Quantcast
Channel: Remote Desktop Services (Terminal Services) forum
Viewing all 25525 articles
Browse latest View live

Remote Desktop hangs at Configuring Remote Session

April 29, 2016, 7:50 am
$
0
0
I've had this issue occur just recently where whenever I try to RDP into servers on my network the RDP connection hangs at configuring remote session and eventually fails saying it cannot connect. But when I try to connect the second time it goes right through with no issues. Doesn't seem to matter if I use just the host name or FQDN. Has anyone seen this before? All but a couple of the servers are 2012 R2. The DC's are 2012 and 2012 R2. DNS appears to be working properly and I see no errors in event logs that indicates an issue.

Vincent Sprague

Search

CAL Report not showing some users

May 3, 2016, 7:57 am
$
0
0
I have added the licensing server role to our 2012 RemoteApp environment, users are able to connect to our test application with no issue. the only problem is, when I produce a report on CAL usage I can only see users that are in 1 particular OU and no one outside of that OU that is connecting to the RemoteApp. Any idea why this would be happening?

Friskee

Windows 2012 R2 + NComputing Server

May 1, 2016, 5:58 am
$
0
0

I am considering creating the following setup

  • A Windows 2012 R2 x64 server
  • The NComputing vSpace server + the MS Office Suite (standard) + some custom sofware
  • Being accessed by up to 40 users working mostly on Windows 7 PCs (current - no fresh license required)
  • The same 40 users also accessing their personal workspaces from their Android devices via the Android client.

The Windows 2012 R2 installation will come as part of the Cloud VPS package I will be getting from Vultr.
It is not clear to me what MS licenses I need to get for this setup.  My understanding (imperfect) is that I will require 1 Client Access License for each user.  Just how will this work
Each Windows 7 client will need to have the license somehow installed there? If so, where does that leave Chromebook access?
This is configured entirely on the server?
I found a mention somewhere that Microsoft CAL comes in 10 or 20 user variants.  Given that I need more than 20 how do I go about doing things?
I'd be most grateful for any advice.

need advice: Changing expired passwords and forced change passwords via RDP

May 3, 2016, 1:04 pm
$
0
0

Hello dear technet

We're deplyed TErminal Server structure for a client (Windows Server 2012 R2 Datacenter) with one farm (separte connection broker server with 2 RDSH servers). Client machies are t520 HP Flexible Thin Clients (HP Easy Shell configured as kiosk mode so user just typing his username and password in simple RDP wondows and connects to his desktop)

Everything is good. System is working normal. But

today we wanted to force users to change password by clicking Must change password at next logon. Every user got an error

It doesn't matter whether NLA is turned on or off. A user gets this message upon login. 

I read a lots of material about this, Some resources (including this forum) advice to user Wndows Server 2003 RDP Security Layer

 

Some advice to use  Enabling the RD WebAccess Expired password reset option in Windows Server 2012. Must tell that this is not an option here because Thin Client does not provide any other app but RDP.

And some resources advice enablecredsspsupport:i:0 in RDP settings First of all I'm confused because all RDP settings of HP easy Shell stored in Registry. So I couldnt find a way to input this line into RDP settings. But this was ok from a normal computer 

So my question is .. Is here any official resource pointing that there is no way to change password via RDP? 

PS: wanna force client to use RDP security Layer but he is asking for official link

Vusal M. Dadashzadeh


Prevent Users from Restarting server through Terminal Services

May 3, 2016, 2:49 pm
$
0
0

We have a Terminal Server running 2012R2 with an Access-based program installed using Access Runtime2k3. We are noticing that when users execute the program for the first time, the program runs through an automated first time configuration, after which the user is prompted to restart the system to complete the setup.  If the user clicks No, the program opens and runs fine, but if they click Yes, the entire server restarts. 

We need to find a way to prevent the users from being able to restart the server as this would completely interrupt other users that are logged in.  We have already modified several Group Policy settings to prevent users access to Shutdown and Restart options, as well as prevent them from opening the Run dialogue box.  We have also modified Local Policies of the Server to specify that only administrators have the ability to shut down the server, however, when this program runs the first time configuration and prompts the user for a restart, it seems to get around all of that. 

Is there some other GPO setting that would completely prevent a system from being restarted by a standard user, even if the restart is initiated from a program that the user has access to?  Is there a way to possibly prevent the program from prompting for user input?  The users have a desktop shortcut that points to a .adp file so I'm thinking some kind of quiet switch /q or something that could follow this and prevent user input we could possibly try? 

"RDWeb RDS gateway server temporarily not available" ??

May 3, 2016, 11:58 pm
$
0
0

i'm running a Win 2012R2 RDS/TS in the local domain everything is working just fine

then i tried to connect a few clients from another location (clients all run win7 sp1)

i configured the remoteapps

logged in with name and password,

its showing the apps etc

but when i try starting them i get the error

"rds gateway server temporarily not available"

pings between the client and the TS work fine

added my server to the host file at the client

added the routes to the gateways at the client

installed neccesary certificates to the clientthe IIS seems ok and in the defaultapppool the 32bit is disabled


anyone has a clue why its not working? did i miss anything?


RemoteApp disconnects

May 4, 2016, 1:35 am
$
0
0

We encounter a reconnection problem to disconnected RDP sessions.
We have 9 users connecting to a RemoteApp this works.
All the 9 users close the app and leave a disconnected session, disconnected sessions are not logged off and is set to 