I am having some issues with a couple of programs on our terminal server. We are running Windows 2019. The problem programs are Adobe Reader and Internet Explorer. They appear to be taking up lots of resources and I'm hoping that there are registry settings
or group policies that I can implement to reduce the utilization.
↧
Terminal Server - Adobe Reader and IE hogging resources
↧
How to deploy extensions for Chromium Edge on terminal servers
Hello everybody,
A customer runs a fairly large terminal server farm and suffers hard from lots of websites loading tons of ads, JavaScript and other unneeded content. They use Chromium Edge, which works quite fine so far on the RD servers.
How can we deploy a Chromium Edge extension such as uBlock to all (2500!) users please?
Best Regards, Stefan Falk
↧
↧
RDP timeout from Windows Server 2008 R2 to another Win2K12 or 2008
We have a user who is trying to RDP into a different companies Windows Server through a site to site tunnel. The user is getting timeouts. I have now set the Keep alive interval, Idle session limit and Active session limit through group policy to be applied to this server. This is a server desktop (server 2008 R2) through Citrix that the user is trying to access and from within that session she is trying to initiate an RDP session to the other side of the tunnel and access the server. She is getting RDP session timeout shown below. Now, I am not sure whether the other end they have kept the keep alive and idle session.But, I have enabled it on our end as this being the client from which the user is initiating the RDP. Is it wrong or should it be initiated on the other end only?
AA2913
↧
Migrate connection broker 2016 to 2019
Hi,
As RDS 2019 upgrade documentation seems to be non existing, I thought I'd ask this question here. Is it still necessary to migrate a connection broker from version 2016 to 2019 by doing an in place upgrade of the machine as was the case with 2012 to 2016? As the connection broker role is basically the same in both versions, I thought it might be possible to place the 2016 broker in HA mode, add a 2019 broker and remove the 2016 machine after that.
Is that possible?
↧
saggy performance internally.
have a new deployment of server 2019 terminal services. We are sharing just the applications, not the full vdi, also i have the session host and the gateway/broker as two separate virtual machines using hyper-v. The session host is using a direct attached graphics card. The gateway/broker is configured w/ two nics, one internal, and the other in a DMZ. The session host just has the one internal nic.
The issues is that when i connect from my internal network, that is when the performance is awful. The best i can describe it is that it's lagging behind. For example the calculator app, after i move the mouse over it and click some numbers, over the course of the next 30 seconds i can see just where i moved my mouse all over the app and click the numbers. Also when i move the app's windows it moves about 30 seconds after i move it. However if i remote in from the outside world it works perfect. Hardware performance is not getting taxed at all, it feels very much like a connection thing. I had meraki verify that all the traffic was staying local on that switch, and the there was no lag coming from the switch, but he did note that he felt there was an excessive amount of udp traffic given the task at hand.
Any idea's on where else i could even look to trouble shoot this, or better yet a solution>?
many thanks!
IT guy
↧
↧
A Remote Desktop Services deployment does not exist in the server pool
Hi All,
I have a number of virtual server based on mostly Widows Server 2012 R2 and Windows Server 2016.
The scheme of the Remote Desktop Services deployment is following:
1 Dedicated Remote Desktop Gateway server
2 Remote Desktop Licensing servers
Around 100 Remote Desktop Services servers (each has RD Session Host, RD Web Access and RD Connection Broker roles installed)
All of a sudden on a huge proportion of them I can't manage Remote Desktop services and unable to manage a collection.
Tried to restart some servers - Doesn't help
Tried to restart Rd related services - Doesn't help
Checked RDCms SQL database - it s OK and not in any non-functional state
Tried to disable IPv6 protocol on NIC - Doesn't help
Checked roles installation status -
Checked Event Viewer logs and the only entry I could find was under Applications and Services Logs \ Microsoft \ Windows \ TerminalServices-SessionBroker \ Operational -
Please advise what might be the root cause of this issue and how to resolve it.
Thanks and Regards,
↧
UPD - recycle bin problem - Users cannot delete files randomly
Hello,
We have a problem with the bin of our UPD profils.
Our farm :
DCS01 and DCS02 : active directory
MGM01 : management of the RDS farm and SQL database for broker HA.
