml:para></maml:listItem>
<maml:listItem><maml:para>You can use RD Gateway server with Microsoft Internet Security and Acceleration (ISA) Server to enhance security. In this scenario, you can host RD Gateway servers in a private network rather than a perimeter network, and host ISA Server in the perimeter network. The Secure Sockets Layer (SSL) connection between the Remote Desktop Services client and ISA Server can be terminated at the ISA Server, which is Internet-facing. </maml:para>
<maml:para>For information about how to configure ISA Server as an SSL termination device for RD Gateway server scenarios, see the Remote Desktop Services page on the Windows Server 2008 R2 TechCenter (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?linkid=140433</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?linkid=140433"></maml:uri></maml:navigationLink>).</maml:para></maml:listItem>
<maml:listItem><maml:para>Remote Desktop Gateway Manager provides tools to help you monitor RD Gateway server status and events. By using Remote Desktop Gateway Manager, you can specify events (such as unsuccessful connection attempts to the RD Gateway server) that you want to monitor for auditing purposes.</maml:para></maml:listItem></maml:list></maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Remote Desktop Gateway Manager</maml:linkText><maml:uri href="mshelp://windows/?id=2caaafad-233f-47b6-b21d-12e2b027619b"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
</maml:list></maml:introduction></maml:section></maml:sections></maml:section></maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Understanding Authorization Policies for Remote Desktop Gateway</maml:title><maml:introduction>
<maml:para>After you install the RD Gateway role service and configure a certificate for the RD Gateway server, you must create Remote Desktop connection authorization policies (RD CAPs), computer groups, and Remote Desktop resource authorization policies (RD RAPs). </maml:para>
<maml:para>This topic describes how RD CAPs, computer groups, and RD RAPs enable you to control remote user access to internal network resources (computers) when those users connect to the internal network over the Internet through RD Gateway.</maml:para></maml:introduction><maml:content><maml:sections><maml:section>
<maml:title>RD CAPs</maml:title><maml:introduction>
<maml:para>RD CAPs allow you to specify who can connect to an RD Gateway server. You can specify a user group that exists on the local RD Gateway server or in Active Directory Domain Services. You can also specify other conditions that users must meet to access an RD Gateway server. You can list specific conditions in each RD CAP. For example, you might require a group of users to use a smart card to connect through RD Gateway.</maml:para>
<maml:alertSet class="important"><maml:title>Important </maml:title><maml:para>Users are granted access to an RD Gateway server if they meet the conditions specified in the RD CAP. You must also create a Remote Desktop resource authorization policy (RD RAP). An RD RAP allows you to specify the network resources (computers) that users can connect to through RD Gateway. Until you create both an RD CAP and an RD RAP, users cannot connect to network resources through this RD Gateway server. </maml:para></maml:alertSet>
<maml:para>For information about how to create RD CAPs, see <maml:navigationLink><maml:linkText>Manage Remote Desktop Connection Authorization Policies (RD CAPs)</maml:linkText><maml:uri href="mshelp://windows/?id=a870bc9f-02a2-4767-9ada-3d0241e38bd0"></maml:uri></maml:navigationLink>.</maml:para></maml:introduction></maml:section><maml:section>
<maml:title>RD RAPs</maml:title><maml:introduction>
<maml:para>RD RAPs allow you to specify the internal network resources that remote users can connect to through an RD Gateway server. When you create an RD RAP, you can create a computer group (a list of computers on the internal network to which you want the remote users to connect) and associate it with the RD RAP.</maml:para>
<maml:para>Remote users connecting to an internal network through an RD Gateway server are granted access to computers on the network if they meet the conditions specified in at least one RD CAP and one RD RAP.</maml:para>
<maml:alertSet class="note"><maml:title>Note </maml:title><maml:para>When you associate an RD Gateway-managed computer group with an RD RAP, you can support both fully qualified domain names (FQDNs) and NetBIOS names by adding both names to the RD Gateway-managed computer group separately. When you associate an Active Directory security group with an RD RAP, both FQDNs and NetBIOS names are supported automatically if the internal network computer that the client is connecting to belongs to the same domain as the RD Gateway server. If the internal network computer belongs to a different domain than the RD Gateway server, users must specify the FQDN of the internal network computer.</maml:para></maml:alertSet>
<maml:para>For information about how to create RD RAPs, see <maml:navigationLink><maml:linkText>Manage Remote Desktop Resource Authorization Policies (RD RAPs)</maml:linkText><maml:uri href="mshelp://windows/?id=501642ca-dcd6-475b-bd4b-373a09966de2"></maml:uri></maml:navigationLink>.</maml:para>
<maml:para>Together, RD CAPs and RD RAPs provide two different levels of authorization to provide you with the ability to configure a more specific level of access control to computers on an internal network.</maml:para></maml:introduction></maml:section><maml:section>
<maml:title>Network resource groups and RD Gateway-managed computer groups associated with RD RAPs</maml:title><maml:introduction>
<maml:para>Remote users can connect through RD Gateway to internal network resources in a security group or an RD Gateway-managed computer group. The group can be any one of the following:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:phrase>Select an Active Directory Domain Services network resource group.</maml:phrase> The network resource group already exists in Active Directory Domain Services.</maml:para></maml:listItem>
<maml:listItem><maml:para><maml:phrase>Select an existing RD Gateway-managed group or create a new one.</maml:phrase> You can configure an RD Gateway-managed computer group or select an existing one, by using Remote Desktop Gateway Manager after installation.</maml:para>
<maml:para>An RD Gateway-managed computer group will not appear in Local Users and Groups on the RD Gateway server, nor can it be configured by using Local Users and Groups.</maml:para></maml:listItem>
<maml:listItem><maml:para><maml:phrase>Allow users to connect to any network resource.</maml:phrase> In this case, users can connect to any computer on the internal network that they could connect to when they use Remote Desktop Connection.</maml:para></maml:listItem></maml:list>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Configuring the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=5e9559f6-9f0d-4cde-92bc-7e566b446e3a"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Manage Remote Desktop Connection Authorization Policies (RD CAPs)</maml:title><maml:introduction>
<maml:para>This section provides procedures for configuring Remote Desktop connection authorization policies (RD CAPs), which allow Remote Desktop Services clients to connect to an RD Gateway server. The following topics are covered:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Understanding Requirements for Connecting to a Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=108df0e7-74d7-475f-8220-bd4ada9b241a"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Create an RD CAP</maml:linkText><maml:uri href="mshelp://windows/?id=19335e57-6a8e-433e-ad47-33bb755483ec"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Enable or Disable an RD CAP</maml:linkText><maml:uri href="mshelp://windows/?id=3aceb57c-37ff-46ac-b545-148f8589c480"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>View Details About Local RD CAPs</maml:linkText><maml:uri href="mshelp://windows/?id=5a8faf78-8f09-4436-bcd5-59cfcbd0d1fa"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Modify or Remove a Local RD CAP</maml:linkText><maml:uri href="mshelp://windows/?id=6fa1b98d-0c8d-4f6b-bc7f-2cfc3b6080aa"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Specify a New Central RD CAP Store</maml:linkText><maml:uri href="mshelp://windows/?id=3073bf53-86a6-45df-9e65-d86eccaadf40"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Specify an Existing Local or Central RD CAP Store</maml:linkText><maml:uri href="mshelp://windows/?id=f6b86bd9-d865-45e1-9c71-fe9fa9dbd1aa"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Remove a Server Running NPS or Change a Server Shared Secret for a Centrally Stored RD CAP</maml:linkText><maml:uri href="mshelp://windows/?id=fe6baab3-414b-4069-8f80-0b4c534bb830"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction><maml:content><maml:sections></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Remote Desktop Gateway Installation Prerequisites</maml:title><maml:introduction>
<maml:para>For RD Gateway to function correctly, you must meet these prerequisites:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>You must have a server with Windows Server 2008 R2 installed.</maml:para></maml:listItem>
<maml:listItem><maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para></maml:listItem>
<maml:listItem><maml:para>You must obtain a Secure Sockets Layer (SSL) certificate for the RD Gateway server if you do not have one already. By default, on the RD Gateway server, the Internet Information Services (IIS) service uses Transport Layer Security (TLS) 1.0 to encrypt communications between clients and RD Gateway servers over the Internet. For TLS to function correctly, you must install an SSL certificate on the RD Gateway server.</maml:para>
<maml:alertSet class="note"><maml:title>Note </maml:title><maml:para>You do not need a certification authority (CA) infrastructure within your organization if you can use another method to obtain an externally trusted certificate that meets the requirements for RD Gateway. If your company does not maintain a stand-alone CA or an enterprise CA and you do not have a compatible certificate from a trusted public CA, you can create and import a self-signed certificate for your RD Gateway server for technical evaluation and testing purposes. For more information, see <maml:navigationLink><maml:linkText>Create a Self-Signed Certificate for the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=64c82f36-c887-44af-997a-63063aa36136"></maml:uri></maml:navigationLink>.</maml:para></maml:alertSet>
<maml:para>For information about certificate requirements for RD Gateway and how to obtain and install a certificate, see <maml:navigationLink><maml:linkText>Obtain a Certificate for the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=3dc83152-acbf-4bf7-a4c2-58dfeab1c63d"></maml:uri></maml:navigationLink>.</maml:para></maml:listItem>
<maml:listItem><maml:para>If you configure an RD Gateway authorization policy that requires that users on client computers be members of an Active Directory security group to connect to the RD Gateway servers, the RD Gateway servers must also be members of an Active Directory domain.</maml:para></maml:listItem></maml:list></maml:introduction><maml:content><maml:sections><maml:section>
<maml:title>Role, role service, and feature dependencies</maml:title><maml:introduction>
<maml:para>To function correctly, RD Gateway requires several role services and features to be installed and running. When you use Server Manager to install the RD Gateway role service, the following additional roles, role services, and features are automatically installed and started, if they are not already installed: </maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>Remote procedure call (RPC) over HTTP Proxy </maml:para></maml:listItem>
<maml:listItem><maml:para>Web Server (IIS) [Internet Information Services] </maml:para>
<maml:para>IIS must be installed and running for the RPC over HTTP Proxy feature to function.</maml:para></maml:listItem>
<maml:listItem><maml:para>Network Policy and Access Services </maml:para>
<maml:para>You can also configure RD Gateway to use Remote Desktop connection authorization policies (RD CAPs) that are stored on another server that runs the Network Policy Server (NPS) service. By doing this, you are using the server running NPS, formerly known as a Remote Authentication Dial-In User Service (RADIUS) server, to centralize the storage, management, and validation of RD CAPs. If you have already deployed a server running NPS for remote access scenarios such as VPN and dial-up networking, using the existing server running NPS for RD Gateway scenarios as well can enhance your deployment.</maml:para></maml:listItem></maml:list>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Remote Desktop Gateway Manager</maml:linkText><maml:uri href="mshelp://windows/?id=2caaafad-233f-47b6-b21d-12e2b027619b"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
</maml:list></maml:introduction></maml:section></maml:sections></maml:section></maml:sections></maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Specify Computers That Users Can Connect to Through Remote Desktop Gateway</maml:title><maml:introduction>
<maml:para>Remote users can connect through RD Gateway to internal network resources in an existing security group, an RD Gateway-managed computer group, or an RD Session Host server farm. </maml:para>
<maml:para>The group can be any of the following:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>An existing Active Directory Domain Services network resource group.</maml:para></maml:listItem>
<maml:listItem><maml:para>An existing RD Gateway-managed group or a new RD Gateway-managed group.</maml:para>
<maml:alertSet class="important"><maml:title>Important </maml:title><maml:para>If users are connecting to members of a terminal server farm by using Terminal Services Session Broker (TS Session Broker) running on Windows Server 2008, you must select this option. The name of the farm and the name of each member must be specified in the computer group.</maml:para></maml:alertSet></maml:listItem>
<maml:listItem><maml:para>Any network resource.</maml:para></maml:listItem></maml:list>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para>
<maml:procedure><maml:title>To specify computers that users can connect to through RD Gateway</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, point to <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Remote Desktop Gateway Manager</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the Remote Desktop Gateway Manager console tree, click to expand the node that represents your RD Gateway server, which is named for the computer on which the RD Gateway server is running.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the console tree, expand <maml:ui>Policies</maml:ui>, and then click <maml:ui>Resource Authorization Policies</maml:ui>. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>With the <maml:ui>Resource Authorization Policies</maml:ui> folder selected, right-click the RD RAP for which you want to specify a computer group, and then click <maml:ui>Properties</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the <maml:ui>Network Resource</maml:ui> tab, specify the computer group that users can connect to through RD Gateway by doing one of the following:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>To specify an existing Active Directory Domain Services network resource group, click <maml:ui>Select an Active Directory Domain Services network resource group</maml:ui>. This is the default option.</maml:para>
<maml:list class="ordered">
<maml:listItem><maml:para>Click <maml:ui>Browse</maml:ui>. </maml:para></maml:listItem>
<maml:listItem><maml:para>In the <maml:ui>Select Group</maml:ui> dialog box, specify the user group location and name, and then click <maml:ui>OK</maml:ui>.</maml:para></maml:listItem></maml:list></maml:listItem>
<maml:listItem><maml:para>To specify an RD Gateway-managed computer group, click <maml:ui>Select an existing RD Gateway-managed group or create a new one</maml:ui>, and then click <maml:ui>Browse</maml:ui>. In the <maml:ui>Select an RD Gateway-managed computer group</maml:ui> dialog box, do one of the following: </maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>Select an existing RD Gateway-managed computer group by clicking the name of the computer group that you want to use, and then click <maml:ui>OK</maml:ui>. </maml:para></maml:listItem>
<maml:listItem><maml:para>Create a new RD Gateway-managed computer group by clicking <maml:ui>Create New Group</maml:ui>. </maml:para>
<maml:list class="ordered">
<maml:listItem><maml:para>In the <maml:ui>New RD Gateway-Managed Computer Group</maml:ui> dialog box, on the <maml:ui>General</maml:ui> tab, in the <maml:ui>Name</maml:ui> box, enter a name for the new RD Gateway-managed computer group. In the <maml:ui>Description</maml:ui> box, enter a description. </maml:para></maml:listItem>
<maml:listItem><maml:para>On the <maml:ui>Network Resources </maml:ui>tab, type the name or IP address of the computer or remote desktop farm that you want to add, and then click <maml:ui>Add</maml:ui>. Repeat this step as needed to specify additional computers, and then click <maml:ui>OK</maml:ui> to close the <maml:ui>New RD Gateway-Managed Computer Group</maml:ui> dialog box.</maml:para></maml:listItem>
<maml:listItem><maml:para>In the <maml:ui>Select an RD Gateway-managed computer group</maml:ui> dialog box, click the name of the new computer group, and then click <maml:ui>OK</maml:ui>.</maml:para></maml:listItem></maml:list>
<maml:alertSet class="important"><maml:title>Important </maml:title><maml:para>When you add an internal corporate network computer to the list of RD Gateway-managed computers, keep in mind that if you want to allow remote users to connect to the computer by specifying either its computer name or its IP address, you must add the computer to the computer group twice (by specifying the computer name of the computer and adding it to the computer group and then specifying the IP address of the computer and adding it to the computer group again). If you specify only an IP address for a computer when you add it to a computer group, users must also specify the IP address of that computer when they connect to that computer through RD Gateway. To ensure that remote users connect to the internal corporate network computers that you intend, we recommend that you do not specify IP addresses for the computers, if the computers are not configured to use static IP addresses. For example, you should not specify IP addresses if your organization uses DHCP to dynamically reconfigure IP addresses for the computers.</maml:para></maml:alertSet></maml:listItem></maml:list></maml:listItem>
<maml:listItem><maml:para>To specify any network resource, click <maml:ui>Allow users to connect to any network resource</maml:ui>, and then click <maml:ui>OK</maml:ui>.</maml:para></maml:listItem>
</maml:list></maml:section></maml:sections></maml:step></maml:procedure></maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Checklist: Configure Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=c9d598e5-8658-4485-b764-4c971ce5cb73"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Create an RD RAP</maml:linkText><maml:uri href="mshelp://windows/?id=f90e0f61-e72e-46d1-a179-1d912ded2757"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Understanding Authorization Policies for Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=9febb447-fd0a-4de8-aa8c-3e0b3df813c4"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Open the Remote Desktop Gateway Manager</maml:linkText><maml:uri href="mshelp://windows/?id=27cc58c3-b4bf-4953-bc6c-bc94ec780f73"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
</maml:list></maml:introduction></maml:section></maml:sections></maml:section></maml:sections></maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Configure a Certificate for the Remote Desktop Gateway Server</maml:title><maml:introduction>
<maml:para>By default, Transport Layer Security (TLS) 1.0 is used to encrypt communications between Remote Desktop Services clients and RD Gateway servers over the Internet. For TLS to function correctly, you must install a Secure Sockets Layer-compatible X.509 certificate on the RD Gateway server.</maml:para>
<maml:para>You can obtain a certificate in one of the following ways: </maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>You can generate and submit a certificate request to obtain a certificate from a stand-alone or an enterprise certification authority (CA).</maml:para></maml:listItem>
<maml:listItem><maml:para>You can purchase a certificate (or obtain one at no cost on a trial basis) from one of the trusted public CAs that participate in the Microsoft Root Certificate Program Members program [as listed in article 931125 in the Microsoft Knowledge Base (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkID=59547</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkID=59547"></maml:uri></maml:navigationLink>)].</maml:para></maml:listItem>
<maml:listItem><maml:para>You can use the Add Roles Wizard to create a self-signed certificate when you install the RD Gateway role service, or you can use Remote Desktop Gateway Manager to do this after RD Gateway is installed. </maml:para></maml:listItem></maml:list>
<maml:alertSet class="note"><maml:title>Note </maml:title><maml:para>We recommend that you use a self-signed certificate only for testing and evaluation purposes.</maml:para></maml:alertSet>
<maml:para>For more information about RD Gateway, see the Remote Desktop Services page on the Windows Server 2008 R2 TechCenter (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=140433</maml:linkText><maml:uri href=" http://go.microsoft.com/fwlink/?LinkId=140433"></maml:uri></maml:navigationLink>).</maml:para>
<maml:para>This section describes certificate requirements for the RD Gateway server and provides more information about the different methods that you can use to obtain a certificate. The following topics are covered:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Obtain a Certificate for the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=3dc83152-acbf-4bf7-a4c2-58dfeab1c63d"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Create a Self-Signed Certificate for the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=64c82f36-c887-44af-997a-63063aa36136"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Select an Existing Certificate for Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=496e8935-e910-4692-a465-f6c7b3cfda16"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Import a Certificate into Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=d65ea2bf-6a7a-47a7-81f9-83c0322d0103"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>View or Modify Certificate Properties</maml:linkText><maml:uri href="mshelp://windows/?id=80dccb05-7115-43be-a08a-30c9b7465899"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list></maml:introduction><maml:content><maml:sections></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Create a Remote Desktop Gateway Server Farm</maml:title><maml:introduction>
<maml:para>RD Gateway uses two connections for each client session: one for inbound traffic and one for outbound traffic. This procedure is required to ensure that if a load balancer distributes each connection to a different RD Gateway server, the traffic from both connections will be redirected to the same RD Gateway server.</maml:para>
<maml:alertSet class="important"><maml:title>Important </maml:title><maml:para>You must already have load balancing configured before completing this procedure. RD Gateway does not perform load balancing itself. This procedure only ensures that RD Gateway will function correctly with a load-balancing solution that is already in place.</maml:para></maml:alertSet>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para>
