Remote Desktop Notes Server 2012 R2

Windows servers including 2012 R2 allow up to two simultaneous remote desktop administrative sessions without installing the Remote Desktop Services role.

Unfortunately the old GUI tool for managing Remote Desktop TCP connectivity has been removed in 2012 R2 and administrators are directed by Microsoft to use WMI command-line tools to change the RDP TCP certificate if needed.

While investigating an RDP certificate issue (likely caused by group policy or faulty windows updates) – I discovered that the auto-generated RDP certificate is stored not in the computer personal store, but in the computer “remote desktop” cert folder (mmc – certificates – local computer – remote desktop). The good news is that certificates you create in the “Personal” computer certificate store are available to be assigned to the RDP TCP listener.

To change the RDP TCP connection certificate, use the instructions provided by Microsoft in the article: “Remote Desktop listener certificate configurations in Windows Server 2012 R2 and Windows Server 2012.”


About notesbytom

Keeping technology notes on to free up my mind to solve new problems rather than figuring out the same ones repeatedly :-).
This entry was posted in System Administration and tagged . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s