Internet Explorer For Mac Microsoft Remote Desktop
- Microsoft Remote Desktop For Mac 10
- Internet Explorer For Mac Microsoft Remote Desktop Connection With Multiple Screens
Jul 03, 2017 To access Remote Desktop over the Internet, you’ll need to use a VPN or forward ports on your router. We’ve covered several solutions for accessing your desktop remotely over the Internet. However, if you have a Professional, Enterprise, or Ultimate edition of Windows, you already have the full Windows Remote Desktop installed. Jul 31, 2019 The Internet Explorer icon does not appear on your desktop. When you try to use the Desktop Items dialog box in Windows XP or the Desktop Icon Settings dialog box in Windows Vista to add the Internet Explorer icon, there is no Internet Explorer check box.
The Remote Desktop web client lets users access your organization's Remote Desktop infrastructure through a compatible web browser. They'll be able to interact with remote apps or desktops like they would with a local PC no matter where they are. Once you set up your Remote Desktop web client, all your users need to get started is the URL where they can access the client, their credentials, and a supported web browser.
Important
The web client does not currently support using Azure Application Proxy and does not support Web Application Proxy at all. See Using RDS with application proxy services for details.
What you'll need to set up the web client
Before getting started, keep the following things in mind:
- Make sure your Remote Desktop deployment has an RD Gateway, an RD Connection Broker, and RD Web Access running on Windows Server 2016 or 2019.
- Make sure your deployment is configured for per-user client access licenses (CALs) instead of per-device, otherwise all licenses will be consumed.
- Install the Windows 10 KB4025334 update on the RD Gateway. Later cumulative updates may already contains this KB.
- Make sure public trusted certificates are configured for the RD Gateway and RD Web Access roles.
- Make sure that any computers your users will connect to are running one of the following OS versions:
- Windows 10
- Windows Server 2008R2 or later
Your users will see better performance connecting to Windows Server 2016 (or later) and Windows 10 (version 1611 or later).
Important
If you used the web client during the preview period and installed a version prior to 1.0.0, you must first uninstall the old client before moving to the new version. If you receive an error that says 'The web client was installed using an older version of RDWebClientManagement and must first be removed before deploying the new version,' follow these steps:
- Open an elevated PowerShell prompt.
- Run Uninstall-Module RDWebClientManagement to uninstall the new module.
- Close and reopen the elevated PowerShell prompt.
- Run Install-Module RDWebClientManagement -RequiredVersion <old version> to install the old module.
- Run Uninstall-RDWebClient to uninstall the old web client.
- Run Uninstall-Module RDWebClientManagement to uninstall the old module.
- Close and reopen the elevated PowerShell prompt.
- Proceed with the normal installation steps as follows.
How to publish the Remote Desktop web client
To install the web client for the first time, follow these steps:
On the RD Connection Broker server, obtain the certificate used for Remote Desktop connections and export it as a .cer file. Copy the .cer file from the RD Connection Broker to the server running the RD Web role.
On the RD Web Access server, open an elevated PowerShell prompt.
On Windows Server 2016, update the PowerShellGet module since the inbox version doesn't support installing the web client management module. To update PowerShellGet, run the following cmdlet:
Important
You'll need to restart PowerShell before the update can take effect, otherwise the module may not work.
Install the Remote Desktop web client management PowerShell module from the PowerShell gallery with this cmdlet:
After that, run the following cmdlet to download the latest version of the Remote Desktop web client:
Next, run this cmdlet with the bracketed value replaced with the path of the .cer file that you copied from the RD Broker:
Finally, run this cmdlet to publish the Remote Desktop web client:
Make sure you can access the web client at the web client URL with your server name, formatted as https://server_FQDN/RDWeb/webclient/index.html. It's important to use the server name that matches the RD Web Access public certificate in the URL (typically the server FQDN).
Note
When running the Publish-RDWebClientPackage cmdlet, you may see a warning that says per-device CALs are not supported, even if your deployment is configured for per-user CALs. If your deployment uses per-user CALs, you can ignore this warning. We display it to make sure you're aware of the configuration limitation.
When you're ready for users to access the web client, just send them the web client URL you created.