<maml:alertSet class="important"><maml:title>Important </maml:title><maml:para>The RD Gateway servers that you add to the RD Gateway server farm must be domain members, and they must each have identical Remote Desktop connection authorization policies (RD CAPs) and Remote Desktop resource authorization policies (RD RAPs).</maml:para></maml:alertSet></maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To create a Remote Desktop Gateway server farm</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, point to <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Remote Desktop Gateway Manager</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the Remote Desktop Gateway Manager console tree, click to select the node that represents your RD Gateway server, which is named for the computer on which the RD Gateway server is running.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the results pane, under <maml:ui>Configuration Status</maml:ui>, click <maml:ui>Add RD Gateway server farm members</maml:ui> (if you have already added one or more RD Gateway servers to the server farm, the hyperlink title will appear as <maml:ui>View RD Gateway server farm members</maml:ui>). </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the <maml:ui>Properties</maml:ui> dialog box for the RD Gateway server, on the <maml:ui>Server Farm</maml:ui> tab, in the <maml:ui>RD Gateway server farm member</maml:ui> box, type the name of the RD Gateway server that you want to add to the farm, and then click <maml:ui>Add</maml:ui>.</maml:para>
<maml:alertSet class="note"><maml:title>Note </maml:title><maml:para>You can specify a NetBIOS name, a fully qualified domain name (FQDN), or an IP address for each RD Gateway server when you add it to the farm, but the name must match the name for the RD Gateway server that is used in Active Directory Domain Services. </maml:para></maml:alertSet>
<maml:para>After you click <maml:ui>Add</maml:ui>, the RD Gateway server name will appear under <maml:ui>Remote Desktop Gateway server farm status</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Repeat step 4 as needed, making sure that you add the names of all the other members of the RD Gateway server farm, and that you include the name of the local RD Gateway server. The list of RD Gateway server farm members must be identical on each RD Gateway server in the farm.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Click <maml:ui>OK</maml:ui>.</maml:para>
</maml:section></maml:sections></maml:step></maml:procedure>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional considerations</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para>RD Gateway will interoperate with Network Load Balancing or non-Microsoft load-balancing devices for load balancing. </maml:para></maml:listItem>
<maml:listItem><maml:para>In a load-balanced environment, RD Gateway servers are grouped into farms, with each farm being represented to Remote Desktop Services clients as a single computer name with one IP address. </maml:para></maml:listItem></maml:list></maml:introduction></maml:section>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Configuring the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=5e9559f6-9f0d-4cde-92bc-7e566b446e3a"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Checklist: Configure Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=c9d598e5-8658-4485-b764-4c971ce5cb73"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Open the Remote Desktop Gateway Manager</maml:linkText><maml:uri href="mshelp://windows/?id=27cc58c3-b4bf-4953-bc6c-bc94ec780f73"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Modify or Remove an RD RAP</maml:title><maml:introduction>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para>
</maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To modify or remove an RD RAP</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, point to <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Remote Desktop Gateway Manager</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the Remote Desktop Gateway Manager console tree, click to expand the node that represents the local RD Gateway server, which is named for the computer on which the RD Gateway server is running. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the console tree, expand <maml:ui>Policies</maml:ui>, and then click <maml:ui>Resource Authorization Policies</maml:ui>. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the results pane, in the list of Remote Desktop resource authorization policies (RD RAPs), click the name of the RD RAP that you want to modify or remove.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>With the name of the RD RAP selected, do one of the following: </maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>To modify the RD RAP, right-click the RD RAP, click <maml:ui>Properties</maml:ui>, modify settings as needed, and then click <maml:ui>OK</maml:ui>.</maml:para></maml:listItem>
<maml:listItem><maml:para>To remove the RD RAP, right-click the RD RAP, and then click <maml:ui>Delete</maml:ui>. When prompted to confirm whether you want to delete the RD RAP, click <maml:ui>Yes</maml:ui>. </maml:para></maml:listItem></maml:list>
</maml:section></maml:sections></maml:step></maml:procedure>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Manage Remote Desktop Resource Authorization Policies (RD RAPs)</maml:linkText><maml:uri href="mshelp://windows/?id=501642ca-dcd6-475b-bd4b-373a09966de2"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Checklist: Configure Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=c9d598e5-8658-4485-b764-4c971ce5cb73"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Understanding Authorization Policies for Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=9febb447-fd0a-4de8-aa8c-3e0b3df813c4"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Open the Remote Desktop Gateway Manager</maml:linkText><maml:uri href="mshelp://windows/?id=27cc58c3-b4bf-4953-bc6c-bc94ec780f73"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Enable or Disable Credential Sharing for Connections Through Remote Desktop Gateway</maml:title><maml:introduction>
<maml:para>For users to connect to internal network resources (computers) through RD Gateway, two levels of authentication are required. The first level of authentication must occur successfully for users to connect to the RD Gateway server. The second level of authentication must occur successfully for users to connect to remote computers (internal network computers). For each level of authentication, users are prompted for credentials, unless one or more of the following credentials are available to the users:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>Locally-logged on credentials</maml:para></maml:listItem>
<maml:listItem><maml:para>Saved credentials</maml:para></maml:listItem>
<maml:listItem><maml:para>Shared credentials</maml:para></maml:listItem></maml:list>
<maml:alertSet class="note"><maml:title>Note </maml:title><maml:para>Credential sharing is available with the Remote Desktop Connection (RDC) 6.1 client. RDC 6.1 supports Remote Desktop Protocol 6.1.</maml:para></maml:alertSet>
<maml:para>When credential sharing is enabled, users can enter the same set of credentials for authenticating to both the RD Gateway server and the remote computer. In this case, the user is prompted to provide credentials only once.</maml:para>
<maml:para>By default, credential sharing is enabled for RD Gateway, but you can disable credential sharing if the security policies of your organization require that you do so. You can enable or disable credential sharing in either of the following two ways:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>Editing connection settings on the Remote Desktop Services client (Remote Desktop Connection). On the client, the credential sharing setting is configured by selecting or clearing the <maml:ui>Use my RD Gateway credentials for the remote computer</maml:ui> check box, as described later in this topic.</maml:para></maml:listItem>
<maml:listItem><maml:para>Editing RDP file settings. In the RDP file, the credential sharing setting is configured by adding or modifying the <maml:userInput>PromptCredentialOnce:i</maml:userInput> line, as described later in this topic.</maml:para></maml:listItem></maml:list>
<maml:para>If credential sharing is enabled, when users attempt to connect to a computer through RD Gateway, a <maml:ui>Windows Security</maml:ui> dialog box appears that prompts users once for credentials and informs them that the credentials that they provide will be used to connect to both the RD Gateway server and the remote computer (the internal network computer). The names of both computers are noted in the <maml:ui>Windows Security</maml:ui> dialog box. </maml:para>
<maml:para>The <maml:ui>Windows Security</maml:ui> dialog box also includes the <maml:ui>Remember my credentials</maml:ui> check box. If users select this check box after they supply their credentials, their credentials will be saved both for the RD Gateway server and the remote computer. The same credentials will be used in subsequent connections to the same RD Gateway server and remote computer.</maml:para>
<maml:alertSet class="important"><maml:title>Important </maml:title><maml:alert>The <maml:ui>Remember my credentials</maml:ui> setting is ignored in either of the following cases: if users have already saved their credentials, or if the Group Policy setting to allow users to specify their locally logged-on credentials for RD Gateway is enabled. </maml:alert><maml:alert>When users have saved their credentials, during their next connection attempt to the same RD Gateway server and remote computer, a message will appear in the <maml:ui>RD Gateway Server Settings</maml:ui> dialog box on the client stating that the saved credentials will be used to connect to the RD Gateway server. Users can edit or delete these credentials. (To open the <maml:ui>RD Gateway Server Settings</maml:ui> dialog box, on the client computer, in the <maml:ui>Remote Desktop Connection</maml:ui> dialog box, click <maml:ui>Options</maml:ui>, and then on the <maml:ui>Advanced</maml:ui> tab, in the <maml:ui>Connect from anywhere </maml:ui>area, click <maml:ui>Settings</maml:ui>.) </maml:alert><maml:alert>If you have enabled the Group Policy setting to allow users to specify their locally-logged on credentials for RD Gateway, when the user attempts the connection, a message will appear in the <maml:ui>RD Gateway Server Settings</maml:ui> dialog box that states that the credentials of the currently logged on user will be used to connect to the RD Gateway server. For information about how to enable the Group Policy setting to allow the use of locally-logged on credentials for RD Gateway, see <maml:navigationLink><maml:linkText>Set the Remote Desktop Gateway Server Authentication Method</maml:linkText><maml:uri href="mshelp://windows/?id=112c0ebd-f8db-4ab3-be74-f2865d91db37"></maml:uri></maml:navigationLink>. </maml:alert></maml:alertSet>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure.</maml:para>
</maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To edit client settings to enable or disable credential sharing</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Open the Remote Desktop Connection client. To open the Remote Desktop Connection client, click <maml:ui>Start</maml:ui>, point to <maml:ui>All Programs</maml:ui>, point to <maml:ui>Accessories</maml:ui>, and then click <maml:ui>Remote Desktop Connection</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the <maml:ui>Remote Desktop Connection</maml:ui> dialog box, click <maml:ui>Options</maml:ui> to expand the dialog box and view settings.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the <maml:ui>Advanced </maml:ui>tab, in the <maml:ui>Connect from anywhere</maml:ui> area, click <maml:ui>Settings</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the <maml:ui>RD Gateway Server Settings</maml:ui> dialog box, in the <maml:ui>Logon settings</maml:ui> area, select the <maml:ui>Use my RD Gateway credentials for the remote computer</maml:ui> check box. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Verify and configure additional client connection settings for RD Gateway as needed, and then click <maml:ui>OK </maml:ui>to close the dialog box. For information about how to configure additional client settings, see <maml:navigationLink><maml:linkText>Configure Remote Desktop Connection Settings for Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=13337aba-9d4f-4097-bd9b-33ed3567608c"></maml:uri></maml:navigationLink>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Do one of the following:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>To save the settings and close the <maml:ui>Remote Desktop Connection</maml:ui> dialog box, on the <maml:ui>General</maml:ui> tab, click <maml:ui>Save</maml:ui>, and then click <maml:ui>Cancel</maml:ui>. The settings will be saved as an RDP file to a default location (by default, the file is saved to Drive:\<<maml:replaceable>Username</maml:replaceable>>\Documents).</maml:para></maml:listItem>
<maml:listItem><maml:para>To save the RDP file to a specified location (you can customize and distribute the file later to multiple clients as needed), click <maml:ui>Save As</maml:ui>. In the <maml:ui>Save As</maml:ui> dialog box, in the <maml:ui>File name</maml:ui> box, specify the file name and location, and then click <maml:ui>Save</maml:ui>.</maml:para></maml:listItem></maml:list>
</maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>To proceed with a connection to an internal network resource, on the <maml:ui>General</maml:ui> tab, configure the settings under <maml:ui>Logon settings</maml:ui> as needed, click <maml:ui>Save</maml:ui>, click <maml:ui>Connect</maml:ui>, and then enter your credentials when prompted.</maml:para>
</maml:section></maml:sections></maml:step></maml:procedure>
<maml:para>Alternatively, as mentioned, you can edit settings directly in the RDP file.</maml:para>
<maml:procedure><maml:title>To edit an RDP file to enable or disable credential sharing</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>Open the RDP file that you want to edit by using a text editor, such as Notepad.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>Do one of the following:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>To disable credential sharing, add the following line (or ensure that any existing <maml:userInput>PromptCredentialOnce:i</maml:userInput> line appears as follows): <maml:userInput>PromptCredentialOnce:i:0</maml:userInput></maml:para></maml:listItem>
<maml:listItem><maml:para>To re-enable credential sharing, edit the <maml:userInput>PromptCredentialOnce:i</maml:userInput> line so that it appears as follows: <maml:userInput>PromptCredentialOnce:i:1</maml:userInput></maml:para></maml:listItem></maml:list>
</maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Save and then close the file.</maml:para></maml:section></maml:sections></maml:step></maml:procedure>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Configure Remote Desktop Connection Settings for Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=13337aba-9d4f-4097-bd9b-33ed3567608c"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Checklist: Configure Remote Desktop Gateway</maml:title><maml:introduction>
<maml:para>This checklist lists the tasks that you need to complete to successfully configure RD Gateway for the RD Gateway core scenario. This scenario enables you to configure an RD Gateway server so that a remote user can access an internal corporate or private network resource over the Internet, through the RD Gateway server. In this scenario, an internal network resource can be a Remote Desktop Session Host (RD Session Host) server, an RD Session Host server running RemoteApp programs, or a computer with Remote Desktop enabled.</maml:para>
<maml:table>
<maml:tableHeader>
<maml:row>
<maml:entry><maml:para>Task</maml:para></maml:entry>
<maml:entry><maml:para>Reference</maml:para></maml:entry></maml:row></maml:tableHeader>
<maml:row>
<maml:entry><maml:para>Install the Remote Desktop Gateway role service.</maml:para></maml:entry>
<maml:entry><maml:para><maml:navigationLink><maml:linkText>Install the Remote Desktop Gateway Role Service</maml:linkText><maml:uri href="mshelp://windows/?id=1526d6c4-e87b-465e-9f5e-2b31680ea4f5"></maml:uri></maml:navigationLink></maml:para></maml:entry></maml:row>
<maml:row>
<maml:entry><maml:para>Obtain a certificate for the RD Gateway server.</maml:para></maml:entry>
<maml:entry><maml:para><maml:navigationLink><maml:linkText>Obtain a Certificate for the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=3dc83152-acbf-4bf7-a4c2-58dfeab1c63d"></maml:uri></maml:navigationLink></maml:para></maml:entry></maml:row>
<maml:row>
<maml:entry><maml:para>Create a Remote Desktop connection authorization policy (RD CAP).</maml:para></maml:entry>
<maml:entry><maml:para><maml:navigationLink><maml:linkText>Create an RD CAP</maml:linkText><maml:uri href="mshelp://windows/?id=19335e57-6a8e-433e-ad47-33bb755483ec"></maml:uri></maml:navigationLink></maml:para></maml:entry></maml:row>
<maml:row>
<maml:entry><maml:para>Create a Remote Desktop resource authorization policy (RD RAP).</maml:para></maml:entry>
<maml:entry><maml:para><maml:navigationLink><maml:linkText>Create an RD RAP</maml:linkText><maml:uri href="mshelp://windows/?id=f90e0f61-e72e-46d1-a179-1d912ded2757"></maml:uri></maml:navigationLink></maml:para></maml:entry></maml:row>
<maml:row>
<maml:entry><maml:para>Configure the Remote Desktop Services client for RD Gateway.</maml:para></maml:entry>
<maml:entry><maml:para><maml:navigationLink><maml:linkText>Configuring the Remote Desktop Services Client for Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=7a03804c-b3cb-44f1-bacd-aec78ba0b3a4"></maml:uri></maml:navigationLink></maml:para></maml:entry></maml:row></maml:table>
<maml:para>For more information about RD Gateway, see the Remote Desktop Services page on the Windows Server 2008 R2 TechCenter (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=140433</maml:linkText><maml:uri href=" http://go.microsoft.com/fwlink/?LinkId=140433"></maml:uri></maml:navigationLink>).</maml:para></maml:introduction><maml:content><maml:sections></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Import a Certificate into Remote Desktop Gateway Server</maml:title><maml:introduction>
<maml:para>After you obtain a certificate, use this procedure to install the certificate in the correct store on the RD Gateway server, if the certificate is not already installed. Completing this procedure installs the certificate into the appropriate certificate store, and imports the certificate for the RD Gateway server. </maml:para>
<maml:alertSet class="note"><maml:title>Note </maml:title><maml:para>This procedure is not required if you created a self-signed certificate for RD Gateway by either selecting the <maml:ui>Create a self-signed certificate for SSL encryption</maml:ui> option when using the Add Remove Roles Wizard to install RD Gateway, or by selecting the <maml:ui>Create a self-signed certificate</maml:ui> option as described in <maml:navigationLink><maml:linkText>Create a Self-Signed Certificate for the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=64c82f36-c887-44af-997a-63063aa36136"></maml:uri></maml:navigationLink> after installing RD Gateway. In either case, a certificate is automatically created, installed in the correct location on the RD Gateway server, and mapped to the RD Gateway server. </maml:para></maml:alertSet>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para></maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To install a certificate on the Remote Desktop Gateway server</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, point to <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Remote Desktop Gateway Manager</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the Remote Desktop Gateway Manager console tree, right-click the local RD Gateway server, and then click <maml:ui>Properties</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the <maml:ui>Properties</maml:ui> dialog box for the RD Gateway server, on the <maml:ui>SSL Certificate</maml:ui> tab, click <maml:ui>Import a certificate into the RD Gateway</maml:ui><maml:replaceable><RD Gateway Server Name></maml:replaceable><maml:ui> Certificates (Local Computer)/Personal store</maml:ui>, where <maml:replaceable><RD Gateway Server Name></maml:replaceable> is the name for the computer on which the RD Gateway server is running.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Click <maml:ui>Browse and Import Certificate</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the <maml:ui>Open</maml:ui> dialog box, click the certificate that you want to use, and then click <maml:ui>Open</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the <maml:ui>Enter Private Key Password</maml:ui> dialog box, in the <maml:ui>Private key password</maml:ui> box, enter the password for the certificate, and then click <maml:ui>OK</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the <maml:ui>Certificate Import</maml:ui> dialog box, click <maml:ui>OK</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Click <maml:ui>OK</maml:ui> to close the <maml:ui>Properties</maml:ui> dialog box for the RD Gateway server.</maml:para>
<maml:para>If this is the first time that you have mapped the RD Gateway certificate, after the certificate mapping is completed, you can verify that the mapping was successful by viewing the <maml:ui>RD Gateway Server Status</maml:ui> area in Remote Desktop Gateway Manager. Under <maml:ui>Configuration Status</maml:ui> and <maml:ui>Configuration Tasks</maml:ui>, the warning stating that a server certificate is not yet installed or selected and the <maml:ui>View or modify certificate properties</maml:ui> hyperlink are no longer displayed.</maml:para></maml:section></maml:sections></maml:step></maml:procedure></maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Configure a Certificate for the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=c1066750-4cd7-41dc-ab9c-a7bbc8959a7c"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Obtain a Certificate for the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=3dc83152-acbf-4bf7-a4c2-58dfeab1c63d"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Create a Self-Signed Certificate for the Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=64c82f36-c887-44af-997a-63063aa36136"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Checklist: Configure Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=c9d598e5-8658-4485-b764-4c971ce5cb73"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list></maml:introduction></maml:section>
</maml:sections></maml:section></maml:sections></maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>View Details About Active Connections Through a Remote Desktop Gateway Server</maml:title><maml:introduction>
<maml:para>You can use Remote Desktop Gateway Manager to view information about active connections from Remote Desktop Services clients to internal network resources (computers) through RD Gateway. For more information about the details that are displayed for active connections, see <maml:navigationLink><maml:linkText>Understanding Details About Active Connections Through a Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=0c78c3f1-545e-416c-a0bc-4c8347d917db"></maml:uri></maml:navigationLink>. </maml:para>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para>
</maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To view details about active connections through a Remote Desktop Gateway server</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, point to <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Remote Desktop Gateway Manager</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the Remote Desktop Gateway Manager console tree, click to expand the node that represents your RD Gateway server, which is named for the computer on which the RD Gateway server is running. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the console tree, click <maml:ui>Monitoring</maml:ui>.</maml:para>
<maml:para>The Remote Desktop Gateway Manager results pane displays a summary of the number of connections from remote users to computers on the internal network. Specific connections, if any, are listed below the summary.</maml:para>