BRK01 and BRK02 : brokers
RDS01, 02,...07 : RDS hosts
FLS01 : data + upd location
Diagnostic :
User connects to the farm.
Randomly, users can delete, or not, files on their desktop, download, ... They are prompted for admin credentials.
We saw that when they cannot delete, the bin is empty, and their icon on c:\users is a yellow folder. When they can delete, their icon is the beautiful little hard drive, and the bin contains the previous deleted files :
Test :
Delete from other location outside UPD, like C:\test\test.txt : ok no problem,
Files are not in the public folder
regedit - profillist (in case of temp profil) : no temp profil
delete $recycle.bin in the upd
delete c:\$recycle.bin on each RDSH servers
disable the GPO with "Hide these specified drives in My Computer" and with the prevent access on my test user
restart all servers except DCs
Delete the $recycle.bin in the UVHD-template
shift + del : it's ok, no prompt for admin credentials, but we lose the bin..
Currently, we have these rights on the $recycle.bin of the UPD
I tried to add aclcls c:\users\%username%\$recycle.bin /grant %username%:F
But :
- when we have the problem (yellow folder icon), we can delete files without credentials prompt, 2 files are added in c:\users\%username%\$recycle.bin for each file deleted (see with dir command) but the bin on the desktop is still empty.
- when the session is ok (hard drive icon), we don't have the file deleted, previously with the problem, in the bin on desktop.
We tried too to mount the UPD on the FLS server, unassigned the letter, unmount the UPD.
We don't have more ideas. If you can help us please.
I hope I have been understandable
Thanks
<style></style><style></style><style></style><style></style>
↧
RDSH Licensing - license server does not have any installed licenses with the following attributes: Product version: Windows Server 2019 Licensing mode: Per User License type: RDS CALs
My RDSH servers have the following warning :
The Remote Desktop Session Host server is in Per User licensing mode and No Redirector Mode, but license server ovm-rdscal-srv1.esrf.fr does not have any installed licenses with the following attributes:
Product version: Windows Server 2019
Licensing mode: Per User
License type: RDS CALs
My RDSH Licesing server has the appropriate RDS CALs installed
So what ?
↧
RemoteApp External Access Issue
Hello,
I have deployed an RDS server on Windows 2016 Standard with all the roles: RD Web Access, RD Gateway, RD Licensing, RD Connection Broker and RD Session Host. I have installed a wildcard certificate on the IIS (with https binding) and assigned it to all RDS
services, including the RD Gateway, and the status is "Trusted" and "Ok".
All published apps are working fine from the internal network. As for the external (internet) access, i'm able to sign in to the portal and see all the resources, but whenever i click on any of them i have a popup message from "RD Gateway Server Credentials"
asking for user and password. I'm supplying the correct credentials yet i'm faced with "Your computer can't connect to the remote computer because the Remote Desktop Gateway server is temporarily unavailable..."
Note the following details:
The local domain is different than the external one, and the wildcard certificate was created for the public one.
-RD Gateway in the deployment properties was configured to use the external FQDN.
-Only Port 443 is published to the internet.
-All clients are using Windows 10 (Pro/Ent).
Any help would be much appreciate it! Been working days to solve this issue and read many articles but couldn't find the proper solution.
Thx.
Khalil S.
↧
↧
Web Site and RD Gateway Server ?
Hi,
We are using RD Gateway Server (Running on Windows 2008R2 Server). It is only used by End Users to connect to their own Desktop at office.
We would like to find out whether we can disable IIS ?
Thanks
↧
Applications start more than 1 minute from a remote desktop user
HI! I have windows 2008 r2 RDS server.
Under any rds user any applications start more than 1 minute, under Admin all fine.
Why is this possible?
↧
Configure Remote Desktop Gateway to work with SSH
Is there any way to configure RDG so that linux user could use RDG as jump host to connect on linux servers.
↧
RDSH in mulitple collections
HI,
We have a server 2012 R2 that has all the RDS roles lets call it our Primary portal . We use this server to published different applications from different server 2012 R2 RDSH servers, Each RDSH server has its own collection.
One of the servers called SRV1 has its own Collection with some applications that we accessing it from a different Rdweb/gateway sever, lets call it secondary portal, with a different url.
