Problem
You’ve configured your RemoteApp resources on your Remote Desktop Services and attempt to launch an application but receive the following warning message:
A website is trying to run a RemoteApp program. Make sure that you trust the publisher before you connect to run the program.
This RemoteApp program could harm your local or remote computer. Make sure that you trust the publisher before you connect to run this program.
Don’t ask me again for remote connections from this publisher
Image may be NSFW.
Clik here to view.
Image may be NSFW.
Clik here to view.Image may be NSFW.
Clik here to view.
As shown in the screenshots above, you have the option of checking the checkbox that reads:
Don’t ask me again for remote connections from this publisher
… to remove this prompt but you do not want everyone in the organization to receive this prompt.
Solution
One of the ways to remove this warning prompt is to implement a GPO and apply it to the user or computer account to trust the SHA1 thumbprint of the certificate presented. Begin by opening the properties of the certificate and navigating to the Details tab that is used for your Remote Desktop Services portal:
Image may be NSFW.
Clik here to view.
Scroll down to the bottom where the Thumbprint is listed:
Image may be NSFW.
Clik here to view.
Select the Thumbprint field:
Image may be NSFW.
Clik here to view.
Select the thumbprint and copy the text:
Image may be NSFW.
Clik here to view.
Now before we proceed to copy this into the setting of the GPO we’ll be using, it is important to paste the thumbprint you have just copied into a command prompt as such:
Image may be NSFW.
Clik here to view.
Notice how there is a question mark: ? in front of the thumbprint? Note that paste this into Notepad does not reveal this unwanted question mark:
Image may be NSFW.
Clik here to view.
Proceed and copy the thumbprint from the command prompt without the question mark.
Next, create a new GPO or open an existing GPO that you would like to use and navigate to:
Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Connection Client
Note that this policy can be applied to either a computer object or a user account so use whichever fits better for your environment.
Image may be NSFW.
Clik here to view.
Proceed and open the Specify SHA1 thumbprints of certificates representing trusted .rdp publishers:
Image may be NSFW.
Clik here to view.
Paste the copied thumbprint into the Comma-separated list of SHA1 trusted certificate thumbprints field:
Image may be NSFW.
Clik here to view.
Apply the configuration:
Image may be NSFW.
Clik here to view.
The user should no longer see the warning prompt once the policy is applied to a computer object or user account.