<maml:para>When you click a connection, the connection details appear in the lower pane. If necessary, you can disconnect a specific connection or all RD Gateway connections for a user. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>To refresh the display of connection status, in the <maml:ui>Actions</maml:ui> pane, click <maml:ui>Refresh</maml:ui>. </maml:para></maml:section></maml:sections></maml:step></maml:procedure>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Monitoring a Remote Desktop Gateway Server for Connection Status and Reporting</maml:linkText><maml:uri href="mshelp://windows/?id=fb2cccec-2d8b-4225-a406-e3933f992851"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Open the Remote Desktop Gateway Manager</maml:linkText><maml:uri href="mshelp://windows/?id=27cc58c3-b4bf-4953-bc6c-bc94ec780f73"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Specify Remote Desktop Gateway Events to Log</maml:title><maml:introduction>
<maml:para>By using Remote Desktop Gateway Manager, you can specify the types of events that you want to monitor, such as unsuccessful or successful connection attempts to internal network resources (computers) through an RD Gateway server. </maml:para>
<maml:para>When these events occur, you can monitor the corresponding events by using Windows Event Viewer. RD Gateway server events are stored in Event Viewer under <maml:ui>Application and Services Logs\Microsoft\Windows\Terminal Services-Gateway\</maml:ui>. </maml:para>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para>
</maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To specify Remote Desktop Gateway events to log</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, point to <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Remote Desktop Gateway Manager</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the Remote Desktop Gateway Manager console tree, right-click the local RD Gateway server, and then click <maml:ui>Properties</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the <maml:ui>Auditing</maml:ui> tab, select or clear the appropriate check boxes to specify the events that you want to monitor for RD Gateway. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Click <maml:ui>OK</maml:ui>. </maml:para></maml:section></maml:sections></maml:step></maml:procedure>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Monitoring a Remote Desktop Gateway Server for Connection Status and Reporting</maml:linkText><maml:uri href="mshelp://windows/?id=fb2cccec-2d8b-4225-a406-e3933f992851"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Open the Remote Desktop Gateway Manager</maml:linkText><maml:uri href="mshelp://windows/?id=27cc58c3-b4bf-4953-bc6c-bc94ec780f73"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Enable or Disable Client Device Redirection</maml:title><maml:introduction>
<maml:para>Remote Desktop connection authorization policies (RD CAPs) allow you to specify who can connect to an RD Gateway server. You can specify a user group that exists on the local RD Gateway server or in Active Directory Domain Services. Users are granted access to an RD Gateway server if they meet the conditions specified in the RD CAP.</maml:para>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para></maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To enable or disable client device redirection</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, point to <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Remote Desktop Gateway Manager</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the Remote Desktop Gateway Manager console tree, click to expand the node that represents the RD Gateway server, which is named for the computer on which the RD Gateway server is running. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the console tree, expand <maml:ui>Policies</maml:ui>, and then click <maml:ui>Connection Authorization Policies</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the results pane, right-click the RD CAP for which you want to enable or disable client device redirection, and then click <maml:ui>Properties</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>On the <maml:ui>Device Redirection</maml:ui> tab, select one of the following options to enable or disable redirection for remote client devices:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>To permit all client devices to be redirected when connecting through the RD Gateway server, click <maml:ui>Enable device redirection for all client devices</maml:ui>. By default, this option is selected.</maml:para></maml:listItem>
<maml:listItem><maml:para>To disable device redirection for only certain device types when connecting through the RD Gateway server, click <maml:ui>Disable device redirection for the following client device types</maml:ui>, and then select the check boxes that correspond to the client device types for which device redirection should be disabled.</maml:para></maml:listItem></maml:list></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>To only allow client connection to servers that enforce secure device redirection, on the <maml:ui>Device Redirection</maml:ui> tab, select the <maml:ui>Only allow client connections to Remote Desktop Session Host servers that enforce RD Gateway device redirection</maml:ui> check box.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Click <maml:ui>OK</maml:ui>.</maml:para></maml:section></maml:sections></maml:step></maml:procedure>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Manage Remote Desktop Connection Authorization Policies (RD CAPs)</maml:linkText><maml:uri href="mshelp://windows/?id=a870bc9f-02a2-4767-9ada-3d0241e38bd0"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Checklist: Configure Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=c9d598e5-8658-4485-b764-4c971ce5cb73"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Understanding Authorization Policies for Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=9febb447-fd0a-4de8-aa8c-3e0b3df813c4"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Open the Remote Desktop Gateway Manager</maml:linkText><maml:uri href="mshelp://windows/?id=27cc58c3-b4bf-4953-bc6c-bc94ec780f73"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections></maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Specify an Existing Local or Central RD CAP Store</maml:title><maml:introduction>
<maml:para>Remote Desktop connection authorization policies (RD CAPs) allow you to specify who can connect to an RD Gateway server. You can specify a local RD CAP store (RD CAPs that are stored on the RD Gateway server) or a central RD CAP store [RD CAPs that are stored on a central server that is running Network Policy Server (NPS), formerly known as a Remote Authentication Dial-In User Service (RADIUS) server]. </maml:para>
<maml:para>This procedure describes how to specify an existing local or central RD CAP store. Alternatively, you can create a new local RD CAP or you can specify a new central RD CAP store. For more information, see <maml:navigationLink><maml:linkText>Create an RD CAP</maml:linkText><maml:uri href="mshelp://windows/?id=19335e57-6a8e-433e-ad47-33bb755483ec"></maml:uri></maml:navigationLink> or <maml:navigationLink><maml:linkText>Specify a New Central RD CAP Store</maml:linkText><maml:uri href="mshelp://windows/?id=3073bf53-86a6-45df-9e65-d86eccaadf40"></maml:uri></maml:navigationLink>. Centrally stored RD CAPs are stored on servers running NPS.</maml:para>
<maml:alertSet class="important"><maml:title>Important </maml:title><maml:para>If you have not done so already, you must also create a Remote Desktop resource authorization policy (RD RAP). </maml:para></maml:alertSet>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para>
</maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To specify an existing local or central RD CAP store</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, point to <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Remote Desktop Gateway Manager</maml:ui>.</maml:para>
</maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the Remote Desktop Gateway Manager console tree, right-click the local RD Gateway server, and then click <maml:ui>Properties</maml:ui>. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>In the <maml:ui>Properties</maml:ui> dialog box for the RD Gateway server, on the <maml:ui>RD CAP Store</maml:ui> tab, do one of the following:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>To specify a local RD CAP store, click <maml:ui>Local server running NPS</maml:ui>, and then click <maml:ui>OK</maml:ui>.</maml:para></maml:listItem>
<maml:listItem><maml:para>To specify a central RD CAP store, click <maml:ui>Central server running NPS</maml:ui>, click the name of the server running NPS that you want, and then click <maml:ui>OK</maml:ui>. </maml:para>
<maml:para>If you specify a central RD CAP store, you must also ensure that settings and policies are configured as needed on the central server running NPS. For more information about RD Gateway, see the Remote Desktop Services page on the Windows Server 2008 R2 TechCenter (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=140433</maml:linkText><maml:uri href=" http://go.microsoft.com/fwlink/?LinkId=140433"></maml:uri></maml:navigationLink>).</maml:para></maml:listItem></maml:list>
</maml:section></maml:sections></maml:step></maml:procedure>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional considerations</maml:title><maml:introduction>
<maml:para>You can remove or change the shared secret for a central RD CAP store. For information, see <maml:navigationLink><maml:linkText>Remove a Server Running NPS or Change a Server Shared Secret for a Centrally Stored RD CAP</maml:linkText><maml:uri href="mshelp://windows/?id=fe6baab3-414b-4069-8f80-0b4c534bb830"></maml:uri></maml:navigationLink>.</maml:para>
</maml:introduction></maml:section>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Manage Remote Desktop Connection Authorization Policies (RD CAPs)</maml:linkText><maml:uri href="mshelp://windows/?id=a870bc9f-02a2-4767-9ada-3d0241e38bd0"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Checklist: Configure Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=c9d598e5-8658-4485-b764-4c971ce5cb73"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Understanding Authorization Policies for Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=9febb447-fd0a-4de8-aa8c-3e0b3df813c4"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Open the Remote Desktop Gateway Manager</maml:linkText><maml:uri href="mshelp://windows/?id=27cc58c3-b4bf-4953-bc6c-bc94ec780f73"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Enable SSL Bridging on the Remote Desktop Gateway Server</maml:title><maml:introduction>
<maml:para>To enhance security for an RD Gateway server, you can configure Microsoft Internet Security and Acceleration (ISA) Server or a non-Microsoft product to function as a Secure Sockets Layer (SSL) bridging device. The SSL bridging device can enhance security by terminating SSL sessions, inspecting packets, and re-establishing SSL sessions. </maml:para>
<maml:para>You can configure ISA Server communication with the RD Gateway server in either of the two following ways: </maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:phrase>HTTPS-HTTPS bridging.</maml:phrase> In this configuration, the RD Gateway client initiates an SSL (HTTPS) request to the SSL bridging device. The SSL bridging device initiates a new HTTPS request to the RD Gateway server, for maximum security. </maml:para></maml:listItem>
<maml:listItem><maml:para><maml:phrase>HTTPS-HTTP bridging.</maml:phrase> In this configuration, the RD Gateway client initiates an SSL (HTTPS) request to the SSL bridging device. The SSL bridging device initiates a new HTTP request to the RD Gateway server.</maml:para></maml:listItem></maml:list>
<maml:para>To use HTTPS-HTTPS or HTTPS-HTTP bridging, you must enable the <maml:ui>Use SSL Bridging</maml:ui> setting on the RD Gateway server, as described in this procedure.</maml:para>
<maml:alertSet class="important"><maml:title>Important </maml:title><maml:para>To use an SSL bridging device with RD Gateway, you must also enable external SSL termination on the SSL bridging device that you plan to use and you must configure it to connect to the RD Gateway server. For detailed instructions about configuring ISA Server for use as an external SSL bridging device for RD Gateway, see the Remote Desktop Services page on the Windows Server 2008 R2 TechCenter (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=140433</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=140433"></maml:uri></maml:navigationLink>).</maml:para></maml:alertSet>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para>
</maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To enable HTTPS-HTTP bridging on the Remote Desktop Gateway server</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, point to <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Remote Desktop Gateway Manager</maml:ui>.</maml:para>
</maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>In the Remote Desktop Gateway Manager console tree, right-click the local RD Gateway server, and then click <maml:ui>Properties</maml:ui>.</maml:para>
</maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>In the <maml:ui>Properties</maml:ui> dialog box for the RD Gateway server, on the <maml:ui>SSL Bridging </maml:ui>tab, select the <maml:ui>Use SSL bridging</maml:ui> check box, click <maml:ui>HTTPS-HTTP bridging (terminate SSL requests and initiate new HTTP requests)</maml:ui>, and then click <maml:ui>OK</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>In the <maml:ui>RD Gateway</maml:ui> dialog box, select one of the following options: </maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>To recycle the default application pool now, click <maml:ui>Yes</maml:ui>.</maml:para>
<maml:alertSet class="caution"><maml:title>Caution </maml:title><maml:para>You must recycle the default application pool of IIS for the SSL bridging settings to take effect. Selecting to recycle the IIS application pool containing RD Gateway will disconnect all active connections of all applications placed in this pool.</maml:para></maml:alertSet></maml:listItem>
<maml:listItem><maml:para>To recycle the default application pool manually later, click <maml:ui>No</maml:ui>.</maml:para></maml:listItem></maml:list>
<maml:para>If you are using ISA Server as the external SSL bridging device for RD Gateway, for more information see the Remote Desktop Services page on the Windows Server 2008 R2 TechCenter (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=140433</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=140433"></maml:uri></maml:navigationLink>).</maml:para>
</maml:section></maml:sections></maml:step></maml:procedure>
<maml:procedure><maml:title>To enable HTTPS-HTTPS bridging on the Remote Desktop Gateway server</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, point to <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Remote Desktop Gateway Manager</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the Remote Desktop Gateway Manager console tree, right-click the local RD Gateway server, and then click <maml:ui>Properties</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the <maml:ui>Properties</maml:ui> dialog box for the RD Gateway server, on the <maml:ui>SSL Bridging</maml:ui> tab, select the <maml:ui>Use SSL bridging</maml:ui> check box, click <maml:ui>HTTPS-HTTPS bridging (terminate SSL requests and initiate new HTTPS requests)</maml:ui>, and then click <maml:ui>OK</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the <maml:ui>RD Gateway</maml:ui> dialog box, select one of the following options: </maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>To recycle the default application pool now, click <maml:ui>Yes</maml:ui>.</maml:para>
<maml:alertSet class="caution"><maml:title>Caution </maml:title><maml:para>You must recycle the default application pool of IIS for the SSL bridging settings to take effect. Selecting to recycle the IIS application pool containing RD Gateway will disconnect all active connections of all applications placed in this pool.</maml:para></maml:alertSet></maml:listItem>
<maml:listItem><maml:para>To recycle the default application pool manually later, click <maml:ui>No</maml:ui>.</maml:para></maml:listItem></maml:list>
<maml:para>If you are using ISA Server as the external SSL bridging device for RD Gateway, for more information, see the Remote Desktop Services page on the Windows Server 2008 R2 TechCenter (<maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=140433</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=140433"></maml:uri></maml:navigationLink>).</maml:para>
</maml:section></maml:sections></maml:step></maml:procedure></maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Manage Remote Desktop Connection Authorization Policies (RD CAPs)</maml:linkText><maml:uri href="mshelp://windows/?id=a870bc9f-02a2-4767-9ada-3d0241e38bd0"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Checklist: Configure Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=c9d598e5-8658-4485-b764-4c971ce5cb73"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Open the Remote Desktop Gateway Manager</maml:linkText><maml:uri href="mshelp://windows/?id=27cc58c3-b4bf-4953-bc6c-bc94ec780f73"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections></maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Create an RD RAP</maml:title><maml:introduction>
<maml:para>Remote Desktop resource authorization policies (RD RAPs) allow you to specify the internal network resources (computers) that remote users can connect to through an RD Gateway server. </maml:para>
<maml:para>Remote users connecting to the network through an RD Gateway server are granted access to computers on the internal network if they meet the conditions specified in at least one RD CAP and one RD RAP.</maml:para>
<maml:alertSet class="note"><maml:title>Note </maml:title><maml:para>When you associate an RD Gateway-managed computer group with an RD RAP, you can support both fully qualified domain names (FQDNs) and NetBIOS names by adding both names to the RD Gateway-managed computer group separately. When you associate an Active Directory security group or an RD Session Host server farm with an RD RAP, both FQDNs and NetBIOS names are supported automatically if the internal network computer that the client is connecting to belongs to the same domain as the RD Gateway server. If the internal network computer belongs to a different domain than the RD Gateway server, users must specify the FQDN of the internal network computer.</maml:para></maml:alertSet>
<maml:para>This procedure describes how to use Remote Desktop Gateway Manager to create a custom RD RAP. Alternatively, you can use the Authorization Policies Wizard to quickly create an RD CAPand an RD RAP for RD Gateway. </maml:para>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para>
<maml:procedure><maml:title>To create an RD RAP</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, point to <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Remote Desktop Gateway Manager</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the Remote Desktop Gateway Manager console tree, click to expand the node that represents your RD Gateway server, which is named for the computer on which the RD Gateway server is running.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the console tree, expand <maml:ui>Policies</maml:ui>, and then click <maml:ui>Resource Authorization Policies</maml:ui>. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the console tree, right-click the <maml:ui>Resource Authorization Policies</maml:ui> folder, point to <maml:ui>Create New Policy</maml:ui>, and then click <maml:ui>Custom</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the <maml:ui>New RD RAP</maml:ui> dialog box, on the <maml:ui>General </maml:ui>tab, in the <maml:ui>Policy name</maml:ui> box, enter a name that is no longer than 64 characters.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the <maml:ui>Description</maml:ui> box, enter a description for the new RD RAP, and then verify that the <maml:ui>Enable this policy</maml:ui> check box is selected.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the <maml:ui>User Groups</maml:ui> tab, click <maml:ui>Add</maml:ui> to select the user groups to which you want this RD RAP to apply.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the <maml:ui>Select Groups</maml:ui> dialog box, specify the user group location and name, and then click <maml:ui>OK</maml:ui>. To specify more than one user group, do either of the following:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>Type the name of each user group, separating the name of each group with a semi-colon.</maml:para></maml:listItem>
<maml:listItem><maml:para>Add additional groups from different domains by repeating step 7 for each group.</maml:para></maml:listItem></maml:list></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the <maml:ui>Network Resource</maml:ui> tab, specify the computer group that users can connect to through RD Gateway. For information about how to create computer groups for RD Gateway, see <maml:navigationLink><maml:linkText>Specify Computers That Users Can Connect to Through Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=bf055f2f-8518-4666-8b5e-09e6e1f9d1f0"></maml:uri></maml:navigationLink>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the <maml:ui>Allowed Ports</maml:ui> tab, do one of the following to specify the port that Remote Desktop Services clients can use when connecting to computers through RD Gateway:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>To restrict the port that clients use to TCP port 3389, click <maml:ui>Allow connections only through TCP port 3389</maml:ui>. This is the default option.</maml:para></maml:listItem>
<maml:listItem><maml:para>To specify different ports through which clients can connect, click <maml:ui>Allow connections through these ports</maml:ui> and then enter the port number. If you are specifying more than one port, type the number for each port separated by a semi-colon.</maml:para></maml:listItem>
<maml:listItem><maml:para>To allow clients to connect through any port, click <maml:ui>Allow connections through any port</maml:ui>. </maml:para></maml:listItem></maml:list></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>Click <maml:ui>OK</maml:ui> to close the <maml:ui>New RD RAP</maml:ui> dialog box</maml:para>
<maml:para>The new RD RAP that you created appears in the Remote Desktop Gateway Manager results pane. When you click the name of the RD RAP, the policy details appear in the lower pane.</maml:para>
</maml:section></maml:sections></maml:step></maml:procedure></maml:introduction><maml:content><maml:sections><maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Manage Remote Desktop Resource Authorization Policies (RD RAPs)</maml:linkText><maml:uri href="mshelp://windows/?id=501642ca-dcd6-475b-bd4b-373a09966de2"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Checklist: Configure Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=c9d598e5-8658-4485-b764-4c971ce5cb73"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Understanding Authorization Policies for Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=9febb447-fd0a-4de8-aa8c-3e0b3df813c4"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Specify Computers That Users Can Connect to Through Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=bf055f2f-8518-4666-8b5e-09e6e1f9d1f0"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Open the Remote Desktop Gateway Manager</maml:linkText><maml:uri href="mshelp://windows/?id=27cc58c3-b4bf-4953-bc6c-bc94ec780f73"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list></maml:introduction></maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Monitoring a Remote Desktop Gateway Server for Connection Status and Reporting</maml:title><maml:introduction>
