Hello everybody,
on a Windows Server 2012 R2 terminal server, users try to connect via RDP. Their password is expired already. The server does not allow them to change their password now, but only displays a message saying that the password has expired and needs to be changed. As said, however, the user does not get any dialog box to actually change her password.
Why? And what can we do to fix that?
Best Regards, Stefan Falk
Hi,
We have created a RDS licensing server in 2012 and installed 50 licenses successfully. My requirement is register five 2012 servers to RDS licensing servers and pull the licenses whenever users logins to any of these five 2012 servers via RDP.
Please let me whether this solution will work.
Thanks
I have windows 7 32 bit. I have always been able to remote into this computer until recently. Now, I am unable to remote into my workstation. The screen which I am remoting to goes black, and I cannot recover it. The screen where I am remoting from simply has a spinning circle until it times out. This problem has coincided with the recent installation of AVG on the computer which I am remoting to.
I have disabled the firewall and updated the drivers on the video adapters. I am running multiple monitors on the machine which I am remoting to. any guidance would be appreciated.
Hi
When Windows updates are available for our work servers, I use my Windows 10 Pro home computer (from home) to establish a VPN connection and then use Remote Desktop to log on to the servers, install the updates and restart the servers. After they have restarted I log on again to make sure everything is OK. I use Remote Desktop Connection Manager V2.2 (RDCM) to do this - this allows me to establish a connection to all 4 servers at the same time. I have been doing this for several years using various methods with XP, Vista, Win7 and Win8.1
I tried this last Thursday and although I could establish a VPN connection to my employers network, I was unable to establish a remote desktop connection. For example, I tried to connect to a server and the RDCM tries to connect but after between 5 and 10 seconds a message is displayed:
Disconnected from server-name (Unable to establish a connection)
I tried using Windows' built-in Remote Desktop Connection (Desktop App), but it displays an error message saying
Remote Desktop can't connect to the remote computer for one of these reasons:...
I have tried connecting using the server name (which is how I normally connect) and via IP address.
Our work network has Remote Access installed on a member server. Staff can connect remotely only if they are members of a global security group named VPN and NPS has a policy defined that explicitly allows for this (the default NPS policies are disabled). The work network comprises 4 servers and 35 clients and uses a 192.168.0.xxx addressing range. It comprises a single Active Directory domain on a single 255.255.255.0 subnet. There are two domain controllers: 2012 R2 and 2008. Remote access connections to the network are routed via the gateway (a Draytek 2830) router using NAT.
I have an LMHOSTS file on my home PC that identifies the domain and which maps the name/address of our data server. When connected via VPN I am no longer able to connect to the data server using either its name or IP address via Windows Explorer (nothing happens when I try this, I don't even see an error message).
I use Emsisoft Internet Security and have disabled the firewall (and all the components as well), but my PC is still unable to establish a Remote Desktop connection.
I have tried resetting TCP using my admin account but saw the following:
Microsoft Windows [Version 10.0.10586]
(c) 2015 Microsoft Corporation. All rights reserved.
C:\Users\Blood>netsh int ip reset c:\resetlog.txt
Resetting Interface, OK!
Resetting , failed.
Access is denied.
Resetting , OK!
Restart the computer to complete this action.
But it did not help.
After restarting I enabled the Administrator account, logged on using the Administrator account and tried resetting TCP again but saw the same message and after restarting am still unable to establish a Remote Desktop connection. I have also tried restarting the gateway router.
VPN connections are handled fine and IMAP connections to our data server that hosts our mail server software (Mercury/32) also work fine.
The only thing that has changed on my work network is that I have moved a wireless router from one part of the building to another.
I cannot see any error messages in the event logs on my home computer nor on the remote access server at work or the other servers I was trying to connect to.
Does anyone have suggestions I might try to fix this, please?
Thanks.
Hi All,
I have the question about RDP licensing, I already activated 100 license (Per User)
1. What happens if usage exceed the number of CAL Licenses, for example in my case I have 100 license but now user is over the usage 101 user, what is will happen with next user if they try to use RDP such as recycle session or user will unable to do RDP?
2. Current situation now, I have 2 month lease, is there any way that I can reduces this number of lease time such as 1 week or 2 weeks.
3. Can we reset all leased licenses
Thank you.
From Microsoft about RDP 8.1 problem.
Hi,
First of all, please note this:
So the problem is this, first comes the first message and then the second.
It seems to have started after we deployed some Microsoft server updates, but its very inconsistent, some sites seems worse off then others, but its not all machines at any site. We haven't even done client updates yet.
Again, please don't give me a link to an old post or blog saying that I need to enable network level authentication, as shown by the top screenshot, it is already enabled/supported.
I already spent hours googling this. Please, I want responses from people who have actually had the exact same symptoms and issues or someone who has an idea that I haven't already clearly stated that I've checked above already.
