If you are changing the shared secret for a server that is running Network Policy Server (NPS) on which a central Remote Desktop connection authorization policy (RD CAP) is stored, keep in mind that you must use the same case-sensitive shared secret that you specified when configuring the RD Gateway server as a RADIUS client on the central server running NPS.
We also recommend that you do the following:
- Generate long shared secrets (more than 22 characters) comprised of a random sequence of letters, numbers, and punctuation.
- Change the shared secret often.
Membership in the local Administrators group, or equivalent, on the RD Gateway server that you plan to configure, is the minimum required to complete this procedure. Review details about using the appropriate accounts and group memberships at
 | To remove a server running NPS or change the shared secret for a server running NPS for a centrally stored RD CAP |
On the RD Gateway server, open Remote Desktop Gateway Manager. To open Remote Desktop Gateway Manager, click Start, point to Administrative Tools, point to Remote Desktop Services, and then click Remote Desktop Gateway Manager.
In the console tree, click to expand the node that represents the local RD Gateway server, which is named for the computer on which the RD Gateway server is running.
In the console tree, expand Policies, and then click Central Network Policy Servers.
In the results pane, in the list of central Network Policy Servers, click the name of the server running NPS that you want to remove or whose shared secret you want to modify.
On the Action menu, click Configure Central RD CAP.
In the Properties dialog box for the RD Gateway server, on the RD CAP Store tab, do either of the following:
- To remove a server that is running NPS, click the name of the server running NPS that you want to remove, and then click Remove Server Running NPS.
If only one server running NPS is specified and you remove it from the list, you must add another server running NPS to the list if you plan to use a centrally stored RD CAP. - To change the shared secret for a server running NPS, click the name of the server running NPS for which you want to change the shared secret, and then click Change Shared Secret. In the Shared Secret dialog box, enter a new shared secret in the Enter a new shared secret box, and then click OK.
- To remove a server that is running NPS, click the name of the server running NPS that you want to remove, and then click Remove Server Running NPS.
Click OK to close the Properties dialog box for the RD Gateway server.