<maml:para>This section provides procedures for monitoring active connections from Remote Desktop Services clients to internal network resources (computers) through an RD Gateway server. The following topics are covered:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Specify Remote Desktop Gateway Events to Log</maml:linkText><maml:uri href="mshelp://windows/?id=ea539beb-93ee-441d-a565-2c630eb1a5f8"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>View Details About Active Connections Through a Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=e7c57c70-8381-4d1a-b37f-5fec9f734eb9"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Understanding Details About Active Connections Through a Remote Desktop Gateway Server</maml:linkText><maml:uri href="mshelp://windows/?id=0c78c3f1-545e-416c-a0bc-4c8347d917db"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Modify the Refresh Interval for Displaying Remote Desktop Gateway Connection Information</maml:linkText><maml:uri href="mshelp://windows/?id=4be82080-069d-4cb4-8633-5d1fd898e5cd"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction><maml:content><maml:sections></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Remove a Server Running NPS or Change a Server Shared Secret for a Centrally Stored RD CAP</maml:title><maml:introduction>
<maml:para>If you are changing the shared secret for a server that is running Network Policy Server (NPS) on which a central Remote Desktop connection authorization policy (RD CAP) is stored, keep in mind that you must use the same case-sensitive shared secret that you specified when configuring the RD Gateway server as a RADIUS client on the central server running NPS.</maml:para>
<maml:para>We also recommend that you do the following:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>Generate long shared secrets (more than 22 characters) comprised of a random sequence of letters, numbers, and punctuation.</maml:para></maml:listItem>
<maml:listItem><maml:para>Change the shared secret often.</maml:para></maml:listItem></maml:list>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para>
</maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To remove a server running NPS or change the shared secret for a server running NPS for a centrally stored RD CAP</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, point to <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Remote Desktop Gateway Manager</maml:ui>.</maml:para>
</maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>In the console tree, click to expand the node that represents the local RD Gateway server, which is named for the computer on which the RD Gateway server is running. </maml:para>
</maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>In the console tree, expand <maml:ui>Policies</maml:ui>, and then click <maml:ui>Central Network Policy Servers</maml:ui>.</maml:para>
</maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>In the results pane, in the list of central Network Policy Servers, click the name of the server running NPS that you want to remove or whose shared secret you want to modify.</maml:para>
</maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>On the <maml:ui>Action </maml:ui>menu, click <maml:ui>Configure Central RD CAP</maml:ui>.</maml:para>
</maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>In the <maml:ui>Properties</maml:ui> dialog box for the RD Gateway server, on the <maml:ui>RD CAP Store</maml:ui> tab, do either of the following:</maml:para>
<maml:list class="unordered">
<maml:listItem><maml:para>To remove a server that is running NPS, click the name of the server running NPS that you want to remove, and then click <maml:ui>Remove Server Running NPS</maml:ui>.</maml:para>
<maml:para>If only one server running NPS is specified and you remove it from the list, you must add another server running NPS to the list if you plan to use a centrally stored RD CAP.</maml:para></maml:listItem>
<maml:listItem><maml:para>To change the shared secret for a server running NPS, click the name of the server running NPS for which you want to change the shared secret, and then click <maml:ui>Change Shared Secret</maml:ui>. In the <maml:ui>Shared Secret</maml:ui> dialog box, enter a new shared secret in the <maml:ui>Enter a new shared secret</maml:ui> box, and then click <maml:ui>OK</maml:ui>.</maml:para></maml:listItem></maml:list>
</maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>Click <maml:ui>OK</maml:ui> to close the <maml:ui>Properties</maml:ui> dialog box for the RD Gateway server.</maml:para>
</maml:section></maml:sections></maml:step></maml:procedure>
</maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Manage Remote Desktop Connection Authorization Policies (RD CAPs)</maml:linkText><maml:uri href="mshelp://windows/?id=a870bc9f-02a2-4767-9ada-3d0241e38bd0"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Checklist: Configure Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=c9d598e5-8658-4485-b764-4c971ce5cb73"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Understanding Authorization Policies for Remote Desktop Gateway</maml:linkText><maml:uri href="mshelp://windows/?id=9febb447-fd0a-4de8-aa8c-3e0b3df813c4"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Open the Remote Desktop Gateway Manager</maml:linkText><maml:uri href="mshelp://windows/?id=27cc58c3-b4bf-4953-bc6c-bc94ec780f73"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections>
</maml:section></maml:sections></maml:content></maml:conceptual><maml:conceptual contentType="conceptual" xmlns:maml="http://schemas.microsoft.com/maml/2004/10" xmlns:dev="http://schemas.microsoft.com/maml/dev/2004/10"><maml:title>Enable or Disable an RD RAP</maml:title><maml:introduction>
<maml:para>Membership in the local <maml:ui>Administrators</maml:ui> group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at <maml:navigationLink><maml:linkText>http://go.microsoft.com/fwlink/?LinkId=83477</maml:linkText><maml:uri href="http://go.microsoft.com/fwlink/?LinkId=83477"></maml:uri></maml:navigationLink>.</maml:para>
</maml:introduction><maml:content><maml:sections><maml:section><maml:title></maml:title><maml:introduction>
<maml:procedure><maml:title>To enable or disable an RD RAP</maml:title><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click <maml:ui>Start</maml:ui>, point to <maml:ui>Administrative Tools</maml:ui>, point to <maml:ui>Remote Desktop Services</maml:ui>, and then click <maml:ui>Remote Desktop Gateway Manager</maml:ui>.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the Remote Desktop Gateway Manager console tree, click to expand the node that represents the local RD Gateway server, which is named for the computer on which the RD Gateway server is running.</maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title><maml:para>In the console tree, expand <maml:ui>Policies</maml:ui>, and then click <maml:ui>Resource Authorization Policies</maml:ui>. </maml:para></maml:section></maml:sections></maml:step><maml:step><maml:sections><maml:section><maml:title></maml:title>
<maml:para>In the results pane, in the list of RD RAPs, right-click the RD RAP that you want to enable or disable, and then click <maml:ui>Enable</maml:ui> or <maml:ui>Disable</maml:ui>.</maml:para></maml:section></maml:sections></maml:step></maml:procedure></maml:introduction>
<maml:sections>
<maml:section><maml:title></maml:title><maml:introduction></maml:introduction>
<maml:sections>
<maml:section>
<maml:title>Additional references</maml:title><maml:introduction>
<maml:list class="unordered">
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Manage Remote Desktop Resource Authorization Policies (RD RAPs)</maml:linkText><maml:uri href="mshelp://windows/?id=501642ca-dcd6-475b-bd4b-373a09966de2"></maml:uri></maml:navigationLink></maml:para></maml:listItem>
<maml:listItem><maml:para><maml:navigationLink><maml:linkText>Open the Remote Desktop Gateway Manager</maml:linkText><maml:uri href="mshelp://windows/?id=27cc58c3-b4bf-4953-bc6c-bc94ec780f73"></maml:uri></maml:navigationLink></maml:para></maml:listItem></maml:list>
</maml:introduction></maml:section></maml:sections></maml:section></maml:sections></maml:section></maml:sections></maml:content></maml:conceptual><?xml version="1.0" encoding="utf-8"?>
<HelpCollection Id="ts_gateway" DTDVersion="1.0" FileVersion="" LangId="1033" Copyright="© 2005 Microsoft Corporation. All rights reserved." Title="Remote Desktop Gateway Manager" xmlns="http://schemas.microsoft.com/help/collection/2004/11">
<CompilerOptions CompileResult="H1S" CreateFullTextIndex="Yes" BreakerId="Microsoft.NLG.en.WordBreaker">
<IncludeFile File="ts_gateway.H1F" />
</CompilerOptions>
<TOCDef File="ts_gateway.H1T" Id="ts_gateway_TOC" />
<VTopicDef File="ts_gateway.H1V" />
<KeywordIndexDef File="ts_gateway_AssetId.H1K" />
<KeywordIndexDef File="ts_gateway_BestBet.H1K" />
<KeywordIndexDef File="ts_gateway_LinkTerm.H1K" />
<KeywordIndexDef File="ts_gateway_SubjectTerm.H1K" />
<ItemMoniker Name="!DefaultTOC" ProgId="HxDs.HxHierarchy" InitData="AnyString" />
<ItemMoniker Name="!DefaultFullTextSearch" ProgId="HxDs.HxFullTextSearch" InitData="AnyString" />
<ItemMoniker Name="!DefaultAssetIdIndex" ProgId="HxDs.HxIndex" InitData="AssetId" />
<ItemMoniker Name="!DefaultBestBetIndex" ProgId="HxDs.HxIndex" InitData="BestBet" />
<ItemMoniker Name="!DefaultAssociativeIndex" ProgId="HxDs.HxIndex" InitData="LinkTerm" />
<ItemMoniker Name="!DefaultKeywordIndex" ProgId="HxDs.HxIndex" InitData="SubjectTerm" />
</HelpCollection><?xml version="1.0" encoding="utf-8"?>
<HelpFileList xmlns="http://schemas.microsoft.com/help/filelist/2004/11">
<File Url="assets\0c78c3f1-545e-416c-a0bc-4c8347d917db.xml" />
<File Url="assets\108df0e7-74d7-475f-8220-bd4ada9b241a.xml" />
<File Url="assets\112c0ebd-f8db-4ab3-be74-f2865d91db37.xml" />
<File Url="assets\11b0b5ae-7286-4dba-b328-5858565d7db6.xml" />
<File Url="assets\13337aba-9d4f-4097-bd9b-33ed3567608c.xml" />
<File Url="assets\1526d6c4-e87b-465e-9f5e-2b31680ea4f5.xml" />
<File Url="assets\165e9dd2-8b57-4825-8a88-f806e9725cc3.xml" />
<File Url="assets\175febeb-aab7-4a34-9b74-08cf92517b8d.xml" />
<File Url="assets\19335e57-6a8e-433e-ad47-33bb755483ec.xml" />
<File Url="assets\1c0ef440-c144-4b2a-a32a-79b17b033879.xml" />
<File Url="assets\23dad170-8223-4409-b396-184326450888.xml" />
<File Url="assets\27cc58c3-b4bf-4953-bc6c-bc94ec780f73.xml" />
<File Url="assets\2caaafad-233f-47b6-b21d-12e2b027619b.xml" />
<File Url="assets\3073bf53-86a6-45df-9e65-d86eccaadf40.xml" />
<File Url="assets\3aceb57c-37ff-46ac-b545-148f8589c480.xml" />
<File Url="assets\3dc83152-acbf-4bf7-a4c2-58dfeab1c63d.xml" />
<File Url="assets\3e36b1a9-77b9-444f-aa47-4cc4132a2772.xml" />
<File Url="assets\496e8935-e910-4692-a465-f6c7b3cfda16.xml" />
<File Url="assets\4be82080-069d-4cb4-8633-5d1fd898e5cd.xml" />
<File Url="assets\4c15509d-daed-4b4a-bffa-28de41355bbf.xml" />
<File Url="assets\501642ca-dcd6-475b-bd4b-373a09966de2.xml" />
<File Url="assets\51ecc12f-21d6-43fb-968e-b49154913127.xml" />
<File Url="assets\5a8faf78-8f09-4436-bcd5-59cfcbd0d1fa.xml" />
<File Url="assets\5b54781e-4693-4998-83d7-d60271adfea1.xml" />
<File Url="assets\5bfdffa9-b05c-4c7b-8e77-07aa51a44af3.xml" />
<File Url="assets\5e9559f6-9f0d-4cde-92bc-7e566b446e3a.xml" />
<File Url="assets\5feddf36-b7d9-415e-81b8-c944f6bc3bc6.xml" />
<File Url="assets\6101f2ee-3ac2-4a80-a6ea-85cbd9141a08.xml" />
<File Url="assets\64c82f36-c887-44af-997a-63063aa36136.xml" />
<File Url="assets\68002f1c-6573-4d6d-bf76-9d7770925534.xml" />
<File Url="assets\6fa1b98d-0c8d-4f6b-bc7f-2cfc3b6080aa.xml" />
<File Url="assets\72965a27-d33a-4e6e-aeac-f8f6978ecd20.xml" />
<File Url="assets\77f9be0d-7b64-46db-902e-31c6ce81ab3e.xml" />
<File Url="assets\7a03804c-b3cb-44f1-bacd-aec78ba0b3a4.xml" />
<File Url="assets\7d9b8192-42bf-4d62-889f-584648806fc7.xml" />
<File Url="assets\80dccb05-7115-43be-a08a-30c9b7465899.xml" />
<File Url="assets\9bf8bd81-6bef-4bff-a976-db5e9fb3fcc4.xml" />
<File Url="assets\9febb447-fd0a-4de8-aa8c-3e0b3df813c4.xml" />
<File Url="assets\a870bc9f-02a2-4767-9ada-3d0241e38bd0.xml" />
<File Url="assets\afef1cdb-3d55-41bf-80af-a9c89c59d825.xml" />
<File Url="assets\bf055f2f-8518-4666-8b5e-09e6e1f9d1f0.xml" />
<File Url="assets\c1066750-4cd7-41dc-ab9c-a7bbc8959a7c.xml" />
<File Url="assets\c1acb922-d89a-4959-a436-5f844ad5acee.xml" />
<File Url="assets\c23912c7-372c-4dc4-974f-e84c097dcdee.xml" />
<File Url="assets\c7599759-3f3f-4c9f-8e45-9b6d79644d7d.xml" />
<File Url="assets\c9d598e5-8658-4485-b764-4c971ce5cb73.xml" />
<File Url="assets\d65ea2bf-6a7a-47a7-81f9-83c0322d0103.xml" />
<File Url="assets\e7c57c70-8381-4d1a-b37f-5fec9f734eb9.xml" />
<File Url="assets\ea539beb-93ee-441d-a565-2c630eb1a5f8.xml" />
<File Url="assets\edfd6893-e723-44ef-a0d3-94063897bcb3.xml" />
<File Url="assets\f6b86bd9-d865-45e1-9c71-fe9fa9dbd1aa.xml" />
<File Url="assets\f7bb15f8-f7f9-414a-af98-c845e4237646.xml" />
<File Url="assets\f90e0f61-e72e-46d1-a179-1d912ded2757.xml" />
<File Url="assets\fb2cccec-2d8b-4225-a406-e3933f992851.xml" />
<File Url="assets\fe6baab3-414b-4069-8f80-0b4c534bb830.xml" />
<File Url="assets\ffbf3b3d-c4cb-4e9e-b84c-2d0bc6208ba2.xml" />
</HelpFileList><?xml version="1.0" encoding="utf-8"?>
<VTopicSet DTDVersion="1.0" xmlns="http://schemas.microsoft.com/help/vtopic/2004/11">
<Vtopic Url="assets\0c78c3f1-545e-416c-a0bc-4c8347d917db.xml" RLTitle="Understanding Details About Active Connections Through a Remote Desktop Gateway Server">
<Attr Name="assetid" Value="0c78c3f1-545e-416c-a0bc-4c8347d917db" />
<Keyword Index="AssetId" Term="0c78c3f1-545e-416c-a0bc-4c8347d917db" />
<Keyword Index="AssetId" Term="0c78c3f1-545e-416c-a0bc-4c8347d917db1033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="0c78c3f1-545e-416c-a0bc-4c8347d917db" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\108df0e7-74d7-475f-8220-bd4ada9b241a.xml" RLTitle="Understanding Requirements for Connecting to a Remote Desktop Gateway Server">
<Attr Name="assetid" Value="108df0e7-74d7-475f-8220-bd4ada9b241a" />
<Keyword Index="AssetId" Term="108df0e7-74d7-475f-8220-bd4ada9b241a" />
<Keyword Index="AssetId" Term="108df0e7-74d7-475f-8220-bd4ada9b241a1033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="108df0e7-74d7-475f-8220-bd4ada9b241a" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\112c0ebd-f8db-4ab3-be74-f2865d91db37.xml" RLTitle="Set the Remote Desktop Gateway Server Authentication Method">
<Attr Name="assetid" Value="112c0ebd-f8db-4ab3-be74-f2865d91db37" />
<Keyword Index="AssetId" Term="112c0ebd-f8db-4ab3-be74-f2865d91db37" />
<Keyword Index="AssetId" Term="112c0ebd-f8db-4ab3-be74-f2865d91db371033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="112c0ebd-f8db-4ab3-be74-f2865d91db37" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\11b0b5ae-7286-4dba-b328-5858565d7db6.xml" RLTitle="Remove Members of a Remote Desktop Gateway Server Farm">
<Attr Name="assetid" Value="11b0b5ae-7286-4dba-b328-5858565d7db6" />
<Keyword Index="AssetId" Term="11b0b5ae-7286-4dba-b328-5858565d7db6" />
<Keyword Index="AssetId" Term="11b0b5ae-7286-4dba-b328-5858565d7db61033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="11b0b5ae-7286-4dba-b328-5858565d7db6" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\13337aba-9d4f-4097-bd9b-33ed3567608c.xml" RLTitle="Configure Remote Desktop Connection Settings for Remote Desktop Gateway">
<Attr Name="assetid" Value="13337aba-9d4f-4097-bd9b-33ed3567608c" />
<Keyword Index="AssetId" Term="13337aba-9d4f-4097-bd9b-33ed3567608c" />
<Keyword Index="AssetId" Term="13337aba-9d4f-4097-bd9b-33ed3567608c1033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="13337aba-9d4f-4097-bd9b-33ed3567608c" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\1526d6c4-e87b-465e-9f5e-2b31680ea4f5.xml" RLTitle="Install the Remote Desktop Gateway Role Service">
<Attr Name="assetid" Value="1526d6c4-e87b-465e-9f5e-2b31680ea4f5" />
<Keyword Index="AssetId" Term="1526d6c4-e87b-465e-9f5e-2b31680ea4f5" />
<Keyword Index="AssetId" Term="1526d6c4-e87b-465e-9f5e-2b31680ea4f51033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="1526d6c4-e87b-465e-9f5e-2b31680ea4f5" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\165e9dd2-8b57-4825-8a88-f806e9725cc3.xml" RLTitle="What Is Device Redirection?">
<Attr Name="assetid" Value="165e9dd2-8b57-4825-8a88-f806e9725cc3" />
<Keyword Index="AssetId" Term="165e9dd2-8b57-4825-8a88-f806e9725cc3" />
<Keyword Index="AssetId" Term="165e9dd2-8b57-4825-8a88-f806e9725cc31033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="165e9dd2-8b57-4825-8a88-f806e9725cc3" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\175febeb-aab7-4a34-9b74-08cf92517b8d.xml" RLTitle="Disable Management for a Remote Desktop Gateway Server">
<Attr Name="assetid" Value="175febeb-aab7-4a34-9b74-08cf92517b8d" />
<Keyword Index="AssetId" Term="175febeb-aab7-4a34-9b74-08cf92517b8d" />
<Keyword Index="AssetId" Term="175febeb-aab7-4a34-9b74-08cf92517b8d1033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="175febeb-aab7-4a34-9b74-08cf92517b8d" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\19335e57-6a8e-433e-ad47-33bb755483ec.xml" RLTitle="Create an RD CAP">
<Attr Name="assetid" Value="19335e57-6a8e-433e-ad47-33bb755483ec" />
<Keyword Index="AssetId" Term="19335e57-6a8e-433e-ad47-33bb755483ec" />
<Keyword Index="AssetId" Term="19335e57-6a8e-433e-ad47-33bb755483ec1033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="19335e57-6a8e-433e-ad47-33bb755483ec" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\1c0ef440-c144-4b2a-a32a-79b17b033879.xml" RLTitle="Modify or Remove a Remote Desktop Gateway-Managed Computer Group">
<Attr Name="assetid" Value="1c0ef440-c144-4b2a-a32a-79b17b033879" />
<Keyword Index="AssetId" Term="1c0ef440-c144-4b2a-a32a-79b17b033879" />
<Keyword Index="AssetId" Term="1c0ef440-c144-4b2a-a32a-79b17b0338791033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="1c0ef440-c144-4b2a-a32a-79b17b033879" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\23dad170-8223-4409-b396-184326450888.xml" RLTitle="Understand Timeout and Reconnection Settings for Remote Sessions">
<Attr Name="assetid" Value="23dad170-8223-4409-b396-184326450888" />
<Keyword Index="AssetId" Term="23dad170-8223-4409-b396-184326450888" />
<Keyword Index="AssetId" Term="23dad170-8223-4409-b396-1843264508881033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="23dad170-8223-4409-b396-184326450888" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\27cc58c3-b4bf-4953-bc6c-bc94ec780f73.xml" RLTitle="Open the Remote Desktop Gateway Manager">
<Attr Name="assetid" Value="27cc58c3-b4bf-4953-bc6c-bc94ec780f73" />
<Keyword Index="AssetId" Term="27cc58c3-b4bf-4953-bc6c-bc94ec780f73" />
<Keyword Index="AssetId" Term="27cc58c3-b4bf-4953-bc6c-bc94ec780f731033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="27cc58c3-b4bf-4953-bc6c-bc94ec780f73" />
<Attr Name="TopicType" Value="kbHowTo" />
</Vtopic>
<Vtopic Url="assets\2caaafad-233f-47b6-b21d-12e2b027619b.xml" RLTitle="Remote Desktop Gateway Manager">
<Attr Name="assetid" Value="2caaafad-233f-47b6-b21d-12e2b027619b" />
<Keyword Index="AssetId" Term="2caaafad-233f-47b6-b21d-12e2b027619b" />
<Keyword Index="AssetId" Term="2caaafad-233f-47b6-b21d-12e2b027619b1033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="2caaafad-233f-47b6-b21d-12e2b027619b" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\3073bf53-86a6-45df-9e65-d86eccaadf40.xml" RLTitle="Specify a New Central RD CAP Store">
<Attr Name="assetid" Value="3073bf53-86a6-45df-9e65-d86eccaadf40" />
<Keyword Index="AssetId" Term="3073bf53-86a6-45df-9e65-d86eccaadf40" />
<Keyword Index="AssetId" Term="3073bf53-86a6-45df-9e65-d86eccaadf401033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="3073bf53-86a6-45df-9e65-d86eccaadf40" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\3aceb57c-37ff-46ac-b545-148f8589c480.xml" RLTitle="Enable or Disable an RD CAP">
<Attr Name="assetid" Value="3aceb57c-37ff-46ac-b545-148f8589c480" />
<Keyword Index="AssetId" Term="3aceb57c-37ff-46ac-b545-148f8589c480" />
<Keyword Index="AssetId" Term="3aceb57c-37ff-46ac-b545-148f8589c4801033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="3aceb57c-37ff-46ac-b545-148f8589c480" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\3dc83152-acbf-4bf7-a4c2-58dfeab1c63d.xml" RLTitle="Obtain a Certificate for the Remote Desktop Gateway Server">
<Attr Name="assetid" Value="3dc83152-acbf-4bf7-a4c2-58dfeab1c63d" />
<Keyword Index="AssetId" Term="3dc83152-acbf-4bf7-a4c2-58dfeab1c63d" />
<Keyword Index="AssetId" Term="3dc83152-acbf-4bf7-a4c2-58dfeab1c63d1033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="3dc83152-acbf-4bf7-a4c2-58dfeab1c63d" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\3e36b1a9-77b9-444f-aa47-4cc4132a2772.xml" RLTitle="Enable Connections Through Remote Desktop Gateway">
<Attr Name="assetid" Value="3e36b1a9-77b9-444f-aa47-4cc4132a2772" />
<Keyword Index="AssetId" Term="3e36b1a9-77b9-444f-aa47-4cc4132a2772" />
<Keyword Index="AssetId" Term="3e36b1a9-77b9-444f-aa47-4cc4132a27721033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="3e36b1a9-77b9-444f-aa47-4cc4132a2772" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\496e8935-e910-4692-a465-f6c7b3cfda16.xml" RLTitle="Select an Existing Certificate for Remote Desktop Gateway">
<Attr Name="assetid" Value="496e8935-e910-4692-a465-f6c7b3cfda16" />
<Keyword Index="AssetId" Term="496e8935-e910-4692-a465-f6c7b3cfda16" />
<Keyword Index="AssetId" Term="496e8935-e910-4692-a465-f6c7b3cfda161033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="496e8935-e910-4692-a465-f6c7b3cfda16" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\4be82080-069d-4cb4-8633-5d1fd898e5cd.xml" RLTitle="Modify the Refresh Interval for Displaying Remote Desktop Gateway Connection Information">
<Attr Name="assetid" Value="4be82080-069d-4cb4-8633-5d1fd898e5cd" />
<Keyword Index="AssetId" Term="4be82080-069d-4cb4-8633-5d1fd898e5cd" />
<Keyword Index="AssetId" Term="4be82080-069d-4cb4-8633-5d1fd898e5cd1033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="4be82080-069d-4cb4-8633-5d1fd898e5cd" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\4c15509d-daed-4b4a-bffa-28de41355bbf.xml" RLTitle="Install the Remote Desktop Gateway Server Root Certificate on the Remote Desktop Services Client">
<Attr Name="assetid" Value="4c15509d-daed-4b4a-bffa-28de41355bbf" />
<Keyword Index="AssetId" Term="4c15509d-daed-4b4a-bffa-28de41355bbf" />
<Keyword Index="AssetId" Term="4c15509d-daed-4b4a-bffa-28de41355bbf1033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="4c15509d-daed-4b4a-bffa-28de41355bbf" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\501642ca-dcd6-475b-bd4b-373a09966de2.xml" RLTitle="Manage Remote Desktop Resource Authorization Policies (RD RAPs)">
<Attr Name="assetid" Value="501642ca-dcd6-475b-bd4b-373a09966de2" />
<Keyword Index="AssetId" Term="501642ca-dcd6-475b-bd4b-373a09966de2" />
<Keyword Index="AssetId" Term="501642ca-dcd6-475b-bd4b-373a09966de21033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="501642ca-dcd6-475b-bd4b-373a09966de2" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\51ecc12f-21d6-43fb-968e-b49154913127.xml" RLTitle="View Details about RD RAPs">
<Attr Name="assetid" Value="51ecc12f-21d6-43fb-968e-b49154913127" />
<Keyword Index="AssetId" Term="51ecc12f-21d6-43fb-968e-b49154913127" />
<Keyword Index="AssetId" Term="51ecc12f-21d6-43fb-968e-b491549131271033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="51ecc12f-21d6-43fb-968e-b49154913127" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\5a8faf78-8f09-4436-bcd5-59cfcbd0d1fa.xml" RLTitle="View Details About Local RD CAPs">
<Attr Name="assetid" Value="5a8faf78-8f09-4436-bcd5-59cfcbd0d1fa" />
<Keyword Index="AssetId" Term="5a8faf78-8f09-4436-bcd5-59cfcbd0d1fa" />
<Keyword Index="AssetId" Term="5a8faf78-8f09-4436-bcd5-59cfcbd0d1fa1033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="5a8faf78-8f09-4436-bcd5-59cfcbd0d1fa" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\5b54781e-4693-4998-83d7-d60271adfea1.xml" RLTitle="Specify Conditions That Users Must Meet to Connect to an RD Gateway Server">
<Attr Name="assetid" Value="5b54781e-4693-4998-83d7-d60271adfea1" />
<Keyword Index="AssetId" Term="5b54781e-4693-4998-83d7-d60271adfea1" />
<Keyword Index="AssetId" Term="5b54781e-4693-4998-83d7-d60271adfea11033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="5b54781e-4693-4998-83d7-d60271adfea1" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\5bfdffa9-b05c-4c7b-8e77-07aa51a44af3.xml" RLTitle="Specify a Remote Desktop Gateway Server to Manage">