Thank you.
System Architecture:
I have 5 Windows Server 2012 R2 Standard instances running a Remote Desktop Services Session Collection.
Server #1 is the Connection Broker, and hosts the share for central User Profile disks.
Servers #1 - #5 are load balanced under the Session Collection.
---
Problem:
1. New user (has not logged in before) RDPs to Server #1. Load balancing redirects to another Server (say Server #5).
2. Login is way too instant. An inspection reveals that the user profile has been logged in with a temporary profile.
3. User logs out fully (as opposed to disconnecting).
4. User logs in again, gets load balanced again to Server #5, this time the loading takes longer, it appears the .VHDX user profiledisks is being created. On inspection, user is using actual profile, no longer using a temporary profile.
---
This is readily reproducible by me. In one instance, it took logging off and then back on two times before the user profile disk was created.
---
An inspection of the logs gives the same error every time:
Remote Desktop Services could not apply a user desktop for a user account with a SID of S-1-5-21-3954512987-845256609-1816244978-2710. A temporary profile was enforced for the user. Verify that the user profile disk settings are correct. The error code is 0x21.135
All online searches of this error all lead to the same hacky "fix" given by Microsoft of deleting a registry key of the profile. None even attempt at the source of the problem. Example article:
https://social.technet.microsoft.com/Forums/windowsserver/en-US/734fae1e-9a47-415c-b53e-e1cdbdd8c38d/windows-2008-r2-you-have-been-logged-on-with-temp-profile
---
These Windows Server 2012 R2 instances are all brand new and have not been subjected to odd changes over time - they are pretty much out of the box OS instances.
This is obviously pretty important to fix. Any ideas?
We also have a couple of RDP 2012 servers which when a user gets allocated session ID 114, they get a black screen.Been having this for 6 months and still can't find a solution. Any ideas?
I have a client that is currently failing there PCI scan due to TLS 1.0
I've modified the registry to remove TLS 1.0 and 1.1 and confirmed TLS 1.2 is there.
Client has Windows 7 computer(s)
I've enabled logging so i can see how clients are connecting.
There appears to be a mix of TLS 1.0 and SSL3, however if i connect it reports TLS 1.2
The RDS Collection is set to TLS 1.0 (there is some bug posted a while back that said it doesn't display the right version!)
In desparation i did try RDS SECURITY but the Win7 clients couldn't launch a RemoteApp and evet log on the server ID:5605 saying to change auth to Pkt_Privacy. and because it was the working day i had to revert back to TLS 1.0
The way i see it, even if i can get the Win7 clients to connect at TLS 1.2, the PCI Scan will still fail !!
This must be an issues many are facing with TLS 1.2 and PCI but can't find any answers, only questions.
If i've missed any vital info here then please ask and i'll try to answer ASAP
Thanks in advance :)
scenario 1: I can connect from a win8 client directly to a 2012 RDSH server and see that UDP is enabled in the connection status.
Scenario 2: When I connect from a win8 client and force the client to use the RD Gateway to connect to the same 2012 RDSH server the connection status shows that UDP is not enabled.
The network setup is all internal even when testing the RD Gateway.
The RD Gateway has the UDP transport box checked and is set to the default port 3391.
any suggestions would be greatly appreciated.
A user connects over remote desktop connection to a Windows Server 2008 R2 Datacenter.
She opens Outlook 2007, conducts a search of sent items for dss@example.com, and there is a gap in the search results.
The missing period is between May 2015 and January 2016.
I say a "gap", because if we browse the Sent items, we can see the emails not returned in the search.
The emails were sent to dss@example.com.
This problem only started occurring since the user returned to work on 11th January 2016.
Today, the version of Outlook installed on the server has been upgraded to 2013, and the problem remains.
Suggestions appreciated.
Hi,
I am building a Windows 2008 R2 Terminal Server for a client that requires speech recognition functionality.
I have installed the Desktop Experience Feature and the Terminal Server is picking up that I have a microphone installed.
However the option to enable Windows Speech Recognition is still greyed out in the Ease of Access Center.
Is there some additional configuration I need to make in order to enable this function, or is it not possible?
Thanks,
Tom
Hi there,
I configured TS to load an internet explorer shortcut. I configured this to load a specific home page. When I test it with my username the webpage loads with the specific home page, and when another user tries to load the shortcut I keep getting a bad homepage. Can anyone help please?
Tux
Hello,
My last small problem is that I cannot shadow a simple VDI session.
I always get the same message: The computer name is invald.
More than that when I start the shadow, the computer name looks weird!
Idea??
Hello,
I have found out a strange behavior in my RDP-Farm.
This is my environment:
RDP-Sessionhost 1: 192.168.0.1
RDP-Sessionhost 2: 192.168.0.2
RDP-Sessionbroker: 192.168.0.3
Farm-Name: WTS-Broker
DNS-Roundrobin configured for the farm name
All Servers are W2K8R2 with current Updates installed.