Note
To see a list of all supported cmdlets for the RDWebClientManagement module, run the following cmdlet in PowerShell:
How to update the Remote Desktop web client
When a new version of the Remote Desktop web client is available, follow these steps to update the deployment with the new client:
Open an elevated PowerShell prompt on the RD Web Access server and run the following cmdlet to download the latest available version of the web client:
Intelligent suggestions recommend tasks from across your lists that may be relevant each day.Microsoft To Do helps you quickly capture and retrieve your lists and tasks across devices. Your tasks and lists are hosted securely on the Microsoft 365 service.Make your lists unique with customizable features like emoji, colorful themes, dark mode and more. If you like to have a hard copy of your lists, then you can now print them out.As you select a due date for a task, you may want to stop for a moment and admire the new look date picker. Microsoft tasks app mac. Sync reminders and tasks with Microsoft 365 to access them anywhere.Capture tasks from different Microsoft apps and services and sync them with Microsoft To Do, from flagging emails as tasks in Outlook to lists from Cortana. Printing has arrived on Mac!
Optionally, you can publish the client for testing before official release by running this cmdlet:
The client should appear on the test URL that corresponds to your web client URL (for example, https://server_FQDN/RDWeb/webclient-test/index.html).
Publish the client for users by running the following cmdlet:
This will replace the client for all users when they relaunch the web page.
How to uninstall the Remote Desktop web client
To remove all traces of the web client, follow these steps:
On the RD Web Access server, open an elevated PowerShell prompt.
Unpublish the Test and Production clients, uninstall all local packages and remove the web client settings:
Uninstall the Remote Desktop web client management PowerShell module:
How to install the Remote Desktop web client without an internet connection
Follow these steps to deploy the web client to an RD Web Access server that doesn't have an internet connection.
Note
Installing without an internet connection is available in version 1.0.1 and above of the RDWebClientManagement PowerShell module.
Note
You still need an admin PC with internet access to download the necessary files before transferring them to the offline server.
Note
The end-user PC needs an internet connection for now. This will be addressed in a future release of the client to provide a complete offline scenario.
From a device with internet access
Open a PowerShell prompt.
Import the Remote Desktop web client management PowerShell module from the PowerShell gallery:
Download the latest version of the Remote Desktop web client for installation on a different device:
Download the latest version of the RDWebClientManagement PowerShell module:
Copy the content of 'C:WebClient' to the RD Web Access server.
From the RD Web Access server
Follow the instructions under How to publish the Remote Desktop web client, replacing steps 4 and 5 with the following.
You have two options to retrieve the latest web client management PowerShell module:
- Import the Remote Desktop web client management PowerShell module:
- Copy the downloaded RDWebClientManagement folder to one of the local PowerShell module folders listed under $env:psmodulePath, or add the path to the folder with the downloaded files to the $env:psmodulePath.
Deploy the latest version of the Remote Desktop web client from the local folder (replace with the appropriate zip file):
Connecting to RD Broker without RD Gateway in Windows Server 2019
This section describes how to enable a web client connection to an RD Broker without an RD Gateway in Windows Server 2019.
Setting up the RD Broker server
Follow these steps if there is no certificate bound to the RD Broker server
Open Server Manager > Remote Desktop Services.
In Deployment Overview section, select the Tasks dropdown menu.
Select Edit Deployment Properties, a new window titled Deployment Properties will open.
In the Deployment Properties window, select Certificates in the left menu.
In the list of Certificate Levels, select RD Connection Broker - Enable Single Sign On. You have two options: (1) create a new certificate or (2) an existing certificate.
Follow these steps if there is a certificate previously bound to the RD Broker server
Open the certificate bound to the Broker and copy the Thumbprint value.
To bind this certificate to the secure port 3392, open an elevated PowerShell window and run the following command, replacing '< thumbprint >' with the value copied from the previous step:
Note
To check if the certificate has been bound correctly, run the following command:
In the list of SSL Certificate bindings, ensure that the correct certificate is bound to port 3392.
Open the Windows Registry (regedit) and nagivate to
HKLMSYSTEMCurrentControlSetControlTerminal ServerWinStationsRDP-Tcp
and locate the key WebSocketURI. The value must be set to https://+:3392/rdp/.