<Attr Name="assetid" Value="5bfdffa9-b05c-4c7b-8e77-07aa51a44af3" />
<Keyword Index="AssetId" Term="5bfdffa9-b05c-4c7b-8e77-07aa51a44af3" />
<Keyword Index="AssetId" Term="5bfdffa9-b05c-4c7b-8e77-07aa51a44af31033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="5bfdffa9-b05c-4c7b-8e77-07aa51a44af3" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\5e9559f6-9f0d-4cde-92bc-7e566b446e3a.xml" RLTitle="Configuring the Remote Desktop Gateway Server">
<Attr Name="assetid" Value="5e9559f6-9f0d-4cde-92bc-7e566b446e3a" />
<Keyword Index="AssetId" Term="5e9559f6-9f0d-4cde-92bc-7e566b446e3a" />
<Keyword Index="AssetId" Term="5e9559f6-9f0d-4cde-92bc-7e566b446e3a1033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="5e9559f6-9f0d-4cde-92bc-7e566b446e3a" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\5feddf36-b7d9-415e-81b8-c944f6bc3bc6.xml" RLTitle="Enable NAP Health Policy Checking on the Remote Desktop Gateway Server">
<Attr Name="assetid" Value="5feddf36-b7d9-415e-81b8-c944f6bc3bc6" />
<Keyword Index="AssetId" Term="5feddf36-b7d9-415e-81b8-c944f6bc3bc6" />
<Keyword Index="AssetId" Term="5feddf36-b7d9-415e-81b8-c944f6bc3bc61033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="5feddf36-b7d9-415e-81b8-c944f6bc3bc6" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\6101f2ee-3ac2-4a80-a6ea-85cbd9141a08.xml" RLTitle="Using Group Policy to Manage Client Connections Through Remote Desktop Gateway">
<Attr Name="assetid" Value="6101f2ee-3ac2-4a80-a6ea-85cbd9141a08" />
<Keyword Index="AssetId" Term="6101f2ee-3ac2-4a80-a6ea-85cbd9141a08" />
<Keyword Index="AssetId" Term="6101f2ee-3ac2-4a80-a6ea-85cbd9141a081033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="6101f2ee-3ac2-4a80-a6ea-85cbd9141a08" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\64c82f36-c887-44af-997a-63063aa36136.xml" RLTitle="Create a Self-Signed Certificate for the Remote Desktop Gateway Server">
<Attr Name="assetid" Value="64c82f36-c887-44af-997a-63063aa36136" />
<Keyword Index="AssetId" Term="64c82f36-c887-44af-997a-63063aa36136" />
<Keyword Index="AssetId" Term="64c82f36-c887-44af-997a-63063aa361361033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="64c82f36-c887-44af-997a-63063aa36136" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\68002f1c-6573-4d6d-bf76-9d7770925534.xml" RLTitle="Limit the Maximum Number of Simultaneous Connections Through a Remote Desktop Gateway Server">
<Attr Name="assetid" Value="68002f1c-6573-4d6d-bf76-9d7770925534" />
<Keyword Index="AssetId" Term="68002f1c-6573-4d6d-bf76-9d7770925534" />
<Keyword Index="AssetId" Term="68002f1c-6573-4d6d-bf76-9d77709255341033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="68002f1c-6573-4d6d-bf76-9d7770925534" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\6fa1b98d-0c8d-4f6b-bc7f-2cfc3b6080aa.xml" RLTitle="Modify or Remove a Local RD CAP">
<Attr Name="assetid" Value="6fa1b98d-0c8d-4f6b-bc7f-2cfc3b6080aa" />
<Keyword Index="AssetId" Term="6fa1b98d-0c8d-4f6b-bc7f-2cfc3b6080aa" />
<Keyword Index="AssetId" Term="6fa1b98d-0c8d-4f6b-bc7f-2cfc3b6080aa1033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="6fa1b98d-0c8d-4f6b-bc7f-2cfc3b6080aa" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\72965a27-d33a-4e6e-aeac-f8f6978ecd20.xml" RLTitle="Set the Remote Desktop Gateway Server Address">
<Attr Name="assetid" Value="72965a27-d33a-4e6e-aeac-f8f6978ecd20" />
<Keyword Index="AssetId" Term="72965a27-d33a-4e6e-aeac-f8f6978ecd20" />
<Keyword Index="AssetId" Term="72965a27-d33a-4e6e-aeac-f8f6978ecd201033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="72965a27-d33a-4e6e-aeac-f8f6978ecd20" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\77f9be0d-7b64-46db-902e-31c6ce81ab3e.xml" RLTitle="Configure Messaging for a Remote Desktop Gateway Server">
<Attr Name="assetid" Value="77f9be0d-7b64-46db-902e-31c6ce81ab3e" />
<Keyword Index="AssetId" Term="77f9be0d-7b64-46db-902e-31c6ce81ab3e" />
<Keyword Index="AssetId" Term="77f9be0d-7b64-46db-902e-31c6ce81ab3e1033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="77f9be0d-7b64-46db-902e-31c6ce81ab3e" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\7a03804c-b3cb-44f1-bacd-aec78ba0b3a4.xml" RLTitle="Configuring the Remote Desktop Services Client for Remote Desktop Gateway">
<Attr Name="assetid" Value="7a03804c-b3cb-44f1-bacd-aec78ba0b3a4" />
<Keyword Index="AssetId" Term="7a03804c-b3cb-44f1-bacd-aec78ba0b3a4" />
<Keyword Index="AssetId" Term="7a03804c-b3cb-44f1-bacd-aec78ba0b3a41033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="7a03804c-b3cb-44f1-bacd-aec78ba0b3a4" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\7d9b8192-42bf-4d62-889f-584648806fc7.xml" RLTitle="Import or Export Settings for a Remote Desktop Gateway Server">
<Attr Name="assetid" Value="7d9b8192-42bf-4d62-889f-584648806fc7" />
<Keyword Index="AssetId" Term="7d9b8192-42bf-4d62-889f-584648806fc7" />
<Keyword Index="AssetId" Term="7d9b8192-42bf-4d62-889f-584648806fc71033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="7d9b8192-42bf-4d62-889f-584648806fc7" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\80dccb05-7115-43be-a08a-30c9b7465899.xml" RLTitle="View or Modify Certificate Properties">
<Attr Name="assetid" Value="80dccb05-7115-43be-a08a-30c9b7465899" />
<Keyword Index="AssetId" Term="80dccb05-7115-43be-a08a-30c9b7465899" />
<Keyword Index="AssetId" Term="80dccb05-7115-43be-a08a-30c9b74658991033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="80dccb05-7115-43be-a08a-30c9b7465899" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\9bf8bd81-6bef-4bff-a976-db5e9fb3fcc4.xml" RLTitle="Overview of Remote Desktop Gateway">
<Attr Name="assetid" Value="9bf8bd81-6bef-4bff-a976-db5e9fb3fcc4" />
<Keyword Index="AssetId" Term="9bf8bd81-6bef-4bff-a976-db5e9fb3fcc4" />
<Keyword Index="AssetId" Term="9bf8bd81-6bef-4bff-a976-db5e9fb3fcc41033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="9bf8bd81-6bef-4bff-a976-db5e9fb3fcc4" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\9febb447-fd0a-4de8-aa8c-3e0b3df813c4.xml" RLTitle="Understanding Authorization Policies for Remote Desktop Gateway">
<Attr Name="assetid" Value="9febb447-fd0a-4de8-aa8c-3e0b3df813c4" />
<Keyword Index="AssetId" Term="9febb447-fd0a-4de8-aa8c-3e0b3df813c4" />
<Keyword Index="AssetId" Term="9febb447-fd0a-4de8-aa8c-3e0b3df813c41033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="9febb447-fd0a-4de8-aa8c-3e0b3df813c4" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\a870bc9f-02a2-4767-9ada-3d0241e38bd0.xml" RLTitle="Manage Remote Desktop Connection Authorization Policies (RD CAPs)">
<Attr Name="assetid" Value="a870bc9f-02a2-4767-9ada-3d0241e38bd0" />
<Keyword Index="AssetId" Term="a870bc9f-02a2-4767-9ada-3d0241e38bd0" />
<Keyword Index="AssetId" Term="a870bc9f-02a2-4767-9ada-3d0241e38bd01033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="a870bc9f-02a2-4767-9ada-3d0241e38bd0" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\afef1cdb-3d55-41bf-80af-a9c89c59d825.xml" RLTitle="Remote Desktop Gateway Installation Prerequisites">
<Attr Name="assetid" Value="afef1cdb-3d55-41bf-80af-a9c89c59d825" />
<Keyword Index="AssetId" Term="afef1cdb-3d55-41bf-80af-a9c89c59d825" />
<Keyword Index="AssetId" Term="afef1cdb-3d55-41bf-80af-a9c89c59d8251033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="afef1cdb-3d55-41bf-80af-a9c89c59d825" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\bf055f2f-8518-4666-8b5e-09e6e1f9d1f0.xml" RLTitle="Specify Computers That Users Can Connect to Through Remote Desktop Gateway">
<Attr Name="assetid" Value="bf055f2f-8518-4666-8b5e-09e6e1f9d1f0" />
<Keyword Index="AssetId" Term="bf055f2f-8518-4666-8b5e-09e6e1f9d1f0" />
<Keyword Index="AssetId" Term="bf055f2f-8518-4666-8b5e-09e6e1f9d1f01033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="bf055f2f-8518-4666-8b5e-09e6e1f9d1f0" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\c1066750-4cd7-41dc-ab9c-a7bbc8959a7c.xml" RLTitle="Configure a Certificate for the Remote Desktop Gateway Server">
<Attr Name="assetid" Value="c1066750-4cd7-41dc-ab9c-a7bbc8959a7c" />
<Keyword Index="AssetId" Term="c1066750-4cd7-41dc-ab9c-a7bbc8959a7c" />
<Keyword Index="AssetId" Term="c1066750-4cd7-41dc-ab9c-a7bbc8959a7c1033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="c1066750-4cd7-41dc-ab9c-a7bbc8959a7c" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\c1acb922-d89a-4959-a436-5f844ad5acee.xml" RLTitle="Create a Remote Desktop Gateway Server Farm">
<Attr Name="assetid" Value="c1acb922-d89a-4959-a436-5f844ad5acee" />
<Keyword Index="AssetId" Term="c1acb922-d89a-4959-a436-5f844ad5acee" />
<Keyword Index="AssetId" Term="c1acb922-d89a-4959-a436-5f844ad5acee1033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="c1acb922-d89a-4959-a436-5f844ad5acee" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\c23912c7-372c-4dc4-974f-e84c097dcdee.xml" RLTitle="Modify or Remove an RD RAP">
<Attr Name="assetid" Value="c23912c7-372c-4dc4-974f-e84c097dcdee" />
<Keyword Index="AssetId" Term="c23912c7-372c-4dc4-974f-e84c097dcdee" />
<Keyword Index="AssetId" Term="c23912c7-372c-4dc4-974f-e84c097dcdee1033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="c23912c7-372c-4dc4-974f-e84c097dcdee" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\c7599759-3f3f-4c9f-8e45-9b6d79644d7d.xml" RLTitle="Enable or Disable Credential Sharing for Connections Through Remote Desktop Gateway">
<Attr Name="assetid" Value="c7599759-3f3f-4c9f-8e45-9b6d79644d7d" />
<Keyword Index="AssetId" Term="c7599759-3f3f-4c9f-8e45-9b6d79644d7d" />
<Keyword Index="AssetId" Term="c7599759-3f3f-4c9f-8e45-9b6d79644d7d1033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="c7599759-3f3f-4c9f-8e45-9b6d79644d7d" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\c9d598e5-8658-4485-b764-4c971ce5cb73.xml" RLTitle="Checklist: Configure Remote Desktop Gateway">
<Attr Name="assetid" Value="c9d598e5-8658-4485-b764-4c971ce5cb73" />
<Keyword Index="AssetId" Term="c9d598e5-8658-4485-b764-4c971ce5cb73" />
<Keyword Index="AssetId" Term="c9d598e5-8658-4485-b764-4c971ce5cb731033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="c9d598e5-8658-4485-b764-4c971ce5cb73" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\d65ea2bf-6a7a-47a7-81f9-83c0322d0103.xml" RLTitle="Import a Certificate into Remote Desktop Gateway Server">
<Attr Name="assetid" Value="d65ea2bf-6a7a-47a7-81f9-83c0322d0103" />
<Keyword Index="AssetId" Term="d65ea2bf-6a7a-47a7-81f9-83c0322d0103" />
<Keyword Index="AssetId" Term="d65ea2bf-6a7a-47a7-81f9-83c0322d01031033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="d65ea2bf-6a7a-47a7-81f9-83c0322d0103" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\e7c57c70-8381-4d1a-b37f-5fec9f734eb9.xml" RLTitle="View Details About Active Connections Through a Remote Desktop Gateway Server">
<Attr Name="assetid" Value="e7c57c70-8381-4d1a-b37f-5fec9f734eb9" />
<Keyword Index="AssetId" Term="e7c57c70-8381-4d1a-b37f-5fec9f734eb9" />
<Keyword Index="AssetId" Term="e7c57c70-8381-4d1a-b37f-5fec9f734eb91033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="e7c57c70-8381-4d1a-b37f-5fec9f734eb9" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\ea539beb-93ee-441d-a565-2c630eb1a5f8.xml" RLTitle="Specify Remote Desktop Gateway Events to Log">
<Attr Name="assetid" Value="ea539beb-93ee-441d-a565-2c630eb1a5f8" />
<Keyword Index="AssetId" Term="ea539beb-93ee-441d-a565-2c630eb1a5f8" />
<Keyword Index="AssetId" Term="ea539beb-93ee-441d-a565-2c630eb1a5f81033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="ea539beb-93ee-441d-a565-2c630eb1a5f8" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\edfd6893-e723-44ef-a0d3-94063897bcb3.xml" RLTitle="Enable or Disable Client Device Redirection">
<Attr Name="assetid" Value="edfd6893-e723-44ef-a0d3-94063897bcb3" />
<Keyword Index="AssetId" Term="edfd6893-e723-44ef-a0d3-94063897bcb3" />
<Keyword Index="AssetId" Term="edfd6893-e723-44ef-a0d3-94063897bcb31033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="edfd6893-e723-44ef-a0d3-94063897bcb3" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\f6b86bd9-d865-45e1-9c71-fe9fa9dbd1aa.xml" RLTitle="Specify an Existing Local or Central RD CAP Store">
<Attr Name="assetid" Value="f6b86bd9-d865-45e1-9c71-fe9fa9dbd1aa" />
<Keyword Index="AssetId" Term="f6b86bd9-d865-45e1-9c71-fe9fa9dbd1aa" />
<Keyword Index="AssetId" Term="f6b86bd9-d865-45e1-9c71-fe9fa9dbd1aa1033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="f6b86bd9-d865-45e1-9c71-fe9fa9dbd1aa" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\f7bb15f8-f7f9-414a-af98-c845e4237646.xml" RLTitle="Enable SSL Bridging on the Remote Desktop Gateway Server">
<Attr Name="assetid" Value="f7bb15f8-f7f9-414a-af98-c845e4237646" />
<Keyword Index="AssetId" Term="f7bb15f8-f7f9-414a-af98-c845e4237646" />
<Keyword Index="AssetId" Term="f7bb15f8-f7f9-414a-af98-c845e42376461033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="f7bb15f8-f7f9-414a-af98-c845e4237646" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\f90e0f61-e72e-46d1-a179-1d912ded2757.xml" RLTitle="Create an RD RAP">
<Attr Name="assetid" Value="f90e0f61-e72e-46d1-a179-1d912ded2757" />
<Keyword Index="AssetId" Term="f90e0f61-e72e-46d1-a179-1d912ded2757" />
<Keyword Index="AssetId" Term="f90e0f61-e72e-46d1-a179-1d912ded27571033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="f90e0f61-e72e-46d1-a179-1d912ded2757" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\fb2cccec-2d8b-4225-a406-e3933f992851.xml" RLTitle="Monitoring a Remote Desktop Gateway Server for Connection Status and Reporting">
<Attr Name="assetid" Value="fb2cccec-2d8b-4225-a406-e3933f992851" />
<Keyword Index="AssetId" Term="fb2cccec-2d8b-4225-a406-e3933f992851" />
<Keyword Index="AssetId" Term="fb2cccec-2d8b-4225-a406-e3933f9928511033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="fb2cccec-2d8b-4225-a406-e3933f992851" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\fe6baab3-414b-4069-8f80-0b4c534bb830.xml" RLTitle="Remove a Server Running NPS or Change a Server Shared Secret for a Centrally Stored RD CAP">
<Attr Name="assetid" Value="fe6baab3-414b-4069-8f80-0b4c534bb830" />
<Keyword Index="AssetId" Term="fe6baab3-414b-4069-8f80-0b4c534bb830" />
<Keyword Index="AssetId" Term="fe6baab3-414b-4069-8f80-0b4c534bb8301033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="fe6baab3-414b-4069-8f80-0b4c534bb830" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
<Vtopic Url="assets\ffbf3b3d-c4cb-4e9e-b84c-2d0bc6208ba2.xml" RLTitle="Enable or Disable an RD RAP">
<Attr Name="assetid" Value="ffbf3b3d-c4cb-4e9e-b84c-2d0bc6208ba2" />
<Keyword Index="AssetId" Term="ffbf3b3d-c4cb-4e9e-b84c-2d0bc6208ba2" />
<Keyword Index="AssetId" Term="ffbf3b3d-c4cb-4e9e-b84c-2d0bc6208ba21033" />
<Attr Name="appliesToProduct" Value="Windows Server 2008 R2" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHDATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISENOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDNOHVSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHSTANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="LHWEBSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2DATACENTERSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISEIA64SERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2ENTERPRISESERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2STANDARDSERVER" />
<Attr Name="APPLIESTOPRODUCTSPECIFIC" Value="WS08R2WEBSERVER" />
<Attr Name="appliesToSite" Value="BWCOnly" />
<Attr Name="CommunityContent" Value="1" />
<Attr Name="WillHaveMamlFeed" Value="True" />
<Attr Name="zzpub_assetBug" Value="1770" />
<Attr Name="zzpub_MtpsProductFamily" Value="WS" />
<Attr Name="zzpub_MTPSVersion" Value="11" />
<Attr Name="Locale" Value="kbEnglish" />
<Attr Name="AssetID" Value="ffbf3b3d-c4cb-4e9e-b84c-2d0bc6208ba2" />
<Attr Name="TopicType" Value="kbArticle" />
</Vtopic>
</VTopicSet><?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE HelpTOC>
<HelpTOC xmlns="http://schemas.microsoft.com/help/toc/2004/11" DTDVersion="1.0" Id="ts_gateway_TOC" FileVersion="" LangId="1033" ParentNodeIcon="Book" PluginStyle="Hierarchical">
<HelpTOCNode Url="mshelp://windows/?tocid=73db0a6a-66e3-41f7-a652-b31a2bcac53c" Title="">
<HelpTOCNode Url="mshelp://windows/?id=2caaafad-233f-47b6-b21d-12e2b027619b" Title="Remote Desktop Gateway Manager">
<HelpTOCNode Url="mshelp://windows/?id=9bf8bd81-6bef-4bff-a976-db5e9fb3fcc4" Title="Overview of Remote Desktop Gateway" />
<HelpTOCNode Url="mshelp://windows/?id=c9d598e5-8658-4485-b764-4c971ce5cb73" Title="Checklist: Configure Remote Desktop Gateway" />
<HelpTOCNode Url="mshelp://windows/?id=afef1cdb-3d55-41bf-80af-a9c89c59d825" Title="Remote Desktop Gateway Installation Prerequisites" />
<HelpTOCNode Url="mshelp://windows/?id=5e9559f6-9f0d-4cde-92bc-7e566b446e3a" Title="Configuring the Remote Desktop Gateway Server">
<HelpTOCNode Url="mshelp://windows/?id=1526d6c4-e87b-465e-9f5e-2b31680ea4f5" Title="Install the Remote Desktop Gateway Role Service" />
<HelpTOCNode Url="mshelp://windows/?id=27cc58c3-b4bf-4953-bc6c-bc94ec780f73" Title="Open the Remote Desktop Gateway Manager" />
<HelpTOCNode Url="mshelp://windows/?id=c1066750-4cd7-41dc-ab9c-a7bbc8959a7c" Title="Configure a Certificate for the Remote Desktop Gateway Server">
<HelpTOCNode Url="mshelp://windows/?id=3dc83152-acbf-4bf7-a4c2-58dfeab1c63d" Title="Obtain a Certificate for the Remote Desktop Gateway Server" />
<HelpTOCNode Url="mshelp://windows/?id=64c82f36-c887-44af-997a-63063aa36136" Title="Create a Self-Signed Certificate for the Remote Desktop Gateway Server" />
<HelpTOCNode Url="mshelp://windows/?id=496e8935-e910-4692-a465-f6c7b3cfda16" Title="Select an Existing Certificate for Remote Desktop Gateway" />
<HelpTOCNode Url="mshelp://windows/?id=d65ea2bf-6a7a-47a7-81f9-83c0322d0103" Title="Import a Certificate into Remote Desktop Gateway Server" />
<HelpTOCNode Url="mshelp://windows/?id=80dccb05-7115-43be-a08a-30c9b7465899" Title="View or Modify Certificate Properties" />
</HelpTOCNode>
<HelpTOCNode Url="mshelp://windows/?id=5bfdffa9-b05c-4c7b-8e77-07aa51a44af3" Title="Specify a Remote Desktop Gateway Server to Manage" />
<HelpTOCNode Url="mshelp://windows/?id=c1acb922-d89a-4959-a436-5f844ad5acee" Title="Create a Remote Desktop Gateway Server Farm" />
<HelpTOCNode Url="mshelp://windows/?id=11b0b5ae-7286-4dba-b328-5858565d7db6" Title="Remove Members of a Remote Desktop Gateway Server Farm" />
<HelpTOCNode Url="mshelp://windows/?id=175febeb-aab7-4a34-9b74-08cf92517b8d" Title="Disable Management for a Remote Desktop Gateway Server" />
<HelpTOCNode Url="mshelp://windows/?id=9febb447-fd0a-4de8-aa8c-3e0b3df813c4" Title="Understanding Authorization Policies for Remote Desktop Gateway" />
<HelpTOCNode Url="mshelp://windows/?id=a870bc9f-02a2-4767-9ada-3d0241e38bd0" Title="Manage Remote Desktop Connection Authorization Policies (RD CAPs)">
<HelpTOCNode Url="mshelp://windows/?id=108df0e7-74d7-475f-8220-bd4ada9b241a" Title="Understanding Requirements for Connecting to a Remote Desktop Gateway Server" />
<HelpTOCNode Url="mshelp://windows/?id=19335e57-6a8e-433e-ad47-33bb755483ec" Title="Create an RD CAP" />
<HelpTOCNode Url="mshelp://windows/?id=3aceb57c-37ff-46ac-b545-148f8589c480" Title="Enable or Disable an RD CAP" />
<HelpTOCNode Url="mshelp://windows/?id=5a8faf78-8f09-4436-bcd5-59cfcbd0d1fa" Title="View Details About Local RD CAPs" />
<HelpTOCNode Url="mshelp://windows/?id=6fa1b98d-0c8d-4f6b-bc7f-2cfc3b6080aa" Title="Modify or Remove a Local RD CAP" />
<HelpTOCNode Url="mshelp://windows/?id=3073bf53-86a6-45df-9e65-d86eccaadf40" Title="Specify a New Central RD CAP Store" />
<HelpTOCNode Url="mshelp://windows/?id=f6b86bd9-d865-45e1-9c71-fe9fa9dbd1aa" Title="Specify an Existing Local or Central RD CAP Store" />
<HelpTOCNode Url="mshelp://windows/?id=fe6baab3-414b-4069-8f80-0b4c534bb830" Title="Remove a Server Running NPS or Change a Server Shared Secret for a Centrally Stored RD CAP" />
</HelpTOCNode>
<HelpTOCNode Url="mshelp://windows/?id=501642ca-dcd6-475b-bd4b-373a09966de2" Title="Manage Remote Desktop Resource Authorization Policies (RD RAPs)">
<HelpTOCNode Url="mshelp://windows/?id=f90e0f61-e72e-46d1-a179-1d912ded2757" Title="Create an RD RAP" />
<HelpTOCNode Url="mshelp://windows/?id=bf055f2f-8518-4666-8b5e-09e6e1f9d1f0" Title="Specify Computers That Users Can Connect to Through Remote Desktop Gateway" />
<HelpTOCNode Url="mshelp://windows/?id=ffbf3b3d-c4cb-4e9e-b84c-2d0bc6208ba2" Title="Enable or Disable an RD RAP" />
<HelpTOCNode Url="mshelp://windows/?id=51ecc12f-21d6-43fb-968e-b49154913127" Title="View Details about RD RAPs" />
<HelpTOCNode Url="mshelp://windows/?id=1c0ef440-c144-4b2a-a32a-79b17b033879" Title="Modify or Remove a Remote Desktop Gateway-Managed Computer Group" />
<HelpTOCNode Url="mshelp://windows/?id=c23912c7-372c-4dc4-974f-e84c097dcdee" Title="Modify or Remove an RD RAP" />
</HelpTOCNode>
<HelpTOCNode Url="mshelp://windows/?id=f7bb15f8-f7f9-414a-af98-c845e4237646" Title="Enable SSL Bridging on the Remote Desktop Gateway Server" />
<HelpTOCNode Url="mshelp://windows/?id=5feddf36-b7d9-415e-81b8-c944f6bc3bc6" Title="Enable NAP Health Policy Checking on the Remote Desktop Gateway Server" />
<HelpTOCNode Url="mshelp://windows/?id=68002f1c-6573-4d6d-bf76-9d7770925534" Title="Limit the Maximum Number of Simultaneous Connections Through a Remote Desktop Gateway Server" />
<HelpTOCNode Url="mshelp://windows/?id=7d9b8192-42bf-4d62-889f-584648806fc7" Title="Import or Export Settings for a Remote Desktop Gateway Server" />
<HelpTOCNode Url="mshelp://windows/?id=77f9be0d-7b64-46db-902e-31c6ce81ab3e" Title="Configure Messaging for a Remote Desktop Gateway Server" />
</HelpTOCNode>
<HelpTOCNode Url="mshelp://windows/?id=7a03804c-b3cb-44f1-bacd-aec78ba0b3a4" Title="Configuring the Remote Desktop Services Client for Remote Desktop Gateway">
<HelpTOCNode Url="mshelp://windows/?id=4c15509d-daed-4b4a-bffa-28de41355bbf" Title="Install the Remote Desktop Gateway Server Root Certificate on the Remote Desktop Services Client" />
<HelpTOCNode Url="mshelp://windows/?id=13337aba-9d4f-4097-bd9b-33ed3567608c" Title="Configure Remote Desktop Connection Settings for Remote Desktop Gateway" />
</HelpTOCNode>
<HelpTOCNode Url="mshelp://windows/?id=6101f2ee-3ac2-4a80-a6ea-85cbd9141a08" Title="Using Group Policy to Manage Client Connections Through Remote Desktop Gateway">
<HelpTOCNode Url="mshelp://windows/?id=112c0ebd-f8db-4ab3-be74-f2865d91db37" Title="Set the Remote Desktop Gateway Server Authentication Method" />
<HelpTOCNode Url="mshelp://windows/?id=3e36b1a9-77b9-444f-aa47-4cc4132a2772" Title="Enable Connections Through Remote Desktop Gateway" />
<HelpTOCNode Url="mshelp://windows/?id=72965a27-d33a-4e6e-aeac-f8f6978ecd20" Title="Set the Remote Desktop Gateway Server Address" />
</HelpTOCNode>
<HelpTOCNode Url="mshelp://windows/?id=fb2cccec-2d8b-4225-a406-e3933f992851" Title="Monitoring a Remote Desktop Gateway Server for Connection Status and Reporting">
<HelpTOCNode Url="mshelp://windows/?id=ea539beb-93ee-441d-a565-2c630eb1a5f8" Title="Specify Remote Desktop Gateway Events to Log" />
<HelpTOCNode Url="mshelp://windows/?id=e7c57c70-8381-4d1a-b37f-5fec9f734eb9" Title="View Details About Active Connections Through a Remote Desktop Gateway Server" />
<HelpTOCNode Url="mshelp://windows/?id=0c78c3f1-545e-416c-a0bc-4c8347d917db" Title="Understanding Details About Active Connections Through a Remote Desktop Gateway Server" />
<HelpTOCNode Url="mshelp://windows/?id=4be82080-069d-4cb4-8633-5d1fd898e5cd" Title="Modify the Refresh Interval for Displaying Remote Desktop Gateway Connection Information" />
</HelpTOCNode>
<HelpTOCNode Url="mshelp://windows/?id=c7599759-3f3f-4c9f-8e45-9b6d79644d7d" Title="Enable or Disable Credential Sharing for Connections Through Remote Desktop Gateway" />
</HelpTOCNode>
</HelpTOCNode>
</HelpTOC><?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE HelpIndex>
<HelpIndex DTDVersion="1.0" Name="AssetId" /><?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE HelpIndex>
<HelpIndex DTDVersion="1.0" Name="BestBet" /><?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE HelpIndex>
<HelpIndex DTDVersion="1.0" Name="LinkTerm" /><?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE HelpIndex>
<HelpIndex DTDVersion="1.0" Name="SubjectTerm" /> uU�P�`V�U��?\}E^%aQ ,IPTmhIB
H**H*$2v� 5"wfx`]}.qҋ `hObsb@eP2L8
Tm9J1i^> @�""����E&d�^@gfZيU\
, a9bgcCyvo'~<5R?
