Customizations

Display UserName when user logs in

This is not an easy feat. I have included the link on which I have based customizations below. The author did a splended job with illustrating for RDS 2012/R2

I changed some of the code a little so that the three main Browsers {IE, Chrome, and FF} work correctly in my testlab. Following verbatim, FF did not show the user--whereas Chrome and IE did.

File 1:   C:\Windows\Web\RDWeb\Pages\web.config

In this section, copy and paste this code: <system.web>

(on or about Line 53)


<customErrors mode="Off"/>

<compilation defaultLanguage="c#" debug="true">

  <assemblies>

    <add assembly="System.DirectoryServices, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>

  </assemblies>

</compilation>


File 2: C:\Windows\Web\RDWeb\Pages\en-us\Default.aspx


Find </script> and paste this code above the </script> so that it's included in that script section
(on or about Line 442)

** Remember to put your own Domain Controller settings in the LDAP section (highlighted)


private static string GetDisplayName(string strUserName)

{

  string strLDAPPath = "LDAP://dc=windc1,dc=local";

  string strFilter = string.Empty;

 

  if(strUserName.Contains("\\")){strUserName = strUserName.Substring(1 + strUserName.IndexOf("\\"));}

  strFilter = "(SAMAccountName=" + strUserName + ")";

  if(strUserName.Contains("@")){strFilter = "(UserPrincipalName=" + strUserName + ")";}

 

  System.DirectoryServices.DirectoryEntry de = new System.DirectoryServices.DirectoryEntry(strLDAPPath);

  System.DirectoryServices.DirectorySearcher ds = new System.DirectoryServices.DirectorySearcher(de);

  ds.Filter = strFilter;

  ds.PropertiesToLoad.Add("Name");

 //ds.PropertiesToLoad.Add("sAMAccountname");

  System.DirectoryServices.SearchResultCollection results = ds.FindAll();

 

  return (results != null && results.Count > 0) ? results[0].Properties["Name"][0].ToString() : string.Empty;

//return (results != null && results.Count > 0) ? Uri.EscapeDataString(results[0].Properties["Name"][0].ToString()) : string.Empty;

//disable-output-escaping="yes"

}

A note about this. I stopped using the Uri.EscapeDataString, as this did not work in FireFox. In FireFox, it would be "blank". Here, I'm just returning the raw text of the AD attribue, Name

Next, you want to add in the following code which is highlighted in that position

<RDWAPage

    helpurl="<%=sHelpSourceServer%>"

    domainuser="<%=SecurityElement.Escape(strDomainUserName)%>"

    workspacename="<%=AntiXssEncoder.XmlAttributeEncode(strWorkspaceName)%>"

    baseurl="<%=SecurityElement.Escape(baseUrl.AbsoluteUri)%>"

    userdisplayname="<%=GetDisplayName(strDomainUserName)%>"

    privacyurl="<%=AntiXssEncoder.XmlAttributeEncode(strPrivacyUrl)%>"

File 3:   C:\Windows\Web\RDWeb\Pages\Site.xsl

This is where you actually set it up to display the username.

Find this line

<xsl:variable name="strings" select="document(concat($baseurl,'RDWAStrings.xml'))/str:strings/string"/>

and add the following highlighted line: 

  <xsl:variable name="appfeedcontents" select="/RDWAPage/AppFeed[1]"/>

  <xsl:variable name="strings" select="document(concat($baseurl,'RDWAStrings.xml'))/str:strings/string"/>

  <xsl:variable name="userdisplayname" select="/RDWAPage/@userdisplayname"/>

 

Find this line

<xsl:value-of select="$strings[@id = 'SignOut']"/>


and add the highlighted line:

<a id='PORTAL_SIGNOUT' href="javascript:onUserDisconnect()" target="_self">

<xsl:value-of select="$strings[@id = 'SignOut']"/>

<xsl:if test="$userdisplayname">  (<xsl:value-of select="$userdisplayname"/>)</xsl:if>

</a>


Results:

2018-06-23 09_09_47-RD Web Access - Internet Explorer


Source:

Adding the current user’s Active Directory displayname to RD Web Access 2012R2
https://msfreaks.wordpress.com/2014/03/24/adding-the-current-users-active-directory-displayname-to-rd-web-access-2012r2/

Display Password Expiry when user logs in

This is not an easy feat. I have included the link on which I have based customizations below. The author did a splended job with illustrating for RDS 2012/R2

I changed some of the code a little so that the three main Browsers {IE, Chrome, and FF} work correctly in my testlab. Following verbatim, FF did not show the user--whereas Chrome and IE did.

