IDEE
← 🌐 Configure RDWeb with Web-AuthN

πŸ“¦ Publish Your Application Collection & Enable SSO

πŸ“ Step 1: Create a Session Collection

On your RD Connection Broker server, open Server Manager.

  1. Navigate to:
    Remote Desktop Services β†’ Collections

  2. In the COLLECTIONS panel, click Tasks > Create Session Collection.

  3. Follow the wizard:

    • Name: Give your collection a clear name

    • User Groups: Add the security group containing users who need access.

    • User Profile Disks: Uncheck this box for simplicity.

  4. Click Create to finish.

πŸ–₯️ Step 2: Publish Applications to the Collection

  1. In Server Manager, select your new collection.

  2. Go to the REMOTEAPP PROGRAMS section.

  3. Click Tasks > Publish RemoteApp Programs.

  4. Select the programs you want users to access (e.g., Word, Excel, a custom line-of-business app).

  5. Click Next, then Publish.

πŸ” Step 3: Enable SSO with a PowerShell Command (Critical Step)

  1. On your RD Connection Broker server, open PowerShell as Administrator.

  2. Run the following command, replacing the placeholders with your details:

Set-RDSessionCollectionConfiguration -CollectionName "YourCollectionName" -CustomRdpProperty "pre-authentication server address:s:https://YourExternalURL/`nrequire pre-authentication:i:1"

Replace:

  • "YourCollectionName" with the name of your collection.

  • https://YourExternalURL/ with the External URL from your Entra App Proxy.

πŸ§ͺ Step 4: Test the Full Flow

  1. Open a web browser and go to your RD Web Client URL:
    https://<YourRDWebServer>/RDWeb/webclient

  2. Sign in with your credentials (and WebAuthN if enabled!).