͛U9j|vg_CMkݟ67Oq7~
o9Y}jk[竽j _
't[U[*Y͛
|g
g
obrk}5^Q5M^Ȭ
浅s?FFrWヽt&w8ny_e
y.Wk
jw&a -GW/Wo9Y^p ?ß}?߹2z^7 #wGlo_<_A
k&Gz>ϻz?~]k>Hߵ\y]mZ.=:n?~7gu^ꫮ躮ۺ
)]_n@s t 꺮s =gQuW
{E~,;~c)ϗ}? 噸{3~zq?{Eqۃ <οӥ[p>%Kg~w9{Oz7~
?3kG\N_]7k:㝱w|ckRܼΥ8|
18CQ\fs(O.?6OkP
_)'ѯx|mk{|s9qkbn]Ղ:www >|-W8
ObYp^j~
vύ٣ug+4rSsn4 syy:5^iGgnP
[]wt"<\WoWnkl_ݑ�m]gy:g웟VS?]lW9Xܿ]sm]{Og%̿=g#i}vg'gﭿwrj\>;=gN#wl`W>;û>[ԏ}{o
Tnl&
ރgk"oIvA{>۳zzgc5vp/cx6NE!, =We̫Ú_>O3}SN~ԧ>5^ԧ>MO?5m=O}S[O>O~cx܍v~vfjonu}svޮmΝ߷:܀v7v1y=W܉~s/۟>wo_ۄ6+xWlm=6(ï
{5[p
ޅ=-z¿z+j^Ͱ7W/Վ
5
t:
-]|aSNW]WR+__ث-쫗/
[5{]aomv^>kW/՛vhjaS|N¾:ao|ӮWlѡ/jj
j
[gn> };;CqiߥKo"q6iׇ{Ǒw;OV ;O/}wA-;Pwm>{|w)/ɝyyAG>?x!1 <l(q܇>xC<Vpx"FcB-
|s<?z)N)?KؼmǻNBI|ޗrJqlV8{oRt
Uҝ)_S:guJpO
Or<tO\Ov|N)ҝ)YoS::t澧JguO})ҝ)>S:>:S3>S:g|Jt6çJF|taN)Yҝ)&;tg|JtnǧJg~|tg|JtɧJg|tgvJ\OlOΗ錙O:So>S:g|JtΧJ|tiO
N)YS:gvJN);tѧJ&}tqYϝS:s>:S;tuQ);tyΜOΪN):SJgn}t}])ҝa)<t
O)Y:S>S:g}JtۧJg\xOηq)>:SJg}t}Jt执Y:/SJgxLs%<)L饳v<t
⋷x^/ŋx/^x^/ŋx/^x^/ŋx/^x^/ŋx/^x^/ŋx/^x^/ŋx/^x^/ŋx/^ȥ>l&GC4tb|=4wGh4j|>7>
Gá£>
? ÐGphH,|4O>
(GÐ4,|>
W, 00h(h4t~
ãGh&a>
CGpd~4
1 P8h>P?CG0XhJm>
7ԏHh4ī~
CG~4
9 P~4
G4|?`؏a(hy>
=ُ!h~4
A P8h4$~
CG0Xh44
}>
GCaPh4d6}>
O CGah4N}>B }==W |"
8`0
0`
`0
0`
`0
0`
`0
0`
`0
0`
`0
0`
`0
0`
`0
}n5DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDGU}l~?Noܛ)Ghsܼ~an)M,r2Zɹonv
22s)
zJO)3)mc[N<|獎:}ױA#Fb1F#Ĉ1b#Fb1F#Ĉ1b#Fb1F#Ĉ1b#Fb1F#Ĉ1b#Fb1F#Ĉ1b#Fb1F#Ĉ1b#Fb1F#Ĉ1b#Fb1F#Ĉ1b#Fb1F#Ĉ1b#Fb1F#Ĉ1b#Fb1F#Ĉ1b S
YC!d2
!CȐ2d
C!d2
!CȐ2d
C!d2
!CȐ2d
C!d2
!CȐ2d
C!d2
!CȐ2d
C!d2
!CȐ2d
C!d2
!CȐ2d
C!d2
!CȐ2d
C!d2
!CȐo-U ϧ:s
?Guⅻ¸p.\
p\.
¸p.\
q½{
p\.
¸p.\
p\.
¸pp\. �\?.
¸p.\
pwU
¸p.\
|]W-
՝.\
p\.
¸p.\
p\.
¸px;on;Qt
aw;Czm|Z ;>i
}Cf 1l (<q>xCh<HL}Ǖqpiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiܭr[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mV4
M4[Ojiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiii
w¿m
V[[mVmV[[mVmV[[mVmk݆jګjjګjjګjjګjjګjjګjjګjjګjjګjjګjjګjjګjm\{?k4$M44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM4忚?owQ
wS۸p.\ѸG!5qmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[[mVmV[չmk,M44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM4?߁@K44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44Mm44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MMӤ=4MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM44MM4M.iiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiS���;8w]qwn"Zv&ng-XъPu:h]X7Q]![l/D384fTW=x
|yp0t0:
wZ.C*¤
rofN4D
F[1ҷHH,JXK+nI{XNv
HW?
bTȡ$`\�Еၩj(U` E�R]h29C9ɽ'㤜tnҍq7NItH'Awؼ:Ǭ&I!~#?3>Ֆxcs|qyWC:|q0WOLR҄_I"?j}b H+Dߎ={}
ٿ !P?/뒵
?/!N:ړQG3[f=<
oe*QSiF!>
j~5
"++H;HHX}ߤd_!wJ>8 l"|n
fVJ59=Oi&1β+WF]8w
ogˏnH5`Bbb@g
ĥ#MU-Q;!Y
b.yPB8sz
(
Q|b~V;8ZkOPhX6vHg%/TC.\3^!{Љ@ fHX'(<8R;_gn^?P?,w>t?=urk^ M Rz~xN {_XVe0-~=Űu?h
K:YCg/A|B3F͟>ײ
'!-v: Bwca[=̪N?jxNy!aw%
Wk kK%QIqt_Kz8э:8
a_;R
s4
JJF2w
pz.QnEe
-8ʜy0
Y+?
}!|ʷ
~Ms~7\
^rBƶ4nKKjzyɒZjfM*Ҹ"#�=R
d3 *m;ll̫1(%-r##$0o{O*@S0Q}OhE/3
d$ V;
l -9tkI45Vڗ"
'\_, *w}Wώkm#6 DSpCXiBfLA&#D`;&אC+l,\VS4̠*
]V@GQak 8}MYpC"
3c|{<6Nܸ
&n.VOe߰+HD}uB_@z%vҵlN
h]mh~\LT2F=3U>b$L.
hb K|v\X�
-ss
Ma~%enŷMo0'1JO.Gh?
/ڔyuLIՄ"`.\G+7''fh
o皻/Ұz
IU@+^
d*ѬpK
8r?֪`vp\|Bu meilI3}R[`Du^WB^S-\*ʽFOGapЮ9O"z$
37T(Æiu`"?Lns{J 1Kt1/:jʠ )W+`Z5Oh*q
&NMU
9x
U̓aD
.B8;Wy~D-KI,+xN ٴZJ|Ĝtci$Bm.j-9ZVI_Ү'4WOG+jmʷS%=戎Eo`
q;AW1Ș+
2
5<J?O
M!W[o?2|uw{`i"P
Lf,O3~<?W
+j֩3<xbQ$z~6ި$HT�{og4kk JyǴP^ߟ,v(-lSΡ<Yò
Qҽh U
9@ˡz;Hdk1wo 2|ut_0vX�$
Oӱgͷ%Zs |
in#Ym
2un7|>;VX'*?ݻ/)Ę8Xa=1]ha
>� d-f%@>zG>
IAI{,*+\Ҏl
وo
T.,\;]>v
+:
wi-TN|�4
`)%@o|^{ ߥ'O@q8/쏨{W(GE2b߷x@
s97~7YY
`rVx2{蚩wu-:') -ɖ}]K
|SMo2vHĘ o6U1SW҇lmp~9 K8;q@sg;Fc
AڶcJ
�FP)6v|r*3XE>1
,
P=KI&`} ͛څt/(xr{
?+_W[p66
_)X6HS.d+XwUcJ Ό-QOko
'
@1Lx|+/fߡ25y*
azP
@Y/77(.a
kqy *zF[*m(/Wq9)Qّ ZCƟaSyxc(%s7?O0.}~krm
ΰwB^ɤ[r{WҼ?mLm BA߃bzʌ[RרaD,,L xZYmҞ
QGLG!ruF7jT NS
:#
fJ+wqa
/ܽ>CS.:*F/]ёAd"zg
m"
OB,&+Z,@dG=OW ϳ65P&F3攳T1ؚ,RtRnu34i@ٹBkb>DZ8ڟjOmhB'ʷJ
R"(/k�3
in^Ǥ%o
P˲O`I
9®,O%T<}Q(Chy{Ϙ:A-7i^?5yxaP8܂E'n}8ũrV
~O"5\Jjq-hYh_
` 6`DFj
*l\䑋9dgZZݩܳT<L&MN>\4O=
B bctV Q*MG,JJ>3Uѕrc,J@ߒx-ۘQo
~*3o
^A 47頉)9E)Cq|,
0
.QP
8n5X5Ŧa�_ήc\"Wq}J"ͩV聁-}J6k{_Տޖ{ ^"
j6e{Ff�{Aa['}G
ڨE)x2rܯ]ҳ55|4ŗf#;Ml^J
XD2˥EfzhGo_ŐHF5d
\]VEB
}1zm UIZ^<L@Qh춗
YA#W
_:"9u%s=QȃP O_Є
3.`>8g2/XBbJ|.7QzM:ha Kya?P3=bڲdBF\_>ϱ@jʍ,P,/
2lo|pC?k2|>ՂϢ@ϱդUĽCך
?_ݗY j~rO�2MsnGM!UX>bwif-Qֵ;82dv;E$Q8V,ؼ-Sm6
#P
h@)uMI"w\݇+v{4
LlY?EwR
`0֗^FO)xIgs{oנw;9ifQ
6m}
<sƔ`*NZho
a?0LD;%|!c)>KऍqGT6;S!]>;Wk 3jӍ;A}Td_juc
C 馦}h|=7<$<8X*oM,J_YeWcs3d}6_~oՃ~djTme
h<P\/?
:.rg2)
C^8)
^<KH7
bNTbw
Op˕
=U6W<-ILoV( .'?՚FQd"Ye)uCbh 2Q!K%
4/w:PiNc+w
<<rzIL!v0pS[p=!]H:d;soӁ;
+W}X/xM
B<sa&Vo<ӕHe8]Hd
E$SV
eQ?
In="m
wؖD:(j[q/i|ǽX
vhFdd~JOnepWѳK]h67w( *ʸ�eTs r
$0Bm*%
nJu.TWYf&_VG
!ݱ%KkۿьtZV $`H;1
VӤ\w?5
i}]Ƥt8;7י
b-fZrAZ(d
ʞ
L'&,QafL^i1W36ܟ
J-2*u
3 SP6,;o+ "߄PfʣCA (T U5(`ǩǛ
v::p,KR1h|NMjnn AEXG@srwG\ݜqqV)jB w2̠
Aq
�i,Z&"WlUc)5?V;NI2]g~!E,*38)'H3֍N4?BI
u�+O)*MvaChp
@'f֏<JVM1%z'U~w0
^β*4{
?u:Y{F~c\_cFDTV{EЛ0a$-
)5Yw3gߗ
,{`tp
I$).\O6և< CEd< _@0i|::ro뷏 tRq!L!KzM7}sH
~>
mҔ
ŝob
e/~i
*;lM-?xr"U`Gоwh6H""e^}i
]$6
>/(]ϠH 3٢}<`|\°'M,"BEXv"ϦtW;Qih<7Z91
|�qz!}CNUǠ
EmVGHݟX> dQqE(:" åGCPSݚ\L0 5UTbz8
ٳY(
>$if.=\qy
C
1r1,`pg
zg/cSt+"_ܗ"%z$1 op[@w<Y)_kv :
y1 ڔFN%bFPhur]骟E維4ǖ2RҁRf] EC QAlt@0[a6Z\x02'LnBvhk+d5BI,%k~S1
ֽu[;i6<uiv
hi_jnQps<s%n[ 刅pV[A [b!aѺCA9 [,+a m1+( DqbkaBZКPOj/_pF] ?bHPQ9.,Ȁ9
x2:_/0봏
<@t }_FV
7`|8
7Dz@Ѱ稦5Jkl
-x~3䲼c%'ޜ_+@i{D?B�2}elv`VuL>ɛP[<ү|p,�ԟ7^`\(
݂W◝dO$4SsⒺEAR
n:
}Y></qNm-bni6Y0`.%3d[yyi<lfv'qp
@
3{Ap:3>
'Ӛ)vP`}LN$3N.
C#PA1j d[CɈ
^],šU85f_vVZTdUrNq6Tu
P9ЋC_
e];yZWLm
n.(ڋTۍQ.Xe+
LlVYrWڟXV_o|鍔_+EV�ݚOR;$DƖbu?9 eWMR,
.uP ~7`b 'mnlH
ԣGJuX
¬y1wDn<+3,čJצ^z^U?DIY(/]sL?H{73Gj_딆)Ձʣ~
n\;z;wՈ:ې#Dʾ! Y
S$+zg3%WG
[3ݻ؎0M
\noG
9Fwi3?YmQGV7c{;w~ (C apۇW,
*: \(ֱ>|u~L 8RA?% ZfJ 4D*x[CNoۛߡ.dMu*G#9R6Znd >R7
U %g!b״!sqT
3m
&xڇgD#uۍ1jRL3גbS)1$38@-B5<
HZ>
@P=bmW"jiDOo
#ȇ~>C3rZ8ԡT%QphbJ!{fɆ1L驢AŐt
w
7YU$l
BYdp4?IoO1f0PxjOxߢoȠ=6*DF V&$>8;`
tML#`fzp )&̹tM IJ7;
<lS6Pn$j
:6c!.
w!㨻-)KB d9zkDotl[D- }q
Im\.<8
햲~ZmvS9t
+&VȆ?\Q$F
S3Wucl?`
4 t2Ç@+wD_ŧ+(˘!�]-l"ԝA427e8#>13U5g urަ
ϽJ/JwloҰL[ ]ct(*
,>K{НE*b5"x{JvCǏ m|ȲXգ
8'`2{
a}˼1.CGH
M`Lj<^RDYth
9M4Xk BƬ|. RA?AEY^#K->l8PF,9SB/[7&fGx|tAP;.g!
אy{-6
b'80ռаy+ofs M"lt!uuSy
UЪ*FoP3�Bᦱ[Q-
g9X�^l-k(gD>*`S(OT*jX
ZZ5I#@9,Tw]MSwMhy!dݴ4wx'zhPR
;[u1rܰK[Dv#ّf3#<hȏe
XQD�W 5tJ29af<XCֽ&F BA`NA/ܟH r~-
:@#'Z 1<U&vɬ<LϩKm2)Yp6Dgv;*dVRX9ⅨFjz.1ruĭx;doPmɷuqqݛZO
[_)
ذ%y^;yjp3
:}o>~WR#a ZgnV4Pll*]ޛ
&Ft-)JIN>|/T]8&dLodK]FI
JF~�达!+=͂ٙZ*
{;ֆGgeg͈Fv;[Ojzsu;_s*wdp}WAI@0p
0
/H@̡4@71VBr4-�A:x.mu
Վ:_f
kL ߀E
fF6CAQ٥nmsds[x^տpSJ[x
wڿv *mGt3nD۹Ǭ(\Vyf8�*^qqQ
-
pEϴ)jό{y0A Էf61hH:3l
vQdxu�4 |Ai$':+ Cy
e|3ǂ0,9RA(wb:A@
+vC
+TLJlR
b5N#U *o{w&]6cŽ^�{ !MXw
++ߠ3V
t焚
udi|N,lvR0UY�wzUyJl!Kfպ
ɷG5tF,-;,FTav ^
R##t)N{Ê<rb#ˠ<W塻"##+մt=l/w
l
Yv!$ךfS¸u$2w4Bji}3j7y4T
]?z.i|IJJz1ИTv1FW\]}][iJD? GnA7U0)*3^
C]^{1U"f40jUi^ f,
1م�W}RJ#ܩ;
ƀ:Gi)wΌze0`r?j!^lv'w
t[]ZW
L!4
gp室T
N)vr`<
4Zs;XL嫻Q9o{'=
lF'nm"oQfSQۏrWy0ݔ
}j&�ViM',ޛC
'hoܛTbvgEԼ )XyW:DCIV
7ޅi0lWqS)ͦc|L&|Np<I#\ݦ&+߃zr<㬓,w5cSb
9G(z$ݥ
?4/'
<U3dqM=.խoX\m.?
%KqĿANEEHƊIƁ[\N^Sr{h={֝λ �B`{<W@Wu*W[Eʇ&P~Pq0ux$g
nC'0p%a
3'i~űWzP1rv?
1w}OSn< {wyI<`rOi+G稬kjo,Gؿp7uB:*8dcիrM#\*ӖO`MWQO~Yi2 +:CDcLhUdgfgn68i1IՒh UϯOҙ
Z?Y
3*IS=rtzHg5|f
%QJ[)7KBY0V
0
3!zK+tv
V%OA1nxȼY ؠ--:g3tB\unpZxL3}1NÊղL]{ �ctxɫ
$
o =o2x ߝ
ꀶ_xx
l2f#mk^rbz
`T4vyy?{n|5Ӹڭheε5ϋ!p?f
)ɕČ
XTg1A~dP7
PScQ5<HydkŅZKORMʞF^<
o<
.
)scJ$4$1}e/px`
?/be.T`p[*Rڳ
Q^ FYh35?g
83-v~a p
Eo]潅=c]
1naPnv%ta
+2%Z9%<Կ m߮<7R
|L"pϨ0pCy_^t
s
ܶh
PIu
.4̈́
3N
*~rQ;@ry|OĈUlDWuFap#<XWx9%h;W? BBr'43%sf.$f7#
a=Oșq|4G#̡]&m^An騢?M~㯳"iGʞ P4]edcL 4;pok[z3joZ?�) ]XK:q-q/[OC|W]Mb`P
A<g3L#P6j6i W8#!=^N*Ŷg3y<Eu}߫ߟox/+/Cpa. U�)){jbBIN
I*WA,oP;MWtQ:
|4qk|#cpb`Q {lhyśx?IZF9V\@ {
L
oz)f�\PXta
v`0pRXܠ{By:V/XRܮY Km)DTH{+
BYQ m ޏ/'6v4n31/xq
DʼnKDjH�. 4I%B`a]Gg G�E
?ey(R;`;'MMoo &ť*܁
=濐
K特쫩bY
8 b`<8ԩ l鲱T^9;
/`7ݟt/Oy6^5/ɨT
"?eZs{
ϗm=t[n
H|7c`oe:8\=Ͱϖ,WAG7hnCbDq<"
1Qo|&YޒHq|&upbA|ܵ
~R
%)baé뜚}l0
[]#vآu*I8ʀuTz�e,e sڈ䱅gX C02{\_>w@49G=76PA3ް~Ix19=a1v;d]-G
%
Rt4K|% }db5-
vM9XO)@zX
ʪVqvUѸͩuT
[êztCRk;Qw232-G`KqN]N:@fb
nC;$+Q'Ӻy҈q:
VX|QjCaCC,ʜɗsu%o^G
�8P=di\Y45?oD.ṯ:䃱j;o>XZӼ/?KqX0*P"N&YU<T;T_
b-RN*[3j^Uܝn\oW{{rɇzL5ǵ*
}3b
d~QE_]q
P@6�-G
V?>zd9)nj"b'rFACDɬr}Ш Ul+mXhC=ƺ겛8hI7.PS!>@ǒ(Aj�
X6rBg^ .F0vBfiaRjr~wDDȢ MCtHx^$lռ, ܩZrk
7@Kyw
jAb{
ܓ`'F$9(bTdcf:s*@j[W0Jy]J9MTtđCI\UNY\ >d
w+e)P[6
@!_uenنJ^t-|.)dݟ³ĩ@l,2
m%
u
�rJP{ߥ휆7
;1Q_+qw:yH.r&,:m鎘 ,\WHp_{DH^+kYP
[4
ن
:2Z>mw
!