File 1:   C:\Windows\Web\RDWeb\Pages\web.config

In this section, copy and paste this code: <system.web>

(on or about Line 53)


<customErrors mode="Off"/>

<compilation defaultLanguage="c#" debug="true">

  <assemblies>

    <add assembly="System.DirectoryServices, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a"/>

  </assemblies>

</compilation>


File 2: C:\Windows\Web\RDWeb\Pages\en-us\Default.aspx


Find </script> and paste this code above the </script> so that it's included in that script section
(on or about Line 442)

** Remember to put your own Domain Controller settings in the LDAP section (highlighted)


private static string GetDisplayName(string strUserName)

{

  string strLDAPPath = "LDAP://dc=windc1,dc=local";

  string strFilter = string.Empty;

 

  if(strUserName.Contains("\\")){strUserName = strUserName.Substring(1 + strUserName.IndexOf("\\"));}

  strFilter = "(SAMAccountName=" + strUserName + ")";

  if(strUserName.Contains("@")){strFilter = "(UserPrincipalName=" + strUserName + ")";}

 

  System.DirectoryServices.DirectoryEntry de = new System.DirectoryServices.DirectoryEntry(strLDAPPath);

  System.DirectoryServices.DirectorySearcher ds = new System.DirectoryServices.DirectorySearcher(de);

  ds.Filter = strFilter;

  ds.PropertiesToLoad.Add("Name");

  ds.PropertiesToLoad.Add("maxPwdAge");

 //ds.PropertiesToLoad.Add("sAMAccountname");

  System.DirectoryServices.SearchResultCollection results = ds.FindAll();


  long lastChangedTicks;

  System.DirectoryServices.ResultPropertyValueCollection pwdLastSetProp;

  pwdLastSetProp = results[0].Properties["pwdLastSet"];


  if ((pwdLastSetProp != null) &&


                        (pwdLastSetProp.Count > 0) &&

                        long.TryParse(pwdLastSetProp[0].ToString(), out lastChangedTicks))

                        return "Expires: " + System.DateTime.FromFileTime(lastChangedTicks).AddDays(90).ToString("MM/dd/yyyy H:mm");

                                                                                           


  return "nope.";

 // return (results != null && results.Count > 0) ? results[0].Properties["Name"][0].ToString() : string.Empty;

//return (results != null && results.Count > 0) ? Uri.EscapeDataString(results[0].Properties["Name"][0].ToString()) : string.Empty;

//disable-output-escaping="yes"

}

A note about this. I stopped using the Uri.EscapeDataString, as this did not work in FireFox. In FireFox, it would be "blank". Here, I'm just returning the raw text of the AD attribue, Name

Next, you want to add in the following code which is highlighted in that position

<RDWAPage

    helpurl="<%=sHelpSourceServer%>"

    domainuser="<%=SecurityElement.Escape(strDomainUserName)%>"

    workspacename="<%=AntiXssEncoder.XmlAttributeEncode(strWorkspaceName)%>"

    baseurl="<%=SecurityElement.Escape(baseUrl.AbsoluteUri)%>"

    userexpiration="<%=GetPasswordExpirationDate(strDomainUserName)%>"

    privacyurl="<%=AntiXssEncoder.XmlAttributeEncode(strPrivacyUrl)%>"

File 3:   C:\Windows\Web\RDWeb\Pages\Site.xsl

This is where you actually set it up to display the username.

Find this line

<xsl:variable name="strings" select="document(concat($baseurl,'RDWAStrings.xml'))/str:strings/string"/>

and add the following highlighted line: 

  <xsl:variable name="appfeedcontents" select="/RDWAPage/AppFeed[1]"/>

  <xsl:variable name="strings" select="document(concat($baseurl,'RDWAStrings.xml'))/str:strings/string"/>

  <xsl:variable name="userexpiration" select="/RDWAPage/@userexpiration"/>

 

Find this line

<xsl:value-of select="$strings[@id = 'SignOut']"/>


and add the highlighted line:

<a id='PORTAL_SIGNOUT' href="javascript:onUserDisconnect()" target="_self">

<xsl:value-of select="$strings[@id = 'SignOut']"/>

<xsl:if test="$userdisplayname">  (<xsl:value-of select="$userdisplayname"/>)</xsl:if>

</a>

<xsl:if test="$userexpiration">  (<xsl:value-of select="$userexpiration"/>)</xsl:if>


Make Company Text work on Login and Logged-in Page

File 1: C:\Windows\Web\RDWeb\Pages\en-us\login.aspx

Line about 205, comment it out

Add Two "/" and a space to this line. It should look like this:

// L_CompanyName_Text = strWorkspaceName;

Line about 16, change the customizable text to what you want it to say. For example:

string L_CompanyName_Text = "RDS - Lemmermann";

File 2: C:\Windows\Web\RDWeb\Pages\en-us\Default.aspx

Line about 16, change the customizable text to what you want it to say. For example:

string L_CompanyName_Text = "RDS - Lemmermann";

Line about 270, change strWorkspaceName to L_CompanyName_Text

workspacename="<%=AntiXssEncoder.XmlAttributeEncode(L_CompanyName_Text)%>" 

