- Configuring Defender Antivirus: Exclusions, real-time protection, scans, and remediations - Mon, Sep 26 2022
- Get updates for Windows Server 2022 in WSUS - Mon, Sep 19 2022
- Microsoft Defender: Control updates for malware signatures using Group Policy or PowerShell - Thu, Sep 15 2022
Over the past few years, Microsoft has extended RDP support to several platforms. Native clients for macOS, iOS, and Android are now available, along with a Universal Windows Platform (UWP) app for Windows 10. In the past whoever wanted to run remote desktop applications in a web browser had to rely on third-party products. This has changed with the availability of the Remote Desktop Web Client.
Not compatible with per-device CALs ^
Before you install the Web Client, you should make sure you use per-user client access licenses (CALs) and not per-device CALs. Otherwise the HTML client would seize all per-device CALs, since it is not compatible with this type of license. It will display a corresponding warning again during installation.
As an additional requirement, the Remote Desktop Services (RDS) deployment must include an RD Gateway even for internal usage on Windows Server 2019, despite the fact Microsoft announced otherwise during the Windows Server Summit.
Installation via PowerShell ^
The RD Web Client is suitable for Windows Server 2016 and 2019, but Microsoft has yet to include it in the installation media of the operating systems. Currently it is not part of Server 2019 either.
The installation occurs via PowerShell's package management, which downloads the required packages from PowerShell Gallery. As a first step, you must update the PowerShellGet module not only on Server 2016 but also on Server 2019. The following command achieves this:
Install-Module -Name PowerShellGet -Force
At this point, it might be necessary to close the PowerShell window and start a new session.
The actual installation requires four commands as this tutorial on Microsoft Docs describes:
Install-Module -Name RDWebClientManagement Install-RDWebClientPackage Import-RDWebClientBrokerCert <.cer file exported from the RD Broker> Publish-RDWebClientPackage -Type Production -Latest
Please verify the certificate for RD Connection Broker - Enable Single Sign On (SSO). In the RDS deployment configuration, this must always match the certificate previously imported from RD Broker to the Web Client. So if you renew the certificate for RD Broker, you must reimport it to the Web Client.
After successfully adding the package for the Web Client, you can access it via the URL https://<fully qualified domain name of the server>/RDWeb/webclient. This currently supports newer versions of browsers such as Edge, IE 11, Google Chrome, Safari, or Firefox, but not on mobile devices.
Desktops and RemoteApp ^
Once you have logged in, you will see collections for both RemoteApp and Remote Desktops. If the administrator has published several RemoteApps, they will all launch within the same frame. You can switch between them using the bar showing the active programs at the top of the screen.
During logon, the client will ask you which local resources should be accessible in the remote session. You can only select the clipboard and printers, but no drives or USB devices are available as with the native RDP client.
Printing, dynamic window size, and clipboard ^
The screen response is relatively fluid, and the browser client can also play videos in acceptable quality, including sound. The redirected virtual remote desktop printer turns out to be a print-to-PDF function that automatically downloads the PDF to the local computer after its creation.
While users of the conventional RDP client had to wait many years before it eventually supported resizing the window, the HTML5 client offers this feature right from the start. A full-screen mode is also available.
Currently, there is still a major limitation when exchanging data between the remote session and the local device. Copy and paste only works for text; you cannot transfer other content types such as graphics via the clipboard. As expected, copying files via HTTP is not possible, in contrast to RDP.
The web front end complements Microsoft's client portfolio for RDS with an option that does not require any local installation of software. However, since it doesn't support any mobile devices, and most desktop PCs are running Windows, the native RDP client is preinstalled on most devices anyway. It also offers a much better user experience than the Web Client.
Subscribe to 4sysops newsletter!
Due to the current existing limitations, the Web Client is a niche application that can be interesting for ad hoc connections from outside the company network. For administrative access to Windows Server via RD, you don't need to set up the Web Client, because it's also part of the Admin Center.