Article ID: 2702989 - View products that this article applies to.
As an administrator, you publish Remote Desktop Services or RemoteApps through Microsoft Forefront Unified Access Gateway 2010 so that users can connect to a Remote Desktop Virtualization Host (RD Virtualization Host) server. This process is also known as publishing a personal virtual desktop or virtual desktop pool that is hosted on a Hyper-V server. However, when a user cannot connect to the RD Virtualization Host server, you may find the following errors logged in the Windows Terminal Services Gateway operation event log:
The user "\UserA", on client computer "127.0.0.1", did not meet resource authorization policy requirements and was therefore not authorized to resource "IPv4:IPv6 address". The following error occurred: "23002".
Additionally, the user may receive the following error message at the same time:
Remote Desktop can't connect to the remote computer rdshost.contoso.com for one of the following reasons:
1) Your user account is not listed in the RD Gateway's permission list
2) You might have specified the remote computer in NetBIOS format
(for example, computer1), but the RD Gateway is expecting an FQDN or
IP address format (for example, computer1.fabrikam.com or 18.104.22.168).
Contact your network administrator for assistance.
This problem may occur because Forefront United Access Gateway 2010 does not support publishing Windows 7 Personal Virtual Desktops or a Virtual desktop pool.
To resolve this problem, install the service pack that is described in the following Microsoft Knowledge Base article:
2710791After you apply Service Pack 2, follow these steps on the Unified Access Gateway 2010 server to enable Virtual Desktop Infrastructure (VDI) functionality:
(http://support.microsoft.com/kb/2710791/ )Description of Service Pack 2 for Forefront Unified Access Gateway 2010
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
A user is connected to a personal virtual desktop in the following way:
For more information about how to modify RDP parameters, go to the following Microsoft TechNet website:
Modifying RDP parametersFor more information about the Load Balance Info parameter, go to the following Microsoft TechNet website:
Load balance infoFor more information about the LoadBalanceInfo property, go to the following Microsoft Developer Network (MSDN) website:
IMsRdpClientAdvancedSettings::LoadBalanceInfo propertyTo find your VDI Pool ID, you have to connect to your Internal Connection Broker server, and then follow these steps:
For more information about how to deploy virtual desktops, refer to the following VDI resource guides:
Deploying Personal Virtual Desktops by Using Remote Desktop Web Access Step-by-Step GuideFor more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
Deploying Virtual Desktop Pools by Using Remote Desktop Web Access Step-by-Step Guide
(http://support.microsoft.com/kb/824684/ )Description of the standard terminology that is used to describe Microsoft software updates