We did by accident add this SRV1 also to our primary RDS deployment and also published an application and application is accessable from our primary portal. But as you know an RDSH server can be member of a single collection and that is why we cannot access pulished applications from our secondary portal.
Can I just simply remove the RDSH server from the collection on the primary portal?
Shahin
↧
↧
WS 2019 terminal service frequently crashes
Hi,
we have a Windows Server 2019 Std running as an RDP server in the cloud. Since April we have the problem that the RDP sessions are often disconnected (session freezes, RDP ends automatically between 1-10x a day).
The connection to the data center is established via VPN. There are no problems with the VPN.RDP licenses are assigned to all users, and the server also has enough free resources.The TS has been restarted every night since the beginning of last week. According to user reports, the RDP abortions have become fewer.It does not always affect all users working on the terminal server at the same time.Users are connected from different locations or from the homeoffice and use Windows 10 or MacBook (yes, it also gets caught).On April 29th, 2020 I finally got an error message in the log:
(error message translated from german to english):
Faulting application name: svchost.exe_TermService, version: 10.0.17763.1, timestamp: 0xb900eeff
Name of the faulty module: rdpnano.dll, version: 1.0.1910.10003, time stamp: 0x5d9fb8b3
Exception code: 0xc0000005
Error offset: 0x000000000007a054
Faulting process id: 0x490
Faulting application start time: 0x01d61cfc9b512c4c
Faulting application path: C: \ Windows \ System32 \ svchost.exe
Faulting module path: C: \ Windows \ System32 \ rdpnano.dllReport ID: 6c0ddb81-d8e6-4f0e-932c-344fe1af1559
Full name of the faulty package:Application ID that is relative to the bad package:
I hope someone can help me
↧
RDP Web Client Not Displaying Correctly
I just installed RDWebclient on our Windows Server 2016. I have it fully patched and have restarted the server since installing again. I uninstalled and reinstalled RDWebclient on the server. However, the web page is not displaying correctly. For instance, instead of display "Username" above the username input field, it says "USER_NAME_LABEL" and for password it says "PASSWORD_LABEL". In the top left hand corner, it says "ALL_RESOURCES_TAB_LABEL". Any help would be greatly appreciated. Thanks! (Sorry, I can't post a picture of it because my account is not validated).
↧
2012 R2 RDS Temporary Profile issue
I have set up a standard 3 node 2012 R2 RDS for testing. All virtualized on VMware ESXi 5.0. I have a connection Broker, session host, and web access server. I have published several applications and I can access them without a problem. Here is my issue:
When I try to log on to my session host server either locally or thru RDP, I am always logged in with a Temporary profile. It does not mater what user account I use. Even logging on locally as the administrator I get a temporary profile.
All windows updates are installed and current.
I have removed the server from the domain, deleted the account, and rejoined it to the domain.
I have deleted all .bak registry entries from here:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
There is a hotfix here for a similar issue on 2012 but it does not apply to 2012 R2
The only event viewer errors are:
1515 (Windows has backed up this user profile. Windows will automatically try to use the backup profile the next time this user logs on.)
1511 (Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.)
Any suggestions to resolve would be greatly appreciated.
Russ
↧
Authentication Method and NPS
Hello,
I was wondering if someone could help me confirm is this is correct. Setting up a new Server 2016 Remote Desktop Services gateway & farm of session host servers which is pointing to a central NPS store for authentication and accounting.
When a user connects to the session host server (a desktop collection), in the NPS log I can see the authentication method of that connection equals "Unauthenticated", why? Is this a mis-configuration on my part, if so, can someone point me to a guide showing me what I may have done wrong? I am fairly familiar with RDS on a small scale but maybe lacking when it comes to the next level.
- NPS Connection policy is setup okay
- Network policy settings must be "Authentication Method = Allow Unauthenticated Access"
Is this right? Why? Why aren't the connection attempts showing to be encrypted? - Maybe the NPS is just allowing the connection and the authentication/encryption is handled by the gateway/broker/session host against the domain controller?
