Publish Remote Desktop Services RemoteApp with Forefront UAG

Let’s begin

First we need to set up a Windows Server 2008 R2 Remote Desktop Session host with the RemoteApp feature. You will find more installation instructions here.

This article assumes that a Forefront UAG portal trunk has already been configured. If you want to read more on how to create a Forefront UAG portal, please read the following article.

To publish RemoteApps as an application in the Portal trunk open the Forefront UAG administration console and right click the Portal icon – Add application. We want to publish Terminal Services aka Remote Desktop Services and the RemoteApp feature as shown in the following screenshot. 

Figure 1: Publish RemoteApp

Enter an Application name

Forefront UAG has some powerful capabilities called Endpoint policies which control the requirements a client must fulfill to get access to the Forefront UAG portal and published applications. To learn more about Endpoint policies you can read the following article. The Application wizard presents some default Endpoint policies. It is possible to modify these policies for example if you want to be more restrictive if a user should not be able to use features like clipboard redirection, device and drive mappings.

Figure 2: Forefront UAG Endpoint Policies

Before we are able to use the published RemoteApps on the Remote Desktop Session host we have to export the list of RemoteApps on the RemoteApp Server. Start the RemoteApp Manager on the RemoteApp Server and select Export RemoteApp settings in the action pane as shown in the following screenshot.

Figure 3: Export RemoteApp Settings on the Remote Desktop Session host

Export the file at a location where Forefront UAG is able to access the file. In the Import RemoteApp Programs section import the exported RemoteApp (.TSPUB) file. The name of the Remote Desktop Session host will be automatically configured, based on the information in the export file.

Figure 4: Import RemoteApp programs

Add the available RemoteApp programs to the published RemoteApp list which should be accessible for users in the Forefront UAG portal.

Figure 5: Select RemoteApps to publish in the Forefront UAG portal

In Step 6 use imported settings for screen resolution and more if you don’t want to change these settings.

Add a Portal Link name which should be visible for users in the Forefront UAG portal.

Figure 6: Enable authentication for all or special users / user groups

After the Assistant has been finished, save and activate the configuration.

Users should now be able to access the published RemoteApp programs through the Forefront UAG portal.

On the client connect to the Forefront UAG portal website you should see the published RemoteApp as seen in the following screenshot.

Figure 7: The client activates the RemoteApp and Desktop Connection

Start a RemoteApp and after a short connection time you should be able to use Microsoft Paint.

Figure 8: Starting the RemoteApp

You are now able to work with the published application in mostly the same way as a local installed Microsoft paint application on the client.

Figure 9: Microsoft paint through Forefront UAG and RemoteApp


In this article I went through how to publish Windows Server 2008 R2 Remote Desktop services with the RemoteApp feature through Forefront UAG. Publishing RemoteApps through a Forefront UAG portal is a great and simple solution to grant users access to internal applications hosted on Remote Desktop Session hosts. The built-in Remote Desktop Gateway on the Forefront UAG Server makes it easy to publish Remote Desktop Services because the RDP connection will be encapsulated into the HTTPS protocol which is secure and Firewall friendly.

Related links

About The Author

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top