O`R2~5z|L&mf0S%6-sBl>CR=70j
+Ӎ5tR_%HkգF<>V8W`bMY
lGu/#Ch<nPue0$j9¥@hZp㉊{4Sۃ݃mIaQAټ.w؏Z
]6x+N-¥>,PRh(dqKUh({U+O�-
ƫ^rxz*f#7@aT:mRdܨ
g5*6
IŦ<wPJ
vu 7HZ=(JUŪ![S369
.,Y
!svC9h0\o+TXgQ~YN80b
gX֝!t-kY�vT0^2ɗoؚ^qd@t(f<3*yIf*oPؠ]w{ܐ.
sNu;͚Wɵ|½GCrooLg=h~(Vp}{vΟ{ZKTLAX'ТDC
*"|>_GqYju<m1S-մ
vb-%z^SWa
/ p6w-*m۸Ν|iV!V9l\
9۾
N0[-1(E)
&~b2Y'}' {.oGc
i\C .k C \kzc>k諾y#MG+0Z_Uґ-؍U,v`iJVMղ5%SVg/ƒdTQI*:j79GR>w;3~~A<됉'wwH`~ԂQL??C4^l$f,e)xfÂEfhTqAka5>q:Z<÷RAM��ѡCN^04e?
I,كz)_Ц
8<v `?ziu|4)|
}<0 ):4笱23oИ
-Bl4J|*5zGs6GN4Dh+n+b*nѵ؋<I6a
rh1䥮y+wUnKO
/ȓ
o7vӻvU|Z\^!My`^^ԔDE6ꤊuQnuo8aqKaje (4eǪ\b7YTq`1B2n:?Wɡ} kA`g�D
JkV@knsL<5jRyTF / ܮSƋ/x堻won=)kB
v<$x@*uL=䷿Z62FmYV0vVW-Д'nj
\^ =*Frqo0}p-
ftlg
18;GpW{c;B`ٗ Gߥ ?">�逄2r
b5aQeWQ
>~7DI
YWrƀ,#-YrmSk3Bi<|V`5n|fYu^Yj`>mK/|8v@gσ1]"8kvz Jk6ohOE@BAg
ٛ̈fv&ww'Z|c xI{T:-4Cՙ^|oO8ur{@/}U !:NOt3&M|.P}qt
6^k[MMP]l32zTng> \IdUp
Y%M)iqg
.ihԖ;
t[Ӧ"m
baD/%ն%bu.n
߆/uyҘ$ `B5]#(uc%&>w
-a
)kc?>mA[Zc1Cq;`a
|6t
/<˧XAV/2N&6B`
57[%,Rμn2;X_
{.
|^lZ(
R_
WcȄoi/u{Dz2iCT:sgm0k&Pm
_ƾ+GE
{a~Wuvq
@
_Wѐ-En}
h>My2
0 Maӟ\gQ˿AϵacM|7/
ȏ&ܑW90iby.1{ pvLm\q^=z/*Om
7[+\qd/Zp7
CkK.ŏ35Om%eVNw ?/}ߏǡs=݃p*GfBusT
֨+`;O&Iǵ|{@!pF3T|ţR*O~ԑ4wrp+15Do[@<4EpmMa=e["~uKa#vj /ZTQ=o):@?{F";Я!=) m
V%`f0'>|2*˭T
jop9U"Ӊ
5GisdpeᐅzC/fkTփR%X� Um|Dg4J�B`,
֢~Ky2r
,K͎jǔŧ1rkH^̯WJ_xެ2=Ue8mEJr6K
Lb-p)PvRHWV|JC)\KwH&MБn�USr&3Xغ;[k c^yP5@_EB] ]L*\ݛ[]Ѿ ^=
o] ;O4h
@ <
*)tْ
8QOQ
y9$3MѬcc4oAw_}JOZ)%IA^
d@A6
kxcA˨ðhpJ@|A?j9Lm`(a[V'
@Gm7O`ÕmOٷ>lh
9[WqVh@M(~}:~r
P A0{U%{:O
Ŵ!u_D
)n9-98i0ޒIon/U834uQ4bdV?!:gڨYk=#`)*2ش\GE
xqUw=@``Sl2GRujsHbxf9$!OJK:FIDO53PiF>S${c;�ckLeMY>Y3!6VM1VݧfIo۟L*
\&h柜К?3lz+ǖúvT1;Zo{84
,G^sAUVl8֛nNxW%5| \n%ov8br48g
銖
fKgcfp)CJ\Vs�}Nɔ,?8~�
v6~4Sͪ _ɏv 3
j9
/I@^l"O:'_^�)
Dg5; [=@hoc.By�'(cg)u
lm+_͍ ~\::+'`$ܬy_%}/܀H
VJ`�\ۻx&{ߙa)XvG>kς‵
DZ<SB9mkCLu'r7gؾH1 11Vˈ $r_Vi$<6BE${j/ N|kfZM:R/߽DTbW4JyȮGSx mU[vޮS(ȲĔyͦ
QܨDPq}F2#֪)U#*{8ğ4\4
$gZq_(.V7
W4*|na
Յ!ӼӠ
"jj_zLҜm
=ZufӾ9+X;z
z*_S<Y2. c]Lݰ]'= nT$ʹk
I(0WP5-PZ#y
ife[Rllt/'FHBCK`s9+(zYzhl
FEtfĨpQVn^f
SU#HwgbWm
buQ4~u
a>r+%Z9v&GתE
3pJ.5r_ DsoiA8O>xPw@9UO*狤qG34zu'2uX*j^{o{c
_[t$9į�Riw@ 'شO4k 9=dO,ǼMr�#rb೦
weF U)Qi
_
]4
2!WC{=+K(q :} ֡IC!OKamq*=羹E=u<g08 A|
-F?طA7vF,óTQ#61qQj/#i GVrx
/>a
A~0t˲gPqsզʃ7/
\&sk
H
ג0Q!f6i
YM
vrסkֵ+kz
9Ɯu�g`*IlevԖ8wZljЩC܆dBdSdɬVO
U|]Gh#˾w)oMV=L79�
?A[UyFuQ
R˺
z"s
%i)T$hszyC| O`+/̰gX&*N
bCr[biv
c\v !hĖW9-VΨ;T*,{'wnzщ-G8;<"./3
cpw-U+7a caѵ16x
'!naB'ڇʗ9/?O;y$QM@ĭeTf+OH?^jgCIΛhIff
wܘDw~MZnjdgBk:["0H
ojH3l\JJ
ĺoZjm.6HlxْL\iHLLj݇lsw,m? ]d^x,6DPmٽak|]s3С12`EsNښɕ(m~0XC*3@{<L] K J\
Z
AvPkVbP?=>G=wÎ%ɾ!
C ".E36Da_^�lGAZnkm{\u
~
V7
GG #*qx_^cBoC)&Y>Q
W8o逢ʛKE7!㷸0X7)rwv)dz%.څvӊ{|S;L\4ZMAӻb=8KYvq}])7I^[<`տD8S3^0 -o0$>w١;Fɤcһq
VRӸ&Oghzl4
Wd~3]|aHLnF|FR/ղuiRf"P2MU3*0[4
liZ/
{5980|߯Z8}2k
d 8$* h(gFXz}=D(t.h3rv2'g(]!YڔlGDvgɃ
ߐ) M3,Ѱ66\~<
NP
ݱd2Bw8Th-P�4zˈ(B+T_H>X�"nGi dKlû F
*U%�s,
A<
8� |vSQ ݟ.&*V[K9x/V>2D xmne
c8Gwq#&Am U.7ӠkfxT/
zS%H`α_E/0m#p
e4ӀسW2|/H0Mrr la\¨Fwm=ǔ[Dvp{5j0Aì933
gS-#1&f:LmqF wGԍT,
)XTaz
R/\?yn}X{Gb$*n
3x{e<ֳ^*CZbhLT
ޖ.aCw
<u^?YO]Wwӽ
\
D2HM:1p
|r`2J�n|O6G
y0*+D>|
^O.:|oЧ*c1roW/2YLpNO+:q-
N-yfHCg/MA&}#9r~<JCΙӬ)iI2�~stueC+H] OޙdCZn<ڄe;{|.N!X
VVrGg0aK}>dLȲVyRnuik<Ey/"8:OHj4f.5
wMy9-Va
70
p34Buf r5
͖_\H %<L]vqq8Jĩ}}i7IeiRw-.茢I7:QhH
݀[nG�mPY2:�8J]]5 W332XUzaۡU
j9V} [ޚfXlEkLpP
>$m'gۓS6!_~ׯ
Oxyg5Vc""V8,�oZ,ksћz{E.EnV"Ui٘@=Pkpz%Ra)!?EVTLoR
6cV<x+#sPWJۻ|?{3VKFؑ1
f@6cΨ&n
Nr>DƊsIpGݱ -$Uig]
]rCpErFWufKm2C/c:
&J*7Ux4$>f[
*NE38Yjl2~~V;͈sGz%Ӭq︐gWKԮr+Եn
OƵh(`D
" s.K9yQ<ki(
ljesQ6pj
pIIȃX-' *5
<?>eyVqVbSX$nFdw<|�U?ON 50y
qAn8u^pi~6f^z;T~YN#c>$J
FUT
T%5h2 ֻ0^{<9O/
u+
tO6TΏ'
<h/U<~4)_f
;%m
Tw8wJi<^۞\kb'yMv~p`]aG5* `O۰5
&W&|FEC|#m.>
y@| *BЭw
2 Md4SNk;Y
o@((VHsM=U :3U#0;l&*x [
ǔ]EṄ)d>
Hl)_~i{x?9Tx4.<an
Q^I>F
XgC -x<,ᆭNlC-
K.φ:rS~ ym9? mȧԡ7־0zAq~B}9C~
7|cܳr�C3Ƣi/.! EnTH
MzM,B\DtzY5罧4^[;oY[jcq[ky|Ƨ_Md+'_:A."9)XY+Ɏ_r)n&4r5v +Bth
nnoHbs&N
rP%4U5EQ:GX\.~3`;1bx ٠gy` -@p62.<
�clp7}*]˧/v=7fTFp[ Iޚ$$%l*ׯbh%6'fA*
]%gOiL+z C:e+]AL %"hi fDE:!|!HjǶǚ!@`|c/<,Z-j+J
*iĂĬC�0"Y8kvK9 �$|
`@^*2%�DHeIɡ~`?
w$Rq#
}$o
|]z
ޤ؎f'%iF<
!A\"
#59! 9-X\5,Ē4J
իDX3B
9*�"kr5bY=o J2?8:q2^ g
O
_
M,}Q1'4 '
oTt^~|K#=_[w
p?1b27PXWXVh<ڟ!{}(_#
y1-ҁ
CszD 6JU/L_}k/apJ�OPHٲj
Z^?+kdVY
& Üvg${2Yt
rh4muUzʎr
3[NB"KܪAhK`B=
.:*
\F_5[hif2nc9YcHG Yuo/
'oEp_qyKKV+͒
@73"
ɄKIa Yn}Y'۴l0+7r
Gө=п.Z�PilMXiˣ0
?<0;3
JgJkǹ'+QC!~$
u5Hj1ܨ`֮u;*L$KqE=e2U\^Nъ5<>*iW�VPp6ƾ'-:Ӯ sᯠgnf
sM,ym~jWk/JjyݣO"6.7y�Kw~"L$`cW/R:q_9q!Zym
<B?CSg?߉0CFۄ$YE3|
x
Jꉟϥ
;
Yw@S
s<{`_Zqwy;lmA]>? AJr?[okx4i_ASoPr>Kg-KPw߈l@wDprth8\
Hz7C~`;p1
%E·&|'@EOA`вhȘpobx
nh[Q\6ܶ-Lقτ;{r|t 43�'wר>J\AB!+!Z#a֝e?i鎇_nE^&)fw
#
:Ҝ,#W
E3
}-YPyhěO>7I
J"UD[kh7W Yi
4V\UG<9\))
r?
4/=y+inWT/)$m.G^W.
KrNB u99G h/6CdS̞?+~
>٠sT? KLSఠPw0<"@G&'Dp|@Hd(~m|M H<-IcŒ;{>.U�bC \k۞Ru##8
f6
HXSˤ3NHEu8Y<n?_[Gy>e<p;;Q\Gp_Js9V-ǧ8=Q=2Ge[ 7^
t= ݬWq>尒{\~yH-ݫ(YuJ4B
;
p)i)M;y :Qa
#~N-DYWc)EVӢ
+|+R[{ ܤ<@~',W>D?c2t{\Ub4Y3AnC~idέo2Aí+S{yS?7 fVFUE_d;
eca[r
i
i &989yL c^A(gy'ClЕ߽ТoT-r؍d@hERR4Bq 1E;
$_05{,&@;M?v!cQܥȼx<rNA']˰C
;KT]
Ҍ4
Q^jO.2%`EղL:.*c*^H Ḵ*T!#E\4{S!.ȼX
֙b>TػϹĀ%eb_
5cFڻ]O6Pw'=!3@* X n$ Ky\f|
P el߳a7?UerRM1KxzʸZzQհYþU*|>
d69{3@"^S*xɅ
C5#H=TJ5q}eJʢ<N?z0
Nv5
m
{Yi=^8mz0U79rCH;5
ذ[C8
<]R-{DFG~Voe�~$fuc¹-E6o~_VG
z4OU"q
>y0m^TkӪ
(ϫ<FX5l}]
_T 6Aڏ3Oerr6ܓlkt
,4m̭m(:Eh!re3GAwhaѭ}tTsb[{.3 1˟.%KV
Aҷgɶ9b=g' WJs|%=@Cz8~BY0QX1jB߮g(oITݡr$13bup.ܭ+dNNڣ>A̽
`.}%+{6}27^<38kKDIіZwIQ.a0({*{YQU^eHmdϛgMqXQO
6^Ea.K44;WIt&ܪm0,;
;i
[6}Y댐(Ag6y{18@"tWkufF5SLY2̔JOOc8U?Vm8-MqaZ &0d7oA
cPWDPG5v×`՚|s_vov]@<+!,].�fQK:j3ZYCA;?טA+@As8
39TN=&*O\ tf?}p̩w` HP?m/M2-*]|DWg$p$¸TY\e#^;TfnM1u{>-J4Sw=eTҪ/7)nH`L
�N9
V
؏
Ox~VR!]RQV3uM
34j]{m
%
ƣ̲UDxQ"JͰ4
9ѷ& h܀YL+6z0
A60Na
Lf;
r{s$^]C_h?0ZA#A Јig V
Y$0r:۰
fqJ.QɌ.Q#a..37T@/Mjk
6al7qdޥm%_f ñU-LrUG4o0iЪ雛ZZFТsZ7|g(&Ƚ|
b(!a
tM1)*l['U+ui[*{G�|k!/p> cfzz_<%W�G'xP!w5q%sKAvL0{x?I
nQE+`g75
ԝzpґSp٨w}$\dIRc%.`;_<:IU<#:XL'3a(
W.Q!p
v
φwh3J#v|
ҡ3#
zW
mG`xn.؞lusᱸ9:<
ɡpkg
\G3
#)3NԻB#+klRZ#ڥ,Z eLng4"z#VLPF2D3U9PymVu*
UXW}V}uYGP ѫW/
BoCIؠc,wL11*3 G:=1!kAG
0.6*{8W4 ,xG+64rx8XG0ErCf
E%uL;
~Ehm{ɢ6^;[<+/Oc γMk 37Y}F}4HULT"gP`6~
ŀh<,cNo"}
s�q+{D6QBIOTHjYhZuX=lo
$'=
`ɡfWuKeZg
i^AO>mqmج$IK\Ad
d0Pi#kqGi&R㛍ȡ-m/|7GD{:>Ȱ8ޫW!2<yldw0`zPJVk#wF.(6;,CRM~mViAsq@fЊĉC;0FąbOL3z96fk)1Z u_|7!y
.
(~t!{mhۤ4
ͺ)o@ìޓd+t{cv]|K3@cV
rP^}\:\}qƤj
Q>7ؒݦ{h_WȽN:
!IÅДx?Ü
8"E
6riw
19^Cs
`~ntQJ?A
=WM)?zEwoF~u +HÈȩ0cV !!P`Hˌ\^DZ@WT)~&&%5N<
|681@3`9WT�n?M�W@\
Go
?9Wgp#xVģPhGĐDZQW.#ٚPTq
TfH
֪0gKEazp|7hUv2+n3X@O1e iGyu$9
luRPlŘ<p]NcKS
_&P
pӖCZU-2&yP`r
9)iL
p[S|,}
A2
w;'+$ޠtq֢H
{
0FPY5a74@QWaR \I9s$9!|ꈄb m!,61
1էS4
XtPϱqN
X(%
84@5A6p
R]2
l
@ P�8'[ 4
~b1W2e#Syp5
Ho8^Y="ND{Z接wffjL3
ݡSmYe;z$9\$+@#
{EÞ 68\29`h@@}
WNWsib
Ū[.+80
Qc3B/3+m0ux3
2P#$<F!LY</d*3:QZ.oz{;~8МŠtʦ}B7Lq )Y$e--QN.Y]
-0
"q9E9^_IH~�vVsOIe9#Wnߓ=GL>\߄
:oa*=_7eCfKO/b
[zݳ5"'+m8N]m-AƗ^k[Awj-Ukb+d/+>?KnKssҍeHW^ȕ71?66}lgy
rɛPC]
*Җ&X
Y~+$ uap|嶪D>ssb8a"_@Z͜ Qng*IIۡ\!ͮjJ3K(Z3'0NJ.ZբA58&`[bip2WgXM|aYYKV<o8=UM^Qe*~OI9
f7nA/L
UMʗ
]8͇$z %gĐ+8
jqw;;P.,0jLJ*ȷx".
4# Amo2Aj8wآ7<ʒ/8~㭔$gHn;^Q
mJ DgmB-#TKU@+JgCVx^?NB(̦:?I
q>ㅠG"Rie$Xd2oP%|t9%
=Yk/FQ9C=7_Nr.qcTuTܴu2gj4ybX}!1ۅۖFjPl*5d)nֶYӲYTbѲU9+ C-SfdM4Q]M+b<K>mX7OH"cIMkkKSynȣ5gd,QM4@0;X
F"X. UF7mU
K5C.2Z:}
-ZdU+eT<mS
Py\gجT
Cg;^mhU-[dYZʓOEjT;յ?j}+q@Itn7R9j6y2ƲtSb i>KE>x#7 KF^3hɵym̂՛\
ˢLQB"YxVt땹UJbyF}0Q$D.j&SSK#.6G+LrJhe0KאZZ
+ՁI=F4xYC\QK˃+. aYK4٫}SA~:*Eq!7S,ǖ;w~MސW^$@Xt.&Msc1yq_3O7|EY.UK
-az{2n=q<QF"v)M(B-I붵
F8ΘB
ñwLj
F ͟5�l$Edjj,:VȬ;"pB`73
]Ҥrs,'
}58dgAtc
_Lhˮ σeq^a>mNCl?A I
Xxs
OMX
g}%Fԙ1H6]SѨrSk1|BĮx氞
M
6BP{-41ۻ55q
rmB'U{~|ijgbmCJE63
3~Sg|4IDsi
fw
o5R7P ^?M5!)gz
s|NNi?RPyGkoA63@82Th
Q\X
F
vxFZOrgDmE~
ޡNGF
d7bw[]s!LmE1io̲.x[I[9^.A/{v3,W1Q
Z3:`~,т,
(W@/߅Eˈ-@LHG'\ɕ_WKC:3뵵'#gEl&`oAHRƟ?Sۅo2c:M|^q ~pMu+cL'P7v
L ٝ>WKNCg_;9+1!(q_@�GiU=%n]ViYMb2ԲW\JG_Q4B.
'`'|pPWqV^X!
M5%_0&/ (X#7k*
U4y
tgV'Ŧ(%wFQBԥn#Pѭ?+U=! [[
.5OţlPG\mYq�tB8Zl9x/TڜK=FUD>
oYș0fܡH]-EU2joXmX^"{4`bE_0p
q-K"ݭ*=H?
