Skip to content

How to Configure RDS Remote Applications

This page provides detailed instructions for configuring Zero Trust Access to Remote Applications published through Remote Desktop Services (RDS) using the 12Port Access Broker. The configuration process includes preparing the RDS environment, publishing Remote Applications, and setting up required assets and permissions within the Access Broker.

Prerequisites

Before beginning configuration, ensure the following prerequisites are met:

  • Remote Desktop Services (RDS) is installed and configured on the target Windows Server to support multi-user access.
  • The Remote Application (e.g., SQL Server Management Studio, TN5250 terminal) is installed on the RDS host.

    Note: The application does not need to be published yet.

  • The 12Port Access Broker is installed and fully operational for connections in the environment.

General Configuration Overview

1. Download and Publish the Remote Application
Each Remote Application typically includes an executable and supporting files. Follow these general steps:

Note

Download URL and configuration steps are described in the Applications documentation for each specific supported application.

1. Download the application files to a folder on the RDS server.
2. Publish the executable via the RDS GUI or PowerShell. Example:

New-RDRemoteApp `
  -CollectionName "QuickSessionCollection" `
  -Alias "remote-app-name" `
  -DisplayName "remote-app-name" `
  -FilePath "C:\Path\To\remote-app.exe" `
  -ShowInWebAccess $true `
  -CommandLineSetting "Allow"
* remote-app-name: Name assigned to the published application.

* remote-app.exe: Full path to the application’s executable file.

* CommandLineSetting "Allow": Required when publishing via GUI or script to enable command-line arguments.

The executable filename does not need to match the Remote App alias.

2. Create and Configure Assets in the Access Broker
A. Windows Host Asset
* Define a Windows Host asset in the Credentials Vault.
This host must be able to initiate a Zero Trust session with the RDS server.

B. RDS Remote Application Asset
* Create a new RDS Remote Application asset in the system. Note that this Asset Type is hidden by default and must be unhidden before it can be used.
* Populate the following fields based on the application's documentation:

Field Description
Host (Optional) Host value, if required by the Remote Application.
User Username used for authentication.
Password Password used for authentication.
Remote App Published application name, prefixed with ||. Example: ||remote-app-name
Remote Arguments Comma-separated list of required arguments for connection, as defined in the application's documentation.

⚠️ Important: Add the Windows Host asset as a Member Asset of the RDS Remote Application asset.

3. Define Access Policies and Permissions

To enable user access:

* Configure Access Profiles, Peer Nodes, and Permissions to control access to the RDS Remote Application.
* Implement Approval Workflows on the RDS Application asset, if required, for privileged access scenarios.

Launching a Zero Trust Session

Once configuration is complete:

  1. Users select the desired RDS Remote Application from the Credential Vault.
  2. The Access Broker establishes a secure, credential-injected session.
  3. Sessions are monitored and recorded, with no credential exposure to the user.


The configuration process involves:

  • Preparing the RDS host and publishing the target application.
  • Creating and linking required assets in the 12Port Credential Vault.
  • Enforcing access controls through roles, workflows, and session recording.

With the above setup, organizations can enable secure, auditable access to critical applications—without exposing credentials—while maintaining full oversight and control.