Setting up the RD Session Host
Follow these steps if the RD Session Host server is different from the RD Broker server:
Create a certificate for the RD Session Host machine, open it and copy the Thumbprint value.
To bind this certificate to the secure port 3392, open an elevated PowerShell window and run the following command, replacing '< thumbprint >' with the value copied from the previous step:
Note
To check if the certificate has been bound correctly, run the following command:
In the list of SSL Certificate bindings, ensure that the correct certificate is bound to port 3392.
Open the Windows Registry (regedit) and nagivate to
HKLMSYSTEMCurrentControlSetControlTerminal ServerWinStationsRDP-Tcp
and locate the key WebSocketURI. The value must be set to https://+:3392/rdp/.
General Observations
Ensure that both the RD Session Host and RD Broker server are running Windows Server 2019.
Ensure that public trusted certificates are configured for both the RD Session Host and RD Broker server.
Note
If both the RD Session Host and the RD Broker server share the same machine, set the RD Broker server certificate only. If the RD Session Host and RD Broker server use different machines, both must be configured with unique certificates.
The Subject Alternative Name (SAN) for each certificate must be set to the machine's Fully Qualified Domain Name (FQDN). The Common Name (CN) must match the SAN for each certificate.
How to pre-configure settings for Remote Desktop web client users
This section will tell you how to use PowerShell to configure settings for your Remote Desktop web client deployment. These PowerShell cmdlets control a user's ability to change settings based on your organization's security concerns or intended workflow. The following settings are all located in the Settings side panel of the web client.
Suppress telemetry
By default, users may choose to enable or disable collection of telemetry data that is sent to Microsoft. For information about the telemetry data Microsoft collects, please refer to our Privacy Statement via the link in the About side panel.
As an administrator, you can choose to suppress telemetry collection for your deployment using the following PowerShell cmdlet:
By default, the user may select to enable or disable telemetry. A boolean value $false will match the default client behavior. A boolean value $true disables telemetry and restricts the user from enabling telemetry.
Remote resource launch method
Note
This setting currently only works with the RDS web client, not the Windows Virtual Desktop web client.
By default, users may choose to launch remote resources (1) in the browser or (2) by downloading an .rdp file to handle with another client installed on their machine. As an administrator, you can choose to restrict the remote resource launch method for your deployment with the following Powershell command:
By default, the user may select either launch method. A boolean value $true will force the user to launch resources in the browser. A boolean value $false will force the user to launch resources by downloading an .rdp file to handle with a locally installed RDP client.
Reset RDWebClientDeploymentSetting configurations to default
To reset a deployment-level web client setting to the default configuration, run the following PowerShell cmdlet and use the -name parameter to specify the setting you want to reset:
Troubleshooting
If a user reports any of the following issues when opening the web client for the first time, the following sections will tell you what to do to fix them.
What to do if the user's browser shows a security warning when they try to access the web client
The RD Web Access role might not be using a trusted certificate. Make sure the RD Web Access role is configured with a publicly trusted certificate.
If that doesn't work, your server name in the web client URL might not match the name provided by the RD Web certificate. Make sure your URL uses the FQDN of the server hosting the RD Web role.
What to do if the user can't connect to a resource with the web client even though they can see the items under All Resources
If the user reports that they can't connect with the web client even though they can see the resources listed, check the following things:
- Is the RD Gateway role properly configured to use a trusted public certificate?
- Does the RD Gateway server have the required updates installed? Make sure that your server has the KB4025334 update installed.
If the user gets an 'unexpected server authentication certificate was received' error message when they try to connect, then the message will show the certificate's thumbprint. Search the RD Broker server's certificate manager using that thumbprint to find the right certificate. Verify that the certificate is configured to be used for the RD Broker role in the Remote Desktop deployment properties page. After making sure the certificate hasn't expired, copy the certificate in .cer file format to the RD Web Access server and run the following command on the RD Web Access server with the bracketed value replaced by the certificate's file path:
Diagnose issues with the console log
If you can't solve the issue based on the troubleshooting instructions in this article, you can try to diagnose the source of the problem yourself by watching the console log in the browser. The web client provides a method for recording the browser console log activity while using the web client to help diagnose issues.