Qw@Cw{Yy-RN@?ߌKjݵx6־5g/~6"-b;}{ 3&
oRv
[VCBAt{ۊP9
[}wcCֶMF +Cٲk8ʩq%R$L[s&u.ʹO|;`z=y
.du?`
],*B 4!LFc�2I��
qc9y58p#\.VѬvЃEi
"G
2 W�/];r9\�0$
i CFk)8ghrj=i|
/_LBcۭcUaI>N4V²jo<mbP>n
eu:;iQ
n2"9Y(J8!A'!5ݥ >I=ͼ~GY˫36=6/Pcd{#yR
lF'
ЦbԲ3<T∢=wg~|J)([&Q<mj&$lHf5i1÷͘"<[kr@h|`qG;U,&N,e\:
SyMui٩=l_qܗ/9դ(Tb]m7JU|wػo۪R!,yF1]N
vNVHF#
ۄDCiǶ
'w!` vmH:ϰآt[A[^wbSXX}rWCvG/V<py>:Nˤo+/~'*3oޑ.ձo ~}
B;+V�:9߂"bF-j'%3) jMJ7\=-W_0I7YsꜟYUD2[r~>L;/8ۀl/u%|7
rjDO`qxsQS*T>֓UOfrxY琢:S[mҰd1pbv#{Ɵ)(UU,t,j ~rQ
h(>>_bJqNŇywȹV~B`T:r}
�
W~-yPNHd]Qe4L;fLz
2Dz
U~>a
蜥@1( /,fA6_V6 <EIpe:}?%JژzPK}.+)]F_<3
""7yjtFBʀ<Cjqm+wWmA_zX/&-վ`։ ?
unRNk
;]8UKYG1>6
ewbp
U߷;k6q|`MteCwᬽ6CRnD3Ne]3a3$ݳ
@TwIO$x=}lx3>�cIM4!tq
Osj֦SN%CHg:EAo
UeS/}ѫT=sN%pl̬my>7BSGyȄ"uzd4~E
?˄̋T!_'UluOKZmE[
aro?A
A "
W
8
㍮2ۢPa\MM
K0n=
P^ЂprB pNls![0;QƘ3?�? +t|n8dt-
ᒘ@oB ~r4ka{(ϪbsII
i
؊|g:ht؝
ա㚂A3Ee6blu
u?KOXAqq(n5O̠DZNS]<YEL`ZfR핖JFd
Ɵ
.1. oZ@Rs@乭dWc~TVM71/>jm߅SneTaٰR1P /9j}+K
{u
o=F4 nrߣpmLRyeDEm8CyIeψk
fՁj
b`_,sw�}Q}z-X;^<+=ZU
$SP1s(�|54րfJy
b/MXkC ~D"X-7N.ķ.$lχOrz
M
U
3i]&汬6VRZ,iz(4$GM{Eovu
C
k|ʔ{q;/"bd/GuXml#ފd
evRD?HЧSG4FTyױr>a\ƛ'螧gZ#BzKmP"]DO,]a-
VCX?Ʌ(E6av`F
J7,!(w?7')D2mZ
*ݾw*$NQ g(2Slj
ݟh4mֱզ#kSv,!� ] ,b
+Ӭ
V4uzHBz0f&pY},Xhv ҷLDdL
(NZ,Ch
@bJs22
;ܪ$|8HXm,1D\T
8g|\bKx(5amnha4r j}R(,#ڭԌP]<DƺYxK.H(U3ό�7 fWNf Hv
?Y..,+\MPj_pڤ9fg*Sdƾ:X&-eܾ8
i2�9Ym%Ҝ
@Z i4hӇS<*ҏv @lY
4
a1qwa Mz)ٗ
%ESB@%9)J
7EqndPCx5)Y�B-rߜQĝ&Pj
f.T"rPVXjV%@^hFLl30?£�wl
z)<~y?rstBO5N
dXˇֆ27&$C|J_Ep-6I.VX[;W�bdD0}96joUXp%6Ą
`|+M=
O^V,y�` 1yDKy-5ݡKk:O:%
U`-µ8,I1$*`{[!Kk
^b3Y
,,Q;p]邳ǹnO&cY8>.J{'+I 'Rvf7F
nHhfVAuS8ā<XSn˝nY)zA";͡/
;e5f>+&WǸu-g/DF
?;ȋcU;ōRNzݿ{3:RTYN3l+ܬrEM2ԍmA5JKZOBY5Alh=p2vj}/enJr
i6Ijj
ߛFظh1xf;Lw$YPΩb]jm`'\屹hYk<FX/ÙrjYkّ^e 't{YZnx8fsn
_*bLWH{Уڃ
) Y\A FیEӁb\RFMQc^7aM^pNNj!,yXRabO!Ydmv i8Ga
EWpar˕6ߋJ=1kYك6Я3Ùz<ؑsv
vלU;g
ڷ։om9A3b5(dV8
U"fZ5P|!PlKTuf gIrpBh'ZkbsY|
A(s2Lpy1W75 R&r>gϣnۈgIz
>Ixw hFϹaH@WaK
Rf31!
z�ϸ5I
vYA--XpivzW]şuiBN)dKcQ4'Ź
nf-
`?~w
&|*3,ܶp*rjnvJ7q(-
VC!O#~ hE
;89g{͇7Ie"le
Ʌ&8rR8A1)bF`Mnl2omszt&ȇYcB1r`&cg4`|QC2M<b;(N|!/q*;6TPfs6(zD2$.i-
3?F
ܟP3"b'z
n7a)
Qvs-VA{qy{r
Aġh]0~Zh$:B'7ujtkm/r i[9HŻ)b&
K^Ôl~6<zD˄Cq֚
NPϻxvtئi)1AٌXz7YrDbC9
i8K:8І&34Dƹ{SAeROw@o
7!l3AvIʤ^�a
LzݶZ]|-($̪ц
xgӕڶ1rbYc$AZ{L'|sN+,a"F*-
JJvqIֽ
J CTVUؠ+Du=n
-HǠ릙ZF4Sٹԥta,[
{
i|M}}9V&j+
N.\{gƔ
ٶECm#Nn .{;n_DeҀ[ר`Hmh^ߠܸ;S6Ai>g°*Shoێ+ܢpti1
<N\ ;f0y\;!${XdTKk1T
B:
)9#
gη/Úd̴hD%U$~Kfʛ6XWHQ¦H .ܻiP{,6Mo
?M؛)!ʌfL:ք
商څ%Q'\[wU3a:MLڵX|.۠βIͣD|CyuBY#q*rPl1W'"v
l{,n4*Ф=\,<H
)
ݘyvSxrRT~v%1G]-
ةI"pΎ�
Uh1\7;A8Bq[u2�A)iج*xz̖uڣGۂ(;T8)%sM0&z'L}$}ۣW"ߘڙbzeAU0sv*"P's++#żS'L]geZ{i^+Cg9 ٶ^h7$M%Ͷ
e""88pS:mvۉka/b=3p@|Pr:5rQA{*f
Gg[rnUTڈ&
T
wQ([MR켊g|
VQ=W^Ȋ)\hNw:u~@]ԉ\4V6
:GA
zL}}2>]G g
҂1NlOܺԪ~E߿b P
f됱UsBG63WLdž}9mܙ8ksfgx2|
Y
D-,MnlBTLܛt^r~V)}`ic% Mfk0$P/װVՋ1Ќ#O{ؤ\yޙ\o$eECɟ9|>/bGlmVRKx
(4-5nY2ַ,!PRa{\0 :@m{EP\,6<7k
Q U}{Ín-Z'Tf
eEHv6h|Ű/栵_H@vp[.c ~{L4
jt<TPPCj
eO
gK
0Piuhu퓙U^UnVWȬr
06c^vwi )
8d 8vYRc&4W3݊
]BSTRP>,`˷
wXrQ
pEI_f7*w&jhTe2d8}+L;ae= n5B7U1
)6<j{
ibOnJQ%;:?`6Dlgwx[mB^S"rJsCBqPsJ8c]T4dhxT@jFе_;!TM{Ûy)_JJO-s
YݿO2gSx]:'8ob�ώ[Ok*,vSf|O%1V[s5vr,CPx^y $JaXc]!OlDj!f=4lv}KmBsİt-9L%0Sĝa璗&.s9G/1
krL=ҢcN@a&c0n0ZI
Jn+A4pMƺ$ɕG݂{uˇ;
-TZ<f?^
B[(#7<?ճ.b֤(bG
(1T5$l\"c^@G!Cfvƙ(˳;=4{Wev5r
w{r97U{=_fn#dr9r$!H4dZD}&lbiBtBqK b3fnlxufyIr,ί\b'ޓ(Mʭ^'N�sgK; gT\(
81ygɦ
FgE4RUj)EM.ðk:
ccySH&@;' zӟ~fMv*[a&a+E.eFptU
5j]h#ZsjWq3(}sĄP
qSBHuhWphRi\)[+n cps1~L3TmŭIXd`Yڱ
="Pl=N!dJ?&8]2E,NRvft�U^=0%k+w
`|Q,taea[fm\"֪jc(ꤝJ HcHBf S̚Y'f9d&HQTsPSLpQ
KZў֊Lm[.ɖݖֲ
KiӶٍ7P<.-8>c5$>,XSHKe5xP H.P ڶnA8s8-c65jQQ<zQ_Ǜ5VcA
J!PKU2]ۓtdf5hpAaw
͐,m~a&tt* GNuW<>#ֆ
G .}vqnb4y葪Q
tW t/oF+.,ǶNS
EDq9#[Ln!wAWkӵ!<c>umJGsyT6¡o͌v/(
EVzz~
Cdzg?|9RiŎcP&`!:aĥ6=i �cv
s~C4CO]֧;
a^ lȇ,
3شa1jHi{P<KvZ^}qY215c_kC z[l|>[8N.=vb D(IbCq!@Gu{-0A8T "GkH
0aɊ/q~,y�XbĂt:�5%snK
(\3a
{vl=
A
즙ʐ<v oWڳ⼥ al`dqHv(O)H-@ {n\
!У
!n˽"ȏ
x)mt
JR[6s*tɥ<.0k
EI֜]
0];nBw%pzna
I-{Zf)FeK|48rwL8ji
Jf,aOB ,&ڌ
<zDt@Y0w9 NBգSئ ah-&E9GL|
w"(Yzb+nin7C;"w5BvIB eLW
HB`0<Y9M(9~Z#i&K
aj@tʈ)/ͧ>(xփUKD
7R
-:_!DD4 {Zbt\@E.<)D(
!4
L43B
f)
RЄM΄aW⦓
t?9
=!{
CC*WB~;pH
;n9EU
Х,
O'FY'YDwv!@
dUL#W/d
RȰ*\'wlC8,x'n
_"hf&p;`dqg䢸
)[?;[g[E
o%
ȋbjݜ
G
tIg$sSCYPM#aZ[qgƵϚk
g ZH
qy#8W*!O p&ܓ^&C{Hٶ¡A/qgNO
MbtͲ=#]q9hn
hjK(A(@WO1Ues> Y>ب
i <IW,ى)&{D}1(w"g
<`I0@1y
K`=N4Xq;0"Zu*gv>┰F.IʉN
[LGsZ%zҦ`DJJr'!Pc2W\4
zJyu) pk*2� H@wF5ײB:a!ә b
Q\
BNE/tI=1ι̺q}xjt=ێ
IV}coIDȰ
p
c[)wv7,ь?1
j bE܌⊆h
?>dlxH/ef&)"I^KUƂ'bWf(OR4tmDMi}!ԉM^h[c 2.ʙٕ5z)R
^[מ)v6`5{7z[~B2W@MZx0H<ٞ61= -;~8 /4a1?CTWs-&x}C eeh+F4=룁Fg+
a*
H w
g,C"2I5o:'q%Lua;FܦJM/h;
Z! x3sQkZ)9I ri?Vs(
afc zA9hkplοP5v)FP
"mmy'q{Pum? WP*]W>sQ&lM=a%=
rN_B%־E=?QZ<4H=ĸ mjW`oh2,NftA>O
bQvXsjF
օF�9|(biox,/ٶn
( j{ξFo)ֳ;rћj+iHbb%"-ٺ;dF#
:枼4 qFMD;kNl]j5W�W,[:4E!uPk![g#LYLTn/}UqLJُ6f((q2!
iU0W<"
AB[u}A.
ۉeIUJ1}0A~Ne,y
]9->-<NaٚLM1UO
LwoDELא*iI[jJ[n;+:T�re(;Al?
'3 x,2
O}Ǹ>%u i
GBg!Cc}1jF{`?0@�/q9J?)ϠD4ÏEW {>k'{[`=&0髱?xӷ
픞IVGM EnO5zT ^|jǥ1oK1g]Cwȍ}qA
t}hm
ƏT'<Vllo{"Zۍ}ջ?xO>9L-I|
ћ[ 6wq
o{KpY#b]C{ȍ]|IpSzi5C]#y~'?qw?S+r٨b_b
l
wZ
hZ_.ktgp s4 ]7[oQ;[?E-.KNQsI C˶-EO}/rGoԷ5v
<[Kw[ d=_~+<hن}Ụ̈̄7^8v̝o>ڶ
mP/R}Gޥ/58Sk
+ede;O2�GvʒC
?{[VG}^6섍DA
ٽ} _S9ɜ݆hjin5:ߐ?51&~ǡRe=,ǁ�` �q�E36"�p��9pB9v"ەpᲀȏ}v\][k*7+J')
V$ox!O^e9r
�`fhF�]xo9ɒ$+ԜqԾ.D(
n
c_ۛzJݛq�2ތ<i']nn2Kn<ss\r(߶IvNM� #�E4G{w7#n2ے1iraۯw{Vo\(d,Tdm)lҖYHd~P "
B2Ĺ'AέKܗ! \G.s'Pw
قi
#c3~ 8Ьy
dFXCK<?0H
nk
:
rg){KẃQ>-H;dZ_\d߇+L?
s9}%,yG
G9.X⇹F]u;KtּH(
IdC
OV995G@,W@MA3>F֝Qw6CI:T
R+kxTRwh03cC䮋03hD$p.C*LYE*O^V~#zMd ,L@eDyxtt.-Jp>XE8W!k~aI
.nqJrB8�Oɣu?+Po {QTDyVi19ǨY}Xӯ?[
aó}+ojw;icTDuphqӟ2JԯN>[
$ߨ9>E˚_I
f
c.
7 3s]s9QP6,%~Pj
O=ԙ
(79+)|
L�99M]kQ)%N=hnPYOrq
m_
3iaNЀ}NXهoLSZ.Msln/WNVѨZ7hN
I|7"eHzbhX۞
tTu8j4pJw/_
vʃ^uEV
"fL&q#YX
^DQ
!MDsrÑ@fYNsvmof=Do;~Z%U ;b;<DYQ?ֿE,]"rExIGZɽ.+,"n
'(|XMADUL21
+Q,
KVzICݚCtfVUA7!
E5)
ӄqi 3SFJd
gdǚuj
òw7Fe?QN҇{$
D3VwG;eΧŃb
bdA5~BR!4R)ь~
|w
6UjȌģJ6vIr M'8(RCh'ՏT9G9]_NXb$Q
ͬ(NM
BDMdr?ȠI1 B˒q<e5Z#=wl4;NXSj$kw>c2Yr
mDJ8} +={|RY?eQe[M<swC5|~^HWAgvG6dɈupVDXgo
5y_9Z/GR'kry|ˇL!ieԝ҄R͒dܽTyt+P4Y5C1
Cq$FS_iSQw'Y,4ŜQdqeT{3w
a_
n6
AKFm3>p<b>dz
p
/98:zc ͘
n1=G?ɝ~/Q~ƿeȉl"~wf�
�������������������������.`ZHNz龦s,_I6>]w4!Ꮶ<oj
m
D5T_Xʫ'~z{
479.Bh?Y_J4?KaύZx\ׯBaze1ڟ浕NQ@ƚY"/Z�
-᳟3T
ec\IBukxRw@$o~%ϟvwns_`+4ZOǸWjM2}~@os{M23&r黯R0
t!vpr
\x6
.l
t-{?6^g~#V=?B/G%^D^~{Rv 0W7J҄k
։kL-4 6;&./^Ȕn[
t4->.X'ïx{lv뽼v
\lsn/<:9ޅVHP
f6K|
yZrdvĒ?f"6v]l^:v1è̿ahoY}f/
`J|n{&gWeNqXa?د}$6
}`Og8cҹUαw=
}fX6%ٔA Ff : qdw}a6
c:è_Hhk��������������������] Y^rDX6WN5Cى;0p Ez1
i{L4R,..KRu>Ep%d[
3|՜'ifܤ=}uF
&V[|뢬|6z֖2+AFqr>
ܨ
$kH3 7H=i#1=H
fHv?=@e="'
϶Ce[>K$o/7*K"!n07 N
N <B7yg)0nlm^&Č2�\`".᪑!%Ȑ۩05
s&o`"AZcsz2F@ ~]&Ոh 75&|Zn`,@JM!E~ > ӀAAd;|$/h
?@6
�魸ʻH,)av=Bk
gA�@�2�.d
-(|Ĺ
R/+EDbև(<$!_l$zU!'{H"U
`<Lh=!cҌg7!ln8k7#
}[HAT8&~o+m&'vc1FecJ�$^$bD"r
$C6[![(M)
FQD1e4 iF6Uߙ>zbBӛ9
bmxJiST
SP
k zDL4jm4AMS)"JaR
d2LtqT1p@PQ(6)\
XBVxRkV
BDp4t^)6
7�)|
`WAӗnϮ\DW8 Xt
>]@z*[*J.fWU@ika)G)` n
3=t+Wu
샃Иł
).`p`)DΞ
`A\')
@ձЈe˅lG&TS㣞
eئ̩3W龶}̎
ڞz|lB)Y`dHr!38_Ƹ-QZϬ nr
xUD!E\A
`J3Xm<}Ov#+"h"2.HX
Q§k/]aF]
E߆#lD˦wwy]alWqŠGl(&6
wxnlo@fw-p/E"r
H^fiHX
QbЋԣTwݯ?:Ҙ}[[ ~C݇3;
<
vQnq52XcF-
Uxॎio
9>Ǘut
dgz#8$G
@:m\fwiM|
�|x
Wy=w"E؉]]mS(x\ZnNÿDn
Q4냡`/l
TDIt~PH16tKAZ:fF
<!ـKO4Ӂ̰OZ8c+N.fβ Xa
b�W
=�
L}$-<Il頪.3Z
!
?#/r;ݟ'7R/P4vR*
<긩H%F̂)ќ
7Tur*JȎN2 z!R*:9Ȉm"Jst +JN2ߡR*:9Qҭ7tJoc釀+_HQ'*R DL@p%GJQ'C!R*:9Ȉ
H#, +QJȎNwVڪ
F:u_=
wİ#2 J#!R*:9Ȉ
H#9 #*JOmO8Չp^c@3+(܈H%$QJ5
c)
dDވH% $7J%'GQIY
)D dl R@F$,R*:9ȈMR ɑFԣ@`%dGJQ'D)
D
ږ3O1d7J%'GQY
)D(&H%S*bH#` 7%GJQ'PZ)
\DFHH%-JHN2)
dDW
A
N,u NDά�gd`JQΣB#`�H)8ؖ%QJ
)
;EVH);% RɰSQy-JN., ّRɆS_m4H�@������
Yb! iH|77ziwZϙ ˯ވ
bbyn:B\GZx:pZN/; :X&шp#4>
+`#ZܓXU:<+<CO:"LxRI&
cˊ[
q>3Yc\MEfdRCtp!
%D,p:-
{Mc`WryVsFfc#FlЍu1ea.SɐTQ)m*l:joΧ
r&+I161yiWSs.&1iJMj]z
ʠ>)m$ӟ*$3Axר0}n8BC+EcZ+ߴR\URb;
٢TI668%
/H*\˲[rB5ΣRb
Su271 92Kp{
W.ZGƀ
y+J.
>b4br(%s�YՔ$wXYD
eHs>v*wb^U
@Pdȶ ǧY+A>^ǣA
ɭ
w
Uoe
u*jWCgJd'yT5fa&5zb\GDn(!|GnGu8NUb- L~/uGTmE/,&c4åJӪI*(
V[#
:fS+b>[S=˨uc0}Yv{.N
3ͥ=M<䢋4;)z~nMrdV$DJUwb&$ɐ_kʼǤ̲WStTsѴtA%hR vw?ѬUe=K-ҫ|MD#y~e�,rc"(mW!QtkEv{V{r84E+,Hn
0%< WYiznalp[(0-ʿڡ|ïog,zfEUf=+[X۶c֒/oh!b}Y;/D$,<E'*bp]Y>"\̿YB\*_D+[An
}n"K=
!ES&fEKR
UOEXBvRPHߧ[]8WWN_Mի/7
ٵe
OcUsªbLΦ)بm[Vp[A[
袭yy)pm"+![7O3#
)'{B/@D&^|\M'Wm?OAR@'>_Tp\,M⟑ DL/TZ�ck^Opľ'\W4U|)
O0M¼\0?B\VKN9/TnDҮVK;n
Ky
WgS:Dރom+0 Z22Y
y.0U2ěQF[-X5p<eɎ@=WϛհDgp5�\
f$AO
h*1+PlX' Y
+
@}Z7^ȕD)W)g(̂RUV&`:&q8 +_V,'8,=ypqbRb[f%R
rn5]%̩tCd*JS0"*ΐȒEr
&
t[*d^r*\K>Moxks!tElauKrZ-6D/"`ɽ?<l{Zr[i|FЋ
-
lC3:Ys|2Ye?
lJn35Ta^[05
eIX( oiSn
7Dn{mI1PE3In̢l'6Ud`n*-1m f"=^$e"=f_yM¸\i7
3c&E\&cDH{He˼D^{Hka1#EfNiI1"
.ih1�f"=L$Nj̥Д3ljDby̋LNjd̄L̋^e#af")1"8<f$e^"_.1"=f${e^f"w=Llj
3Bc&
E#@xȗ֠l9B
pt ~uxFY{`,yՀe
8/ۇ+@wLe;f`d9IEƨ\m4H1
{XU`T6\eYIVe*al_
uxE贃dp80CAjpqPqr9/( nI`Y
)kjC(_uXAr Q
粐d
`dz$/ -#88G=y-J
>wV5
nyX`:&hVϖʸ8drX!
r:
"Ua˞60`2S7jH7e,
:
Z
ap
K:4
CuL!4m2
jVv1:K0OtA<SAχp4m@Ex
nVKK
I<"FV
b.z#tDN"/tEUalٹb8lDM
Tԥ6E
P\w6\2<.=9+Ր5%< 'a5g3,7̲i5 h2HY9ŕX",
.
v3O9'JM,HߣRSb( ߖ@1+Rx"Xf%IHn7UҠG2},>j\:���
���+@{{Y Y
ݬ6`e
<mX07аM֙ni8(C FtC.X
PsT{^m
b
<sm$ۅ*ywk
i>AxM~<q[I趹XX<3mAv55*zk[_dh8fiWӧ(IUH// ջxmghύ?UcsܕZ5ۃ�U_{ݬƺ[K
Z}IO56X:oV+emy]u]Ƌq&
S_ s??ݷs
>spARn͘ϧEiA/gˡϷ^w
㥿x:S
}_A8g̳09އϘtޣ`
|E7躤mͅGyL»q
7گr[$g[[X+ʥ/|jC*u@xo?F+eL5�kxUK^4G|:)T߰V#nCϦCoxzMI7<{8M?'`\^O?E*8g>ӳ@}X_}74}ߞ/ԯqQX;'>ykT]ß*DJyCr
R/xtQoP\+
kRv
6_Rsz\7k;mKHp>9j%c;^}Q/?\sո+;I
/[T_dDIq%(>]
>ыm`Fs<t[o
¿#`J/87^
QpRzW*MOAYO!}KYSLWQw-F~
��� ''n +.
-{>kJ;zXuJF̓5-ՎP{ߟ
uεOQ
B#g
QTcQϿ�¸
wF<Pz8%$
5uZד ;~XD[
ۦgEE"?%vml&OF|)r&2vLPuuY~.gw!
YvVl)sljMSWc802"S?.I+~O
H|Zyuɿ㈤&}7zTK%
ůtWLxh@ o
Ͳ
-OێWX宻:~Vj+ߝpo[j}x_
:y*
aZ/`%\
)R
f���������������������������������������������������������������������������������������������������@|���������(�����������������������������j������B(������f������p������������h������V������