UPDATE March 31, 2019:  Tested as compatible with Windows Server 2019.  Script now updates WorkspaceID which provides better experience to end users of deployment.

This cmdlet allows you to change the published Fully Qualified Domain Name (FQDN) that clients use to connect to a Windows Server 2019/2016/2012R2/2012 Remote Desktop Services deployment.  This FQDN is included in .rdp files published via RD Web Access and the RemoteApp and Desktop Connections feed.

A common scenario where the ability to change the published name is useful is when your internal domain is .local, .private, .internal, etc.  For instance, you purchase and install a wildcard certificate (*.yourdomain.com) for use with RDS, but when your users connect they receive a name mismatch error because they are attempting to connect to rdcb.yourdomain.local.  This cmdlet allows you to change the FQDN they will use to a name that will match your certificate (rdcb.yourdomain.com).



Set-RDPublishedName [-ClientAccessName] <String> [[-ConnectionBroker] <String> ]


In this example the cmdlet is run directly on the RD Connection Broker and we would like to change the published name to remote.contoso.com. We are making this change in order to match our installed wildcard certificate which has a subject of *.contoso.com:

Set-RDPublishedName "remote.contoso.com"


NOTE:  Depending on your configuration people connecting via RD Gateway may be unable to connect after changing the published FQDN.  They may receive error message similar to below:


 Remote Desktop can't connect to the remote computer "remote.contoso.com" for one of these reasons:

 1) Your user account is not listed in the RD Gateway's permission list

2) You might have specified the remote computer in NetBIOS format (for example, computer1), but the RD Gateway is expecting an FQDN or IP address format (for example, computer1.fabrikam.com or

Contact your network administrator for assistance.


To solve this you may need to update your RD Gateway Resource Authorization Policy (RD RAP).  In RD Gateway Manager, Properties of your RD RAP, Network Resource tab, select Allow users to connect to any network resource .  An alternative is to create a RD Gateway-managed group with all of the required target ip addresses, NetBIOS names, and FQDNs in it, and then select the group on the Network Resource tab instead of the Allow Any option described above.  You may create/edit an RDG-managed group in RD Gateway Manager, select Resource Authorization Policies in left pane, then click Manage Local Computer Groups in Actions pane.

If you have any questions regarding this cmdlet or its usage please ask in the Remote Desktop Services Forum: