One of the new features in System Center Configuration Manager R2 is the ability to create Remote Connection Profiles.
What’s a Remote Connection Profile
The Remote Desktop Profile feature in SCCM2012 R2 enables your users to remotely connect to Company RDP capable devices that are not connected to the domain or using personal devices that can connect over public network.
This feature enables you to deploy Desktop Connection Settings to users in your Configuration Manager hierarchy. Organisations using Windows Intune will have the ability to deploy the remote desktop connection settings to the Windows Intune Company Portal.
extract from Microsoft:
“When you specify remote connection profile settings by using the Configuration Manager console, the settings are stored in the local policy of the client computer. These settings might override Remote Desktop settings configured by another application. Additionally, if you use Windows Group Policy to configure Remote Desktop settings, the settings specified in the Group Policy will override those configured by using Configuration Manager.”
Prerequisites for Remote Connection Profiles in Configuration Manager
- A Remote Desktop Gateway server is required for granting access to users outside of the company domain
- Ensure that the current in place Group Policy’s will not effect the Remote Connection Profiles. Remote Connection Profiles are stored in the Client Computer’s Local Policy. Group Policy may override the policy if policy’s are already in place.
- You will need to create a windows firewall exception for connections on the windows domains and private network settings. Configuration Manager will configure Windows Firewall Automatically when deploying the profile, but for all those using third party client firewalls, you will need to create the exceptions. Also for those using group policy to manage Windows firewall, you will need to manually add the exception in Group Policy.
Configuration Manager requirements:
- End Users will need the Work Computers set as the primary device.
- For Access to Work Computers using Windows Intune, must have a active connection to Windows Intune using the Windows Intune Connector Site System Role.
- Set the required Security Permissions to manage Remote Connection Profiles.
For more information on Remote Connection Profiles in Configuration Manager, Please see the Following article http://technet.microsoft.com/en-us/library/dn261214.aspx
Configuring and Deploying Remote Connection Profiles:
You can find the Remote Connection Profiles under Assets and Compliance > Compliance Settings > Remote Connection Profiles
Right Click on Remote Connection Profiles > Create Remote Connection Profile
Enter a name for the Profile
Set the connection settings
Confirm the configuration
Once the profile is created, you will need to deploy it to a device collection.
Right click on the Profile and select deploy.
Once deployed, the profile will show as deployed.