Resource Authorization Policy defines: 

  • user groups who are allowed to connect the computers specified below through this RD gateway
  • computer groups that users are allowed to connect through this RD gateway
  1. Launch RD Gateway Manager


  2. Right click "Resource Authorization Policies", then select "Create New Policy - Wizard". 



  3. Select "Create only a RD RAP", and click "Next". 



  4. Enter a name, e.g. "RD RAP", and click "Next". 



  5. On this page you will set the user groups who are allowed to connect through this gateway. 
    Click "Add Group" 


  6. Enter a user group, e.g. "Domain Users", then click "OK" to save



  7. Click "Next"



  8.  On this page you will set the network resource that users are allowed to connect through this gateway. 

    Note

    If you select "an Active Directory Domain Services network resource group" then users will only be able to connect to computers in the specified group by their computer name. However, if you select the option "Allow users to connect to any network resource" then users will be able to connect to any computer by its IP address.

     Select the first option "Select an Active Directory Domain Services network resource group", then click "Browse"

  9. Enter a computer group, e.g. "Domain Computters", then click "OK" to save



  10. Click "Next"



  11. Select "Allow connection only to port 3389". Click "Next"



  12. Click "Finish"