- Select the ellipsis in the upper-right corner and navigate to the About page in the dropdown menu.
- Under Capture support information select the Start recording button.
- Perform the operation(s) in the web client that produced the issue you are trying to diagnose.
- Navigate to the About page and select Stop recording.
- Your browser will automatically download a .txt file titled RD Console Logs.txt. This file will contain the full console log activity generated while reproducing the target issue.
The console may also be accessed directly through your browser. The console is generally located under the developer tools. For example, you can access the log in Microsoft Edge by pressing the F12 key, or by selecting the ellipsis, then navigating to More tools > Developer Tools.
Get help with the web client
If you've encountered an issue that can't be solved by the information in this article, you can report it on Tech Community. You can also request or vote for new features at our suggestion box.
-->Applies to: Windows 10, Windows 8.1, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2
Now that you've set up the Remote Desktop client on your device (Android, Mac, iOS, or Windows), you may have questions. Here are answers to the most commonly asked questions about the Remote Desktop clients.
The majority of these questions apply to all of the clients, but there are a few client specific items.
If you have additional questions that you'd like us to answer, leave them as feedback on this article.
Setting up
Which PCs can I connect to?
Check out the supported configuration article for information about what PCs you can connect to.
How do I set up a PC for Remote Desktop?
I have my device set up, but I don't think the PC's ready. Help?
First, have you seen the Remote Desktop Setup Wizard? It walks you through getting your PC ready for remote access. Download and run that tool on your PC to get everything set.
Otherwise, if you prefer to do things manually, read on.
For Windows 10, do the following:
- On the device you want to connect to, open Settings.
- Select System and then Remote Desktop.
- Use the slider to enable Remote Desktop.
- In general, it's best to keep the PC awake and discoverable to facilitate connections. Click Show settings to go to the power settings for your PC, where you can change this setting.
Note
You can't connect to a PC that's asleep or hibernating, so make sure the settings for sleep and hibernation on the remote PC are set to Never. (Hibernation isn't available on all PCs.)
Make note of the name of this PC under How to connect to this PC. You'll need this to configure the clients.
You can grant permission for specific users to access this PC - to do that, click Select users that can remotely access this PC.Members of the Administrators group automatically have access.
For Windows 8.1, follow the instructions to allow remote connections in Connect to another desktop using Remote Desktop Connections.
Connection, gateway, and networks
Why can't I connect using Remote Desktop?
Here are some possible solutions to common problems you might encounter when trying to connect to a remote PC. If these solutions don't work, you can find more help on the Microsoft Community website.
The remote PC can't be found. Make sure you have the right PC name, and then check to see if you entered that name correctly. If you still can't connect, try using the IP address of the remote PC instead of the PC name.
There's a problem with the network. Make sure you have internet connection.
The Remote Desktop port might be blocked by a firewall. If you're using Windows Firewall, follow these steps:
Open Windows Firewall.
Click Allow an app or feature through Windows Firewall.
Click Change settings. You might be asked for an admin password or to confirm your choice.
Under Allowed apps and features, select Remote Desktop, and then tap or click OK.
If you're using a different firewall, make sure the port for Remote Desktop (usually 3389) is open.
Remote connections might not be set up on the remote PC. To fix this, scroll back up to How do I set up a PC for Remote Desktop? question in this topic.
The remote PC might only allow PCs to connect that have Network Level Authentication set up.
The remote PC might be turned off. You can't connect to a PC that's turned off, asleep, or hibernating, so make sure the settings for sleep and hibernation on the remote PC are set to Never (hibernation isn't available on all PCs.).
Why can't I find or connect to my PC?
Check the following:
Is the PC on and awake?
Did you enter the right name or IP address?
Important
Using the PC name requires your network to resolve the name correctly through DNS. In many home networks, you have to use the IP address instead of the host name to connect.
Is the PC on a different network? Did you configure the PC to let outside connections through? Check out Allow access to your PC from outside your network for help.
Are you connecting to a supported Windows version?
