Have spent hours searching through these forums, and thus far nothing I've found seems to address my specific problem. Running Server 2012R2 as a domain controller with the RDG services installed. Attempting to set up a secure connection for the office manager, so she can remote in from home and connect to her specific office computer. Connection is configured to be secure through the Remote Desktop Gateway Services, all installed and set up on the server. I'm only running into one issue.
In the Active Directory Users & Computers applet, all user accounts are set up to allow logon to specific computers, including the office manager's account. (She only has permission to log onto any of the three computers in her office). When she attempts an RDP connection from home, the connection is successful only if her account is set to allow logon to all computers. When I set it to logon to specific computers, the RDP attempt fails with "your computer can't connect to the remote computer because an error occurred on the remote computer that you want to connect to".
Now, figuring that since I'm specifying specific computers for user accounts, I added the server to her account as one of the computers she's authorized to log on to, figuring that authorization was needed in order for her to log in to the remote gateway. However, that made no difference. Still got the same error.
So what do I need to do in order to allow this account to log on remotely over the Internet, without permitting that account to log on to all computers? I'm stumped.