Which command should you run?

Hotspot Question
You have a server named Server1 that runs Windows Server 2016. Server1 has the Windows
Application proxy role service installed. You plan to deploy Remote Desktop Gateway (RD Gateway)
services. Clients will connect to the RD Gateway services by using various types of devices
including Windows, iOS and Android devices. You need to publish the RD Gateway services
through the Web Application Proxy. Which command should you run? To answer, select the
appropriate options in the answer area.

Hotspot Question
You have a server named Server1 that runs Windows Server 2016. Server1 has the Windows
Application proxy role service installed. You plan to deploy Remote Desktop Gateway (RD Gateway)
services. Clients will connect to the RD Gateway services by using various types of devices
including Windows, iOS and Android devices. You need to publish the RD Gateway services
through the Web Application Proxy. Which command should you run? To answer, select the
appropriate options in the answer area.

Answer:

← Previous question

Next question →

Leave a Reply 5

ExplinationGuy

Set-WebApplicationProxyApplication – Modifies settings of a web application published through Web Application Proxy. We Need to Create.
https://technet.microsoft.com/en-us/itpro/powershell/windows/wap/set-webapplicationproxyapplication

Set-WebApplicationProxyConfiguration -Modifies the configuration settings of a Web Application Proxy server. We need to publish and application, not destroy the server 🙂
https://technet.microsoft.com/en-us/itpro/powershell/windows/wap/set-webapplicationproxyconfiguration

So the first is correct: Add-WebApplicationProxyApplication -Publishes a web application through Web Application Proxy.

then the latter one:
Passthrough Does nothing to authenticate, making the gateway the point to authenticate
Client Certificate – this is an option if you can deploy client certificates to all devices. altough this is a valif option,the question does not state anything about the client certificates.

I cannot determine the other options

ADFS is in place an can be used if the relying party is configured, basicly we can assume this is the case, therefore
https://msdn.microsoft.com/en-us/library/dn765521(v=vs.85).aspx
https://technet.microsoft.com/windows-server-docs/identity/web-application-proxy/publishing-applications-using-ad-fs-preauthentication

Reply

Vincent Peh

ExternalPreAuthentication should be “Passthru”?

Ref: https://docs.microsoft.com/en-sg/windows-server/remote/remote-access/web-application-proxy/publishing-applications-with-sharepoint%2c-exchange-and-rdg

“If you need to support rich clients such as RemoteApp and Desktop Connections or iOS Remote Desktop connections, these do not support pre-authentication so you have to publish RDG using pass-through authentication.”

Reply

Tetra-Grammaton-Cleric

Answer: Correct (it’s in the question) -ADFSRelyingPartyName argument is used, therefore the PreAuthentication is to be done by… ADFS.

See here:

Reply

Tetra-Grammaton-Cleric

https://docs.microsoft.com/en-sg/windows-server/remote/remote-access/web-application-proxy/publishing-applications-using-ad-fs-preauthentication

Reply

AndreasL

Not an easy one. However, this link at least describes that it is possible to use a) pass through authentication but also b) use preauthentication. I would also go with ADFS and preauthentication, as it will increase security.

Ref: https://technet.microsoft.com/en-US/library/dn765486(WS.11).aspx

Reply