Note
Windows XP Home, Windows Media Center Edition, Windows Vista Home and Windows 7 Home or Starter are not supported without 3rd party software.
Why can't I sign in to a remote PC?
If you can see the sign-in screen of the remote PC but you can't sign in, you might not have been added to the Remote Desktop Users Group or to any group with administrator rights on the remote PC. Ask your system admin to do this for you.
Which connection methods are supported for company networks?
If you want to access your office desktop from outside your company network, your company must provide you with a means of remote access. The RD Client currently supports the following:
- Terminal Server Gateway or Remote Desktop Gateway
- Remote Desktop Web Access
- VPN (through iOS built-in VPN options)
VPN doesn't work
VPN issues can have several causes. The first step is to verify that the VPN works on the same network as your PC or Mac computer. If you can't test with a PC or Mac, you can try to access a company intranet web page with your device's browser.
Other things to check:
- The 3G network blocks or corrupts VPN. There are several 3G providers in the world who seem to block or corrupt 3G traffic. Verify VPN connectivity works correctly for over a minute.
- L2TP or PPTP VPNs. If you are using L2TP or PPTP in your VPN, please set Send All Traffic to ON in the VPN configuration.
- VPN is misconfigured. A misconfigured VPN server can be the reason why the VPN connections never worked or stopped working after some time. Ensure testing with the iOS device's web browser or a PC or Mac on the same network if this happens.
How can I test if VPN is working properly?
Verify that VPN is enabled on your device. You can test your VPN connection by going to a webpage on your internal network or using a web service which is only available via the VPN.
How do I configure L2TP or PPTP VPN connections?
If you are using L2TP or PPTP in your VPN, make sure to set Send all traffic to ON in the VPN configuration.
Web client
Which browsers can I use?
The web client supports Microsoft Edge, Internet Explorer 11, Mozilla Firefox (v55.0 and later), Safari, and Google Chrome.
What PCs can I use to access the web client?
The web client supports Windows, macOS, Linux, and ChromeOS. Mobile devices are not supported at this time.
Can I use the web client in a Remote Desktop deployment without a gateway?
No. The client requires a Remote Desktop Gateway to connect. Don't know what that means? Ask your admin about it.
Does the Remote Desktop web client replace the Remote Desktop Web Access page?
No. The Remote Desktop web client is hosted at a different URL than the Remote Desktop Web Access page. You can use either the web client or the Web Access page to view the remote resources in a browser.
Microsoft Remote Desktop For Mac 10
Can I embed the web client in another web page?
This feature is not supported at the moment.
Monitors, audio, and mouse
How do I use all of my monitors?
To use two or more screens, do the following:
- Right-click the remote desktop that you want to enable multiple screens for, and then click Edit.
- Enable Use all monitors and Full screen.
Is bi-directional sound supported?
Bi-directional sound can be configured in the Windows client on a per-connection basis. The relevant settings can be accessed in the Remote audio section of the Local Resources options tab.
What can I do if the sound won't play?
Sign out of the session (don't just disconnect, sign all the way out), and then sign in again.
Mac client - hardware questions
Is retina resolution supported?
Yes, the remote desktop client supports retina resolution.
How do I enable secondary right-click?
In order to make use of the right-click inside an open session you have three options:
- Standard PC two button USB mouse
- Apple Magic Mouse: To enable right-click, click System Preferences in the dock, click Mouse, and then enable Secondary click.
- Apple Magic Trackpad or MacBook Trackpad: To enable right-click, click System Preferences in the dock, click Mouse, and then enable Secondary click.
Is AirPrint supported?
No, the Remote Desktop client doesn't support AirPrint. (This is true for both Mac and iOS clients.)
Why do incorrect characters appear in the session?
If you are using an international keyboard, you might see an issue where the characters that appear in the session do match the characters you typed on the Mac keyboard.
This can occur in the following scenarios:
- You are using a keyboard that the remote session does not recognize. When Remote Desktop doesn't recognize the keyboard, it defaults to the language last used with the remote PC.
- You are connecting to a previously disconnected session on a remote PC and that remote PC uses a different keyboard language than the language you are currently trying to use.