Put the Web Server you're on in the Title Bar

File 1: C:\Windows\Web\RDWeb\Pages\en-us\login.aspx

Line about 17, add customizable text

string L_ServerName = System.Environment.MachineName;

Line about 277, add text for "servername" as such:

<RDWAPage

    helpurl="<%=sHelpSourceServer%>"

    workspacename="<%=AntiXssEncoder.XmlAttributeEncode(L_CompanyName_Text)%>"

    baseurl="<%=SecurityElement.Escape(baseUrl.AbsoluteUri)%>"

    privacyurl="<%=AntiXssEncoder.XmlAttributeEncode(strPrivacyUrl)%>"

    servername="<%=L_ServerName%>"

    >

File 2:   C:\Windows\Web\RDWeb\Pages\Site.xsl

Line about 25, update by adding in the highlighted code

<title ID="PAGE_TITLE"><xsl:value-of select="$strings[@id = 'PageTitle']"/><xsl:if test="$servername">  (<xsl:value-of select="$servername"/>)</xsl:if></title>

File 3: C:\Windows\Web\RDWeb\Pages\en-us\Default.aspx


You can do the same modification in this file. File 2 will work for both File 1 and 3

Removing the domain requirement for login

Instructions here

Based solely and without permission from: Arjan Mensch

Keep in mind that this worked splendidly also in RDS 2016

Show Remote Desktop/Terminal Server Collection *with* RemoteApps

So, when you add RemoteApps, the Session Collection disappears. With this registry key updated, you can see all of your RemoteApps along with your Session Collection--which can also be renamed

(Do this on the Gateway server where you have the collections defined)

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\CentralPublishedResources\PublishedFarms\<collection>\RemoteDesktops\<collection>  

showinportal2

Results with:

showinportal3

https://ryanmangansitblog.com/2014/01/04/publish-remote-desktop-session-in-a-remote-app-session-collection/

Remove "Connect to a Remote PC" option

%windir%\Web\RDWeb\Pages\Web.config

Change this to false

<!-- ShowDesktops: Displays or hides the Remote Desktops tab. Value must be "true" or "false" -->

    <add key="ShowDesktops" value="false" />

RDS_Remove_ConnectToARemotePC


Update Help Link to either a local file or URL

rds-customize-web-access-login-page-19

For each page that has a help link (ie login.aspx), you must edit this code

You can see the LocalHelp has ./rap-help.htm

If you do not use LocalHelp, you can just modify the link in sHelpSourceServer

rds-customize-web-access-login-page-21

Hiding the Help link

%windir%\web\rdweb\pages\site.xsl.

Go to line 152:

Change this line to look like this:

And change line 154 to look like this:

rds-customize-web-access-login-page-25

Forcing the security setting to Public
Hiding the Security Radio buttons to place custom text

We need to hide both the Private and Public Radio buttons

Open “login.aspx”.

First, hide the Public radio button. Easiest way is to search for "tablePublicOption". Once there, add "style="display:none;" to the <TR> tag

(Around line 628)

2020-06-03 15_42_25-C__windows_web_RDWeb_Pages_en-US_login.aspx - Notepa...

Second, hide the Private radio button. Easiest way is to search for "tablePrivateOption". Once there, add style="display:none;" to the <TR> tag
(Around line 648)

2020-06-03 15_43_00-Remote Desktop Organizer

Three things here

Block one with the bgcolor is actually the Horizontal Rule line. You can customize or style="display:none;" it too

Second block is where i put in some text that i wanted to display in place of the Security radio buttons

Line 615 turns off the security description message that would otherwise show which is now defunct since we removed the radio buttons. You hide it as you did above with style="display:none;"

2020-06-03 15_41_39-C__windows_web_RDWeb_Pages_en-US_login.aspx - Notepa...


Save the file.

Open “webscripts-domain.js” and move to line number 14:

rds-customize-web-access-login-page-33

Change this line to:

rds-customize-web-access-login-page-34

This change will force the code to always configure for public mode.

Save the file.

Refresh or open the Web Access page and you’ll see the interface options for choosing a

security mode is gone.

Save the file.

Customizing the disclaimer

You can replace this text with a text provided by your organization’s legal department, or you can

choose to clear it.

Open “login.aspx” and move to line number 41:

You can clear it (pictured here), or change it to what you want it to say

rds-customize-web-access-login-page-39

Enabling password expiry notification for RDP connections

Check group policy setting Interactive Logon: Prompt user to change password before expiration in Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\Security Options

It should work regardless of the type of user session. Please check resulting Group Policy on your RDP host to check that this setting not changed.

https://serverfault.com/questions/828232/enabling-password-expiry-notification-for-rdp-connections

Add custom RDP settings to a Collection

Admin PowerShell

Set-RDSessionCollectionConfiguration –CollectionName "RDP" -CustomRdpProperty "domain:s:AddYourDomainHere"



.