For the most recent update on ongoing service disruptions affecting the AWS Middle East (UAE) Region (ME-CENTRAL-1), refer to the AWS Health Dashboard. For information on AWS Service migration, see How do I migrate my services to another region?
How do I connect to my WorkSpaces Personal with RDP?
I want to use a Remote Desktop Protocol (RDP) client to troubleshoot why I can't connect to my WorkSpaces Personal from an Amazon WorkSpaces client.
Short description
You can use a WorkSpaces client to connect to your WorkSpace. However, you might need to connect to a WorkSpace and then use an RDP client to troubleshoot issues. You must update the WorkSpaces security group settings to allow RDP connections from the IP address of your RDP client.
Note: It's a best practice to use only an RDP client to connect to a WorkSpace when you troubleshoot issues. Then, you must remove the RDP inbound rule that you added.
Resolution
To connect to your WorkSpace with RDP, complete the following steps:
- Open the WorkSpaces console.
- Choose WorkSpaces in the navigation pane. Then, choose Personal.
- Select the WorkSpace. Note the IP address under WorkSpace IP.
- Open the Amazon Elastic Compute Cloud (Amazon EC2) console.
- In the navigation pane, under Network & Security, choose Network Interfaces.
- In the search box, enter the IP address.
- Select the network interface associated with the IP address. Note the IP address in the Public IPv4 address column (if any).
- Choose the link in the Security groups column.
- Choose the Inbound rules tab, and then choose Edit inbound rules.
- Choose Add Rule, and then create a rule with the following attributes:
Type: RDP
Protocol: TCP
Port Range: 3389
Source: Enter the IP addresses that you use to connect to your WorkSpace. To connect to a WorkSpace with a public IP address from outside AWS, check the public IP address and then enter it. If you want to connect from an Amazon EC2 instance, then provide its private IP address. For WorkSpaces launched on a public subnet without internet access turned on in the Directory, use the WorkSpace private IP address. For more information, see How do I associate an Elastic IP address with a WorkSpace?
Important: For the IP address, don't enter 0.0.0.0/0 or allow IP addresses that don't require access. If you use 0.0.0.0/0, then all IPv4 addresses can use RDP to access your instance. If you use ::/0, then all IPv6 addresses can access your instance. Authorize only a specific IP address or range of IP addresses that can access your instance. - Choose Save rules.
To use the RDP from the IP addresses that you specified to connect to your WorkSpace, complete the following steps:
- Open Remote Desktop Connection.
- For Computer, enter the WorkSpace IP address. If the WorkSpace has a public or Elastic IP address and your computer isn't inside AWS, then enter the public or Elastic IP address. If you want to connect from an EC2 instance, then enter the WorkSpace private IP address. Then, choose Connect.
- For Enter your credentials, use the credentials of any Active Directory user that is a member of the Remote Desktop Users group in Active Directory. Then, choose OK.
Note: The user credentials must be in the following format: domain_name\username
Related information
- Language
- English
What if you don't have the user credentials though? For example a scenario where a Workspace Admin needs to RDP into a users Workspace (Windows) and so doesn't know the Workspaces user password?
Thank you for your comment. We'll review and update the Knowledge Center article as needed.
You can use any credentials that Windows accepts. This means that you don't necessarily need to use the WorkSpaces user credentials. Any Active Directory user that is part of the Remote Desktop Users group will work. If you have a local administrator account, that will work as well.
Depending on your company policies, you can also reset the user's password in Active Directory as a last resort, while notifying your user
Relevant content
- asked 3 years ago
- asked 6 years ago
- AWS OFFICIALUpdated 8 months ago
