Guest Andrew Meinert Posted October 16, 2008 Posted October 16, 2008 http://technet.microsoft.com/en-us/library/cc731435.aspx That indicates that with an AD security group, both FQDN and NetBios names will pass the connection policy. I have a bunch of desktops in a security grup and have selected it within TS Gateway. This is the only enabled policy. If I connect to a computer using the netbios name, fine. If it merely append the domain name, I am rejected by the RAP. If I switch to all network resources in the RAP, I can connect using both. Has anyone else encountred the same thing?
Guest AndrewM Posted October 16, 2008 Posted October 16, 2008 RE: TS RAP - AD group & FQDN Just a minor clarification; both the TS Gateway and the destination machines are on the same internal domain. "Andrew Meinert" wrote: > http://technet.microsoft.com/en-us/library/cc731435.aspx > > That indicates that with an AD security group, both FQDN and NetBios names > will pass the connection policy. I have a bunch of desktops in a security > grup and have selected it within TS Gateway. This is the only enabled policy. > > If I connect to a computer using the netbios name, fine. If it merely > append the domain name, I am rejected by the RAP. If I switch to all network > resources in the RAP, I can connect using both. Has anyone else encountred > the same thing?
Guest Ramasamy Pullappan [MSFT] Posted October 17, 2008 Posted October 17, 2008 Re: TS RAP - AD group & FQDN Please see if your machine's FQDN is same as the netbios_name.domain_name you used. (See Computer-->Properties to get the FQDN) Let's say your machine's FQDN is machinename.domainname.companyname.com, then, machinename.domainname alone won't work. ram. -- This posting is provided "AS IS" with no warranties, and confers no rights. "AndrewM" <AndrewM@discussions.microsoft.com> wrote in message news:9ED67A64-B5B0-4420-92C6-DF4038217C93@microsoft.com... > Just a minor clarification; both the TS Gateway and the destination > machines > are on the same internal domain. > > "Andrew Meinert" wrote: > >> http://technet.microsoft.com/en-us/library/cc731435.aspx >> >> That indicates that with an AD security group, both FQDN and NetBios >> names >> will pass the connection policy. I have a bunch of desktops in a >> security >> grup and have selected it within TS Gateway. This is the only enabled >> policy. >> >> If I connect to a computer using the netbios name, fine. If it merely >> append the domain name, I am rejected by the RAP. If I switch to all >> network >> resources in the RAP, I can connect using both. Has anyone else >> encountred >> the same thing?
Guest Andrew Meinert Posted October 20, 2008 Posted October 20, 2008 Re: TS RAP - AD group & FQDN Yes, it is. "Ramasamy Pullappan [MSFT]" wrote: > Please see if your machine's FQDN is same as the netbios_name.domain_name > you used. > (See Computer-->Properties to get the FQDN) > > Let's say your machine's FQDN is machinename.domainname.companyname.com, > then, machinename.domainname alone won't work. > > ram. > > -- > This posting is provided "AS IS" with no warranties, and confers no rights. > > > "AndrewM" <AndrewM@discussions.microsoft.com> wrote in message > news:9ED67A64-B5B0-4420-92C6-DF4038217C93@microsoft.com... > > Just a minor clarification; both the TS Gateway and the destination > > machines > > are on the same internal domain. > > > > "Andrew Meinert" wrote: > > > >> http://technet.microsoft.com/en-us/library/cc731435.aspx > >> > >> That indicates that with an AD security group, both FQDN and NetBios > >> names > >> will pass the connection policy. I have a bunch of desktops in a > >> security > >> grup and have selected it within TS Gateway. This is the only enabled > >> policy. > >> > >> If I connect to a computer using the netbios name, fine. If it merely > >> append the domain name, I am rejected by the RAP. If I switch to all > >> network > >> resources in the RAP, I can connect using both. Has anyone else > >> encountred > >> the same thing? >
Guest Vikash Posted October 22, 2008 Posted October 22, 2008 Re: TS RAP - AD group & FQDN You said that you are using some security group, are u sure its an out-of-the-box AD security group or some custom security group that you have created on your own on the AD? Can you try adding "<Your domain>\Domain Computers" to the AD group and see if your issue reproes? Thanks, Vikash "Andrew Meinert" wrote: > Yes, it is. > > "Ramasamy Pullappan [MSFT]" wrote: > > > Please see if your machine's FQDN is same as the netbios_name.domain_name > > you used. > > (See Computer-->Properties to get the FQDN) > > > > Let's say your machine's FQDN is machinename.domainname.companyname.com, > > then, machinename.domainname alone won't work. > > > > ram. > > > > -- > > This posting is provided "AS IS" with no warranties, and confers no rights. > > > > > > "AndrewM" <AndrewM@discussions.microsoft.com> wrote in message > > news:9ED67A64-B5B0-4420-92C6-DF4038217C93@microsoft.com... > > > Just a minor clarification; both the TS Gateway and the destination > > > machines > > > are on the same internal domain. > > > > > > "Andrew Meinert" wrote: > > > > > >> http://technet.microsoft.com/en-us/library/cc731435.aspx > > >> > > >> That indicates that with an AD security group, both FQDN and NetBios > > >> names > > >> will pass the connection policy. I have a bunch of desktops in a > > >> security > > >> grup and have selected it within TS Gateway. This is the only enabled > > >> policy. > > >> > > >> If I connect to a computer using the netbios name, fine. If it merely > > >> append the domain name, I am rejected by the RAP. If I switch to all > > >> network > > >> resources in the RAP, I can connect using both. Has anyone else > > >> encountred > > >> the same thing? > >
Recommended Posts