Event ID 624 — TS Gateway Server Configuration
Applies To: Windows Server 2008
.jpg)
For remote clients to successfully connect to internal network resources (computers) through a Terminal Services Gateway (TS Gateway) server, the TS Gateway server must be configured correctly. The TS Gateway server must be configured to use an appropriate Secure Sockets Layer (SSL)-compatible X.509 certificate, and authorization policy settings must be configured correctly. Terminal Services connection authorization policies (TS CAPs) specify who can connect to the TS Gateway server. Terminal Services resource authorization policies (TS RAPs) specify the internal network resources that clients can connect to through a TS Gateway server.
Event Details
| Product: | Windows Operating System |
| ID: | 624 |
| Source: | Microsoft-Windows-TerminalServices-Gateway |
| Version: | 6.0 |
| Symbolic Name: | AAG_EVENT_LB_NOT_LOADBALANCING |
| Message: | The TS Gateway server "%1" is not a member of a domain and therefore cannot be added to the TS Gateway server farm. To add this TS Gateway server to the farm, you must first add the server to a domain. |
Resolve
Add the TS Gateway server to a domain
To resolve this issue, add the TS Gateway server to a domain.
To perform this procedure, you must have membership in the local Administrators group, or you must have been delegated the appropriate authority.
To add the TS Gateway server to a domain:
- Click Start, right-click Computer, and then click Properties.
- Under Computer name, domain, and workgroup settings, click Change settings.
- On the Computer Name tab, click Change.
- In the Computer Name/Domain Changes dialog box, under Member of, click Domain, type the name of the domain to which you want to add the TS Gateway server, and then click OK.
- When prompted, in the Computer Name/Domain Changes dialog box, enter the appropriate credentials.
- In the Computer Name/Domain Changes dialog box, a welcome message appears to confirm that the computer was successfully added to the domain. Click OK.
- The Computer Name/Domain Changes dialog box will appear again, stating that the computer must be restarted for the changes to be applied. Click OK.
- Click Close to close the System Properties dialog box.
- A message will appear prompting you to choose whether to restart the computer immediately or later. Click Restart now to restart the computer immediately. If you click Restart later, the computer will not be added to the domain until you restart the computer.
Verify
To verify that the TS Gateway server is configured correctly, examine Event Viewer logs and search for the following event messages. These event messages indicate that the Terminal Services Gateway service is running, and that clients are successfully connecting to internal network resources through the TS Gateway server.
To perform this procedure, you do not need to have membership in the local Administrators group. Therefore, as a security best practice, consider performing this task as a user without administrative credentials.
To verify that the TS Gateway server is configured correctly:
- On the TS Gateway server, click Start, point to Administrative Tools, and then click Event Viewer.
- In the Event Viewer console tree, navigate to Application and Services Logs\Microsoft\Windows\TerminalServices-Gateway, and then search for the following events:
- Event ID 101, Source TerminalServices-Gateway: This event indicates that the Terminal Services Gateway service is running.
- Event ID 200, Source TerminalServices-Gateway: This event indicates that the client connected to the TS Gateway server.
- Event ID 302, Source TerminalServices-Gateway: This event indicates that the client connected to an internal network resource through the TS Gateway server.