Now to my problem:
User A makes a RDP-Session to the farm name “wts-broker” with his personal user account. He is landing on Sessionhost 2. Now User A starts a new rdp connection from his session on sessionhost 2 with a different user account to the same RDP-Farm. This time DNS
Round Robin points the RDP Connection to Sessionhost 1 but the load balancing decides to redirect back to Sessionhost 2 where the initial request comes from. In this scenario the RDP connection fails: “Remote
desktop cannot verify that this server belongs to the same server farm.“
Unfortunately I only have the screenshot of this error message in German.
Did anyone encountered that Problem before and knows how to fix this?
Many thanks in advance for your answers.
Hi,
From the internet rdweb works fine, but the app prompts windows security sign on dialog. It will not accept the credentials and boxes return empty. At a certain moment I saw a prompt that the server is not fully identifieded, but that happened only once. SSOworks fine from the inside and apps open.
Server is a domain controller with FQDN and the certificate (Comodo) has the same name. All settings are as instructed in http://www.rdsgurus.com/ssl-certificates/windows-2012-r2-how-to-create-a-mostly-seamless-logon-experience-for-your-remote-desktop-services-environment/.
One note. When installing the certificate on the rd gateway, it failed the first time. both rd gateway and rd web access have trusted level and status OK. There is however a yellow warning saying that I should not use a different certificate. I don't know if this is normal, however there is only one certificate on the computer.
Thanks for the help.
Regards.
Yuval Nir
We are trying to set up a VDI to utilise a Virtual desktop Pool on a windows 2008 R2 server, as the Virtual pool will only consist of 20 Windows 7 PC, all the functioning roles have been installed on the one physical server, these are
RD Connection Broker
RD Web Access
RD session Host
RD Virtualisation Host
I have used this http://www.vkernel.ro/blog/deploying-personal-virtual-desktops-and-virtual-desktop-pools-with-server-2008-r2 as a guide but can not get it to work, the bit of configuration that fails is when specifying the RD Connection Broker server as the source when accessing the RD Web access function, the error message is "RD Web access was not able to access the RD Connection broker server specified" and then says to check the TS Web Access computer, which my server is a member of that local group, also the server is a member of the domain group "Windows authorisation access group"
This is the only error I can see, any ideas as what the problem is?
Thanks in advance
I have had RD Gateway working with self generated certificates every 6 months on our 2008 r2 server allowing windows 7 clients to connect from home to their windows 7 machines at work. Now I have had to add another website (forwarded to another machine - still just the default site in IIS on the rd gateway machine) and they want that one to use the defaults of 80 and 443. I changed the ssl bindings in IIS Manager to 82 and 444. This required me to update the home windows 7 clients rdp to v8 so they could specify a port. I thought I had all working fine but over Christmas break I could not remote in from home to check on things. I figured the server probably wasn't happy about something and a reboot would fix it but I wasn't that lucky. I have been trying all day to get it to work again.
I can connect to the home computers from work but trying to connect to work computers from home generates the error: "Your computer can't connect to the remote computer because an error occurred on the remote computer that you want to connect to." Looking in the IIS Manager settings in the Server Manager I see the only site (default) is not running. Clicking Start fails with: "The process cannot access the file because it is being used by another process". Checking SSL bindings I see https / 443 is back in the list. I remove it and now I can start the website okay. But I still get the same client error.
Checking the RD Gateway Manager I now see a red flag "A server certificate is not yet installed or selected". So I generate and import another 6 month certificate and install it on a client as well. That resolves that error and everything looks fine with the RD Gateway again. But the client still gets the same error.
Looking back in the IIS manager I see the default web site is again stopped and https port 443 is again listed at the end of the list of bindings. So, it's a neverending loop. As soon as I remove 443 from the bindings and start the site, the RD Gateway says there is no certificate installed. As soon as I re-import the certificate (or make a new one.. it doesn't matter) 443 is listed again in the IIS manager and the site won't run.
Hello,
having issues with users being disconnected from a win2008r2 terminal server. We are using per user cals and have plenty, however I've started to see users being disconnected for a few minutes at a time resulting in the error message in the title.
event 1028 The remote session could not be established from remote desktop client 1% because its license could not be renewed.
Whats interesting is the error message is stating in the EventData section below
"Example Computer name"Windows Server 2003 - Terminal Server Per Device CAL Token.
We are not using a per device CAL model!!
Licensing is set to "per user" on both the TS server and Licensing server. Diagnostics on the terminal server and the licensing server report no issues. I can see no communication problems or issues between the TS and licensing box.
The error message is being generated for users connecting to terminal services via thin client and PC so I'm thinking this is not a registry issue on the client PC as reported by some forums. Any ideas?