Terminal Services Gateway issue with 2012 R2 Essentials

[livewire]

I've got an out of the box install of Server 2012 R2 Essentials with Anywhere Access set up. When I remote desktop into a computer on the network using the Anywhere Access terminal server gateway, I can't get access to the Local Devices and Resources section to allow Drives to be accessed. It's just greyed out. Where do I find the setting to allow this?

 

[YeOldeStonecat]

Assuming the website portal works OK? Such as HTTPS://remote.clientsdomain.com/remote ?

And the clientconnect installer was run on the workstations?

And in the SBS dash, the user was given permissions to log onto the computer..and the computer was selected?

Fresh domain setup, or migration from prior server?

 

[TAPtech]

http://technet.microsoft.com/en-us/library/cc780664(v=ws.10).aspx

I think that is disabled by default. Looks like it is just a GPO though.

EDIT: I'm sorry I'm just realizing that link is for an older version of MS Server OS, but perhaps it will provide some useful hints for you.

 

[livewire]

Assuming the website portal works OK? Such as HTTPS://remote.clientsdomain.com/remote ?
Yes, the connection is being initiated from the portal. Everything about the portal is working. When the RDP file is downloaded from the portal, I tried to edit it to allow access to the local drives and the option is disabled.

And the clientconnect installer was run on the workstations?
Yes the connection wizard was run on the machines being connected to but not on the machines outside of the network being used to connect to the Anywhere Access portal. The computers being connected to are joined to the domain.

And in the SBS dash, the user was given permissions to log onto the computer..and the computer was selected?
Yes, this is correct.

Fresh domain setup, or migration from prior server?

Fresh domain setup. No prior server. Only thing I can think of that might have an effect on this is the wizard in essentials that turns on group policy for folder redirection was run and folder redirection is in effect.

 

[Mokester]

As stated previously, check GPOs.

Computer Configuration\Policies\Administrative Templates\Windows Components\Terminal Services\Terminal Server\Device and Resource Redirection

Check and modify the settings in here for device redirection.

 

[livewire]

Checked the GPO and it is enabled there - no restriction. I'm stumped.

 

[Mokester]

GPResults for both the server and the workstation? What does it tell you? Anything in event logs?

 

[livewire]

GPResults for both the server and the workstation? What does it tell you? Anything in event logs?

Will check those tonight. In the mean time, the Remote Desktop Gateway Manager's CAP looks like this:

If the user is a member of any of the following user groups:
<DOMAIN>\Domain Admins, <DOMAIN>\WseAllowComputerAccess, <DOMAIN>\WseAllowDashboardAccess
If the client computer is a member of any of the following computer groups:
Not applicable (no computer group is specified)
If the user uses the following supported Windows authentication methods:
Password or smart card
Allow the user to connect to this RD Gateway server and disable device redirection for the following client devices:
Not applicable (device redirection is allowed for all client devices)
After the idle timeout is reached:
- Disconnect after60 Minute(s)
After the session timeout is reached:
- Silently re-authenticate and reauthorize after480 Minute(s)