If you have published Remote Desktop Web Access out of the box, and you visit
http(s)://<url for remote desktop web access>, you’ll be presented with the IIS welcome page:
To prevent this you need to redirect the root to /RDWeb.
On the RD Web Access server(s) open Internet Information Services (IIS) Manager (it’s under Administrative Tools).
Expand the tree and click Default Web Site, then open the “HTTP Redirect” app:
Fill in the redirect path, don’t forget to check “Only redirect requests to content in this directory”, and click apply.
That’s it. No need to reset IIS. This is tested to be working on Windows 2012 and Windows 2012 R2 versions of RD Web Access.
As an added bonus, HTTP requests are redirected to HTTPS as well.
Arjan
30+ years experience in Microsoft powered environments. Enjoy automating stuff using powershell. In my free time (hah! as if there is any) I used to hunt achievements and gamerscore on anything Xbox Live enabled (Windows Mobile, Windows 8, Windows 10, Xbox 360 and Xbox One). Recently I picked up my Lego addiction again.
Arjan Mensch
msfreaks 
HTTP to HTTPS redirect is not happening for me. Can you please explain how to make it so?
Hi Momo,
On IIS, the website that holds the /rdweb app, right-click the website and check “Bindings”. Make sure port 80 is listed for that website. If the website is listening on both 80 and 443, http to https redirection will happen with the settings described in this post.
Yes, it’s listening on both 80 and 443. But for some reason redirect is not happening.
What else could be causing it not to work in your opinion?
What do you see when you access the root page on port 80? The IIS page, or page not found?
Hi,
I had the same issue as Momo, https redirect works perfectly, however i discovered today http redirect was pointing me back to the default IIS page.
However, I fixed it by doing the following. This will use the default.asp page in the root directory to do the HTTP to HTTPS, along with URL redirect.
1. Make sure HTTP redirect is disabled (if it was set from the instructions above, following code works for both HTTP and HTTPS)
2. Create a default.asp page with the following code
3. Paste the default.asp into c:\inetpub\wwwroot directory
4. click Default Web Site, then open the “Default Document” icon
5. Move Default.asp to the top of the tree.
Code is below
<% If Request.ServerVariables("SERVER_PORT")=80 Then Response.Redirect "https://" & Request.ServerVariables("HTTP_HOST") & "/RDWeb" ElseIf Request.ServerVariables("SERVER_PORT")=443 Then Response.Redirect "https://" & Request.ServerVariables("HTTP_HOST") & "/RDWeb" End If %>Hi David,
Sorry for the late reply, was on vacation :)
Thanks for this, that should work as well.
However,
If the IIS redirect is not working, something is amiss. Although your solution works, it’s a workaround for the problem which then still exists.
Had same issue with HTTPS was working but HTTP was not, I was able to back out the change do it again makeing sure to click apply in the top right corner this time and it worked
Hi,
I have setup my RDS 2012 R2 with separate servers, like RD gateway, RD web, RD SH, RD connection broker.
I have my rdweb role on the gateway server as well so am able to access resourses INTERNALLY and EXTERNALLY.
My Issue when i remove that RD web Role from Gateway server,am getting error 404 and so i have followed the above steps(HTTP REDIRECT) on my RDweb server(Individual server).
Is Rd Gateway should have rd web role, if not what else has to be done to achieve the access.
Hi Mahe,
Make sure that when you removed the RD WA role from the RD GW server, that your deployment recognizes the remaining RD WA role on the other server. You can see this in the deployment overview. Also, as a best practice, if you separate the roles, use different certificates for the roles.
And to answer your question: RD GW can go perfectly fine on a separate server, you don’t need to have RD WA on that same server.
Hello Arjan. Thank you very much for your work. I followed your steps and everything works perfectly. I have a quick question though. I noticed that under Default Web Site the Rpc and RpcWithCert virtual subdirectories are also inheriting the redirection. Do we want this behavior? Is it ok if the remote desktop client tries to reach https://gate.company.com/rpc and is being redirected to RDWeb instead?
Thanks!
Hi Max,
I believe the redirection only works when a user tries to enter the root folder (like https://gate.company.com). Any subfolders in the root do not get redirected, that’s why I put the check in “only redirect..”
Its possible to use a federate authentication (for example Shibboleth) to autenticate users in rdweb?
Hi Andre,
No there is not :(
Hello.
I can access https://fqdn/rdweb on my internal network, but not externally. I can see the traffic get through my firewall, but it times out if coming from outside the network.
Any thoughts? Thank you!
Hi Adam,
I’d check routing from the webaccess / gateway server back to the internet, windows firewall on the webaccess / gateway server. Make sure the server has just 1 IPv4 address.. Maybe, if webaacess and gateway roles are on the same server, modify your RAP to allow all computers and your CAP to allow all users, just to check. Other than that I don’t have any quick tips.
You are a lifesaver! I’ve been tearing my hair out trying to figure why I couldn’t get RDWeb connecting via 443 (would work fine with 3389) and this ended up solving it! I had previously set up a single instance 2012 RDS instance and never had this problem, but now I’m setting up a high availability cluster in 2016 and just couldn’t get 443 working.
Thank you for this post! I completely forgot about redirecting and was fighting this for a better part of a day when I finally decided to ask Dr. Google. This worked perfectly.
And another note. This also worked for RDS 2016
I tried this before on my 2012 R2 deployment whereby web access and gateway roles were on the same server. I may have done it wrong, but setting the redirect meant the gateway service stopped working.
Is this expected to work when both roles are on the same server using the above settings?
Thanks
Hi James,
I’m using the exaxt same thing on my 2016 webaccess/gateway server and have been using it on 2012r2 before upgrading, so yes, it worxx as advertised.
Perfect thank you. Will give it another go.
I completed the change as outlined, but HTTPS redirection was working and HTTP redirection was not. I had configured SSL on the site and needed to uncheck ‘Require SSL’ in order for HTTP to HTTPS redirection to work properly.
Not sure if anyone else has found this, but I suspect some update recently has disabled this redirect for us. I now have to re-enable it again.
Good write-up, I am regular visitor of onesite, maintain up the excellent operate, and It is going to be a regular visitor for a lengthy time.
I had the same issue of HTTP to HTTPS redirect not working. In my case, I was not forwarding port 80 on my firewall (duh). Figured I would post in case it helps someone else.