For example:
- TestUser1 visits my website https://mySite.com/RdWeb
(it is encrypted with a public CA cert) - Logs in fine, sees the published desktop application "Company Desktop"
- Clicks the "Company Desktop" icon, and gets logged on
In the event viewer of the NPS server (this is NOT a DC) I see the Network Policy allowed the connection, such as:
Network Policy Server granted access to a user.User:
Security ID: MyCo\TestUser1
Account Name: MyCo\TestUser1
Account Domain:MyCo
Fully Qualified Account Name:MyCo.com/Users and Computers/TestUser1
Client Machine:
Security ID: MyCo\L-0608$
Account Name: L-0608.MyCo.com
Fully Qualified Account Name:MyCo\L-0608$
Called Station Identifier:UserAuthType:PW
Calling Station Identifier:-
NAS:
NAS IPv4 Address:-
NAS IPv6 Address:-
NAS Identifier:-
NAS Port-Type:Virtual
NAS Port: -
RADIUS Client:
Client Friendly Name:MyRdWaGw
Client IP Address:1.x.x.x
Authentication Details:
Connection Request Policy Name:My RDS Gateway
Network Policy Name:RDP to My RD Servers
Authentication Provider:Windows
Authentication Server:MyServer.gtcorp.com
Authentication Type:Unauthenticated
EAP Type: -
Account Session Identifier:-
Logging Results:Accounting information was written to the local log file.
↧
↧
Problem connecting via RDP
Hello
I have a computer (Mango) that is unable to connect to another computer (Kiwi) via RDP. Mango is able to remote into all other domain computers and all other domain computers are able to remote into Kiwi. Mango can ping Kiwi via FQDN and IP and gets a normal response, however RDP tries to connect for a few seconds then says it is unable to connect.
I have tried disabling virusscan and firewall on both computers. I have confirmed that both computers are using the correct RDP port. I repaired my windows installation with DISM and sfc. I still am unable to connect via RDP between these two computers. Any help is appreciated.
↧
RemoteApps connect to host, but the App won't launch
Windows Server 2016 standard - AD Environment - Clients are working from home
RemoteApps worked fine for a while; then we had to create a new certificate because it expired (used for RD connection Broker, RD Web Access, RD Gateway).
Certificate is installed on local machine, put into trusted root.
On some (very few) of my clients machines; the remoteapps will connect; but the app wont launch! (Then the client get disconnected / signe out after a few seconds.) They are machines that worked great before the new certificate.
(Machines are not part of the AD since they are external)
Here are some tests / investigation I did :
- Not related to Windows edition (happened on a Win 7 pro, Win10 enterprise and some Win10 home)
- Not related to AD profil the user uses to connect (Profiles work on a computer that doesnt have this problem; and every AD profiles will do the same on a computer affected by the problem)
- Does not seem to be network related (my own personnal PC has the same issue at my home; but my laptop works fine on my same network.)
- The remoteapps says it connected to the Gateway; but the app won't launch. (I see the user poping-up on the server; then they get disconnected 1-2 min after.)
- If I start their application on a computer not affected by the problem; they CAN connected (over me) and see the app. Moreover; all additionnal apps will launch and work once one is working. (from different rdp files)
- They were able to connect ONCE without problem; then the problem appeared and any profile I try for their computer, result in the same issue.
- I tried clearing the "cache" in HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\Default. But the problem persist.
- I tried installing an old / different mstsc; to no avail.
- In one case (my personnal PC who has the problem, apparently); creating a new local Windows profile solved this issue. It didn't on 2 other PC I tried.
This has me racking my brain...
Thanks
↧
was not authorized to connect to the RD Gateway server because a tunnel could not be created after installing MFA solution
We have built a new RDGateway\RDWeb server and initial testing was working successfully. We then installed our MFA Solution (SMS Passcode) and are now getting getting this error:
The user "userid", on client computer "ipaddress", was not authorized to connect to the RD Gateway server because a tunnel could not be created. The authentication method attempted: "Cookie" and connection protocol "HTTP". The following error occurred: "2147965432".
This is occuring on all browsers we have tested with (Edge-Chromium, Chrome, IE111) but if the user does an Empty cache and hard refresh in their browser, they are able to successfully authenticate and connect.
If we do an iisrest on the RDWeb server, users are able to successfully authenticate and connect for approx. 10 minutes before this starts occurring again.
We have totally rebuilt the server and installed all roles and have consultants double check the RDGateway\RDWeb setup to confirm those are installed correctly.
Has anyone seen this before or may now of a fix?
jkv
↧