Q. Why would I use a TS Gateway–managed computer group?
September 25, 2008
A. A Terminal Services resource authorization policy (TS RAP) lets you configure the targets you can connect to via a TS Gateway. You can use an Active Directory (AD) group that contains a list of computer accounts that you could include in the TS RAP, but how do you specify the name of a terminal server farm in the policy? A farm of terminal servers has a name that wouldn’t exist as a computer object. Thus, if you used an AD group, the server farm would not be found and access would be denied if you tried to connect to it via a TS Gateway.
The TS Gateway–managed computer group checks the target name specified against a list of names configured in the TS Gateway–managed computer group. You can add the name of a terminal server farm to the TS Gateway–managed computer group and thereby allow access to the farm as a TS Gateway target. When you use the TS Gateway–managed computer group, you must enter every name that might be used for the farm (e.g., Fully Qualified Domain Names, NetBIOS format names).
About the Author
You May Also Like