Enabling TLS 1.2 On Windows Server Essentials
The latest release of WSE RemoteApp (Version 1.255.1836.0 or greater) now allows you to enable TLS 1.2 on Windows Server Essentials, while disabling TLS 1.0 and TLS 1.1, in order to enhance the security of SSL connections made with the server, and to comply with the latest compliance standards for the Federal Risk and Authorization Management Program (FedRAMP). It has long been thought that TLS 1.0 could not be disabled on an Essentials server since it is required for client-to-server communications (such as client computer backups, connecting client computers to the server via http://<YourServerName>/connect, etc.). However, it has recently been brought to my attention that this actually can be achieved when specific .NET Framework security settings are added to both the server and to ALL of your client computers. With TLS 1.2 enabled, and TLS 1.0 and TLS 1.1 disabled, you will be able to obtain an A+ grade (as of this writing), from the SSL Labs SSL Server Test site for your Essentials server’s built-in Remote Web Access websites.
Adding Desktops To The RADC Web Feed
The latest release of WSE RmeoteApp (Version 1.255.1811.0 or greater) now allows you to add Desktops (i.e. Computers) to its RADC web feed so that you can access them directly from your favorite RADC web feed client instead of having to always sign in to the Essentials server’s built-in Remote Web Access (RWA) website. The new feature works great from the native RemoteApp and Desktop Connections applet in Windows, and from all of the free Microsoft Remote Desktop client apps for Mac, iOS, Android, and Windows (it even works from the Remote Desktop web client with a bit of persuasion). Continue reading for details on how to enable this feature.
Installing Windows Server Essentials Experience On Windows Server 2019 / 2022 / 2025
As mentioned in my previous post, Microsoft has completely removed the Windows Server Essentials Experience (WSEE) server role from Windows Server 2019. However, since the entire Windows Server Essentials Experience is basically just an elaborate .NET application that is installed on top of the Windows Server operating system (and not some tightly integrated system component of the OS itself), it can quite readily be installed onto Windows Server 2019 and beyond.
Connecting From Your Favorite Web Browser
I’m pleased to announce that WSE RemoteApp (Version 1.255.1575.0 or greater) now includes support for setting up and accessing Microsoft’s newly released Remote Desktop web client from within the product’s existing RADC web feed feature.
The Remote Desktop web client allows your end users to connect to WSE RemoteApp through a compatible HTML5-based web browser (Chrome, Firefox, Safari, Edge, Internet Explorer 11, etc.) without the need to install or set up additional RADC client software on their computers and devices. This provides a consistent experience across computers and devices, minimizes installation or maintenance costs, and provides quick and easy access from kiosks and other non-personal computers and devices.
WSE RemoteApp takes care of all the hard work of installing, configuring, and updating the web client for you. Enabling the web client only takes a few minutes, and once enabled, you can have your end users browse to the server’s Remote Desktop web client URL from a compatible web browser that’s installed on their computer or device in order to connect to WSE RemoteApp.
How To Manually Set Up A Custom / Vanity Domain Name In Windows Server Essentials
Let me start off by saying that I typically recommend folks use a Microsoft personalized domain name (e.g. YourDomainPrefix.remotewebaccess.com) when setting up Anywhere Access / Remote Web Access on their Essentials server. The reason for this is that the domain name, the dynamic DNS update service, and the trusted SSL certificate are all automatically set up and managed for you by the Essentials server completely free of any charge or hassle. If you would rather take this much more convenient route instead, then see the following links for instructions on how to set up a Microsoft personalized domain name on your Essentials server:
Configuring and Customizing Remote Web Access on Windows Server 2012 R2 Essentials
Understand Microsoft personalized domain names
EDIT (11/15/2022): With the increased frequency that Microsoft keeps breaking their online services in Windows Server Essentials (including their remotewebaccess.com personalized domain names and dynamic DNS service), it’s becoming abundantly clear that they no longer care about their Windows Server Essentials customers. Therefore, I now STRONGLY recommend that folks avoid using a Microsoft personalized domain name and just set up their very own custom / vanity domain name instead.
That being said, I also understand that some folks would rather forgo the convenience of using a Microsoft personalized domain name in order to have their very own custom / vanity domain name instead (e.g. YourDomainPrefix.YourCustomDomain.com). Using a custom / vanity domain name presents some additional challenges that must be overcome though; such as purchasing, setting up, and managing the domain name, the dynamic DNS update service, and the trusted SSL certificate. For those folks who are willing to take on those additional challenges, I’ll do my best to try and help by walking you through the entire manual domain name set up process here step-by-step (using either a user-purchased SSL certificate or a free Let’s Encrypt SSL certificate via Certify the web).
Two-Factor Authentication (2FA)
For those wanting to use secure Two-Factor Authentication (2FA) with WHS /WSE RemoteApp (or any of our older legacy RemoteApp-based add-ins), we have some good news. We have just finished testing Duo Authentication for Windows Logon and RDP with all of our products, and we are happy to report that it works wonderfully with all of them.
Connecting From Mac / iOS / Android / Windows Computers and Devices
I would like to introduce everyone to an exciting new feature recently added to all of our WHS / WSE RemoteApp products that allows you to connect to them from Mac, iOS, Android, and Windows computers and devices. The new feature allows your server to act as a RemoteApp and Desktop Connections (RADC) web feed server for serving remote resources to RADC clients; including the native Windows “RemoteApp and Desktop Connections” Control Panel applet, the freely available Microsoft Remote Desktop client apps for Mac, iOS, Android, and Windows, and Microsoft’s newly released Remote Desktop web client.
Enable Printing To Local Computer’s Printer
By default, WSE RemoteApp, WSE Office, WSE Outlook, WSE QuickBooks, and WSE Quicken are not configured to allow printing to the printer that is connected to your local computer. To enable printing to the local computer’s printer:
Enable Access To Local Computer’s Drives
By default, WSE Office, WSE RemoteApp, WSE Outlook, WSE QuickBooks, and WSE Quicken allows access to the files and folders on the hard disk drives that are connected to your local computer from local (Launchpad) connections, but not from remote (Remote Web Access or RADC web feed) connections. To enable or disable access the local computer’s drives:
Windows XP Remote Web Access Connections
To successfully connect to WSE RemoteApp Web Access, WSE Office Web Access, WSE Outlook Web Access, WSE QuickBooks Web Access, and/or WSE Quicken Web Access via the server’s built-in Remote Web Access website under Windows XP:
Multiple Simultaneous Connections
The underlying operating system in Windows Server Essentials allows a maximum of two simultaneous Remote Desktop connections to the server. A direct result of this is that only two allowed users can be connected to WSE RemoteApp, WSE Office, WSE Outlook, WSE QuickBooks and/or WSE Quicken at exactly the same time.