Using Terminal Server Proxy webapps with Round Robin DNS

Using Terminal Server Proxy webapps with Round Robin DNS

My Terminal Server Proxy webapp does not always connect to my backend server, when using the Round Robin DNS name. If we go directly to one of the relays, we can connect 100% of the time.



Assign individual DNS names to your relay IP addresses. 
relay1.example-cloud.com 
relay2.example-cloud.com 
etc... 

Add those DNS names to the Virtual Hosts section of the respective relay objects. 

Create your Terminal Server Proxy webapp and get it working. 
When editing the webapp object, make a note of the webapp DN. 
This is listed at the top of the properties page when editing the webapp object. 
It looks something like : cn=mywebapp,ou=WebApps,ou=webNetwork,o=stoneware 

Assign the link to your test account. Test the link and make sure it works properly. 

Assign this "rights" link to all users who will eventually have access to this webapp. 

Remove the visible option for the "rights" link so it does not show up on the users' menu. 

This link will act as a way to give users rights to the back end web server. 

Next, make a standard link. We are going to set the url to launch the application from a specific relay. 
This is done by using the webapplication's DN that you made a note of earlier. 
Set the URL for the standard link to https://relay1.example-cloud.com/StartWebApplication/cn=mywebapp,ou=WebApps,ou=webNetwork,o=stoneware. 

Set a restriction on the link to only be visible on that specific relay. 
Now assign this link to the appropriate users. 

Login to that relay and test, this should work just like the original "rights" link that you originally created. 

Now make as many separate links like the above, changing the relay DNS and restriction as needed. 

Common quesions 
1) What is the "rights" link for ? 

Answer :
All access to webapplications is granted to users via link objects.  If users do not have access to a link that is a webapplication type link then they will not have access to the back end server. 

2) Why does the "rights" link not need to be visible? 
Answer : Because it is just granting the user rights, all of the launching of the webapp is done with the standard links. 

We are investigating methods of automating this process in our code, so that this method isn't necessary.


    Can't find the KB

    Unable to find the KB to address your issue ?  

      • Recent Articles

      • Change Reset Password Button Text

        Change the text of the "Reset Password" button on the UW Login Page How to change the text of the Reset Password button on the Login Page. Login to webNetwork and open webAdmin on your Relay Central Server Expand Customization Center Expand Tenants ...

      • Remove Reset Password Button From Login Page

        Remove the Reset Password Button from the Login Page How to remove the Reset Password button from the Unified Workspace login page. Login to webNetwork and open webAdmin on your Relay Central Server Expand Customization Center Expand Tenants Expand ...

      • Lenovo Unified Workspace End-of-Life Questions and Answers

        As of January 31st 2024, Lenovo Unified Workspace (formerly Stoneware WebNetwork) is no longer supported. This means that we no longer provide licenses, downloads, updates, patches, or technical assistance for this product. If you have any questions ...

      • How do I determine my Unified Workspace license expiration date?

        The best method for determining the licensing information including the expiration date of your Unified Workspace license: Login to your 8090 management console on each server This may take remoting into each LUW server and relay, opening a browser, ...

      • Lenovo Unified Workspace 7.0.2.13 Released

        Highlights of Unified Workspace 7.0.2.13 Before you install: Please view the installation notes here. 7.0.2.13 requires a 7.0 license file. Below is a list of enhancements and fixes released in Unified Workspace 7.0.2.13 Fixed external storage ...

      • Related Articles

      • Issues with Round Robin DNS and webNetwork

        Round Robin DNS is considered the "poor mans load balancer"  You can find the information about it at WikipediA.  In general Round-Robin DNS works well with static web sites.  Once dynamic information is utilized then there may be problems.  The ...

      • Launching mstsc.exe using Slingshot and Generic TCP Proxy webApps

        Issue: The old SSLVPN RDS webApp to launch mstsc.exe no longer works after upgrading to 6.4, due to the Java plug-in going away with modern browsers, and other security enhancements. Solution: Create a set of webApps that open a TCP proxy port, and ...

      • SSLVPN Terminal Server webapps through Safari on Mac with Java 1.7 not connecting

        Customer is trying to launch a SSLVPN Terminal Server webapp using Safari on their Mac. The are receiving the following error:  "Received and error connecting to 127.0.0.1"  Webapp connects fine using Firefox.  Customer is using the latest version of ...

      • DNS Errors

        Customer is having issues talking to active directory and ran a dns test with the results INFO: exploring forest using domain controller: server1.company.com  >>>>>: (DNS) - testing domain: COMPANY  INFO: according to DNS, the following services are ...

      • SSLVPN TS webapps through Safari on Mac with Java 1.7 not connecting

        The customer is trying to launch an SSLVPN Terminal Server webapp using Safari on their Mac. They are receiving the following error:  "Received and error connecting to 127.0.0.1"  Webapp connects fine using Firefox.  The customer is using the latest ...