Wednesday, 22 December 2010

Using Network Access Protection with Remote Desktop Gateway [2]

It is almost a month since I wrote about this topic. I was able to defer the setup of the RD Gateway that I was previously doing until today when I had to finish it without completing the NAP client setup. This means that for the moment all clients connecting to our server will be assumed to be non-NAP capable and the system health checks will not be performed on them. However in the course of the work I was doing today I stumbled across this useful article on MSDN:

The articles contain other content that I was not aware of up until now, namely that you have to do things on the client with the server certificate and add the RD Gateway server to the Trusted Server list on the client. The second article provides a link to a script to help configure the client. There is also a lot of information there about how to test for the proper operation of the NAP client and SHVs etc. Although I am of course very busy at the moment with just a couple of days of the work year to go, I will have a look at this stuff in more detail over the break when I am actually on leave.

We are about to take delivery of 35 brand new computers which is a substantial order for us and they are all built locally by one of NZ’s top educational market computer companies. The installation of these will be our major project over the summer holiday break with just some minor maintenance work being carried out as far as the servers go. The majority of the computers will probably be configured to use native VHD boot with Windows 7.

We are about to set up a proper backup system using removable hard drives and commercial grade backup software, replacing the use of spare server capacity and scripting to back up stuff. This is important as once we can link our sites by fibre it will dispense with the necessity to have duplicate servers in the two sites and enable the main file servers to be consolidated into one.