RDS 2012 – Internal domain local, cert *.domain.co.uk

Reading Time: < 1 minute

When you access your RDS environment you have to by pass a couple of cert errors due to there being a mismatch of your internal domain .local and your wildcard certificate e.g. *.domain.co.uk or *.domain.com etc

To get around this:

1) Create a new DNS zone on your DNS server internally, domain.co.uk (That’s if one does not already exist)
2) Create a relevant DNS entry in the new zone to point to the RDS environment’s internal IP address
3) Ensure you can ping the DNS entries e.g. ping RDS-Server-1.domain.co.uk etc


Microsoft offer a way around resolving the issue externally via a script. This will help get rid of those cert errors:

1) Download the script Set-RDPublishedName.ps1 from https://gallery.technet.microsoft.com/Change-published-FQDN-for-2a029b80
2) On your RDS connection broker, open Powershell (right click and open as administrator)
3) Browse to the folder where your script resides e.g. cd c:\folder\ and press enter
4) Set-RDPublishedName.ps1 “your domain here, e.g. rds-server-name.domain.co.uk)

Further issues:

After applying the above, if you launch your Remote Desktop icon and find you are no longer able to access the server with an error such as you don’t have permissions, or you did not use the net bios name,
access your RDS Gateway server, launch RD Gateway Manager, expand Policies, Resource Authorization Policies > right click your policy and click properties > Click Network Resources tab, tick, allow users to
connect to any network resource. This should help resolve your issue.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.