You can fix this issue by manually setting the keyboard language for the remote session. See the steps in the next section.
How do language settings affect keyboards in a remote session?
Internet Explorer For Mac Microsoft Remote Desktop Connection With Multiple Screens
There are many types of Mac keyboard layouts. Some of these are Mac specific layouts or custom layouts for which an exact match may not be available on the version of Windows you are remoting into. The remote session maps your keyboard to the best matching keyboard language available on the remote PC.
If your Mac keyboard layout is set to the PC version of the language keyboard (for example, French – PC) all your keys should be mapped correctly and your keyboard should just work.
If your Mac keyboard layout is set to the Mac version of a keyboard (for example, French) the remote session will map you to the PC version of the French language. Some of the Mac keyboard shortcuts you are used to using on OSX will not work in the remote Windows session.
If your keyboard layout is set to a variation of a language (for example, Canadian-French) and if the remote session cannot map you to that exact variation, the remote session will map you to the closest language (for example, French). Some of the Mac keyboard shortcuts you are used to using on OSX will not work in the remote Windows session.
If your keyboard layout is set to a layout the remote session cannot match at all, your remote session will default to give you the language you last used with that PC. In this case, or in cases where you need to change the language of your remote session to match your Mac keyboard, you can manually set the keyboard language in the remote session to the language that is the closest match to the one you wish to use as follows.
Use the following instructions to change the keyboard layout inside the remote desktop session:
On Windows 10 or Windows 8:
- From inside the remote session, open Region and Language. Click Start > Settings > Time and Language. Open Region and Language.
- Add the language you want to use. Then close the Region and Language window.
- Now, in the remote session, you'll see the ability to switch between languages. (In the right side of the remote session, near the clock.) Click the language you want to switch to (such as Eng).
You might need to close and restart the application you are currently using for the keyboard changes to take effect.
Specific errors
Why do I get an 'Insufficient privileges' error?
You are not allowed to access the session you want to connect to. The most likely cause is that you are trying to connect to an admin session. Only administrators are allowed to connect to the console. Verify that the console switch is off in the advanced settings of the remote desktop. If this is not the source of the problem, please contact your system administrator for further assistance.
Why does the client say that there is no CAL?
When a remote desktop client connects to a Remote Desktop server, the server issues a Remote Desktop Services Client Access License (RDS CAL) stored by the client. Whenever the client connects again it will use its RDS CAL and the server will not issue another license. The server will issue another license if the RDS CAL on the device is missing or corrupt. When the maximum number of licensed devices is reached the server will not issue new RDS CALs. Contact your network administrator for assistance.
Why did I get an 'Access Denied' error?
The 'Access Denied' error is a generated by the Remote Desktop Gateway and the result of incorrect credentials during the connection attempt. Verify your username and password. If the connection worked before and the error occurred recently, you possibly changed your Windows user account password and haven't updated it yet in the remote desktop settings.
What does 'RPC Error 23014' or 'Error 0x59e6' mean?
In case of an RPC error 23014 or Error 0x59E6 try again after waiting a few minutes, the RD Gateway server has reached the maximum number of active connections. Depending on the Windows version running on the RD Gateway the maximum number of connections differs: The Windows Server 2008 R2 Standard implementation limits the number of connections to 250. The Windows Server 2008 R2 Foundation implementation limits the number of connections to 50. All other Windows implementations allow an unlimited number of connections.
What does the 'Failed to parse NTLM challenge' error mean?
This error is caused by a misconfiguration on the remote PC. Make sure the RDP security level setting on the remote PC is set to 'Client Compatible.' (Talk to your system admin if you need help doing this.)
What does 'TS_RAP You are not allowed to connect to the given host' mean?
This error happens when a Resource Authorization Policy on the gateway server stops your user name from connecting to the remote PC. This can happen in the following instances:
- The remote PC name is the same as the name of the gateway. Then, when you try to connect to the remote PC, the connection goes to the gateway instead, which you probably don't have permission to access. If you need to connect to the gateway, do not use the external gateway name as PC name. Instead use 'localhost' or the IP address (127.0.0.1), or the internal server name.
- Your user account isn't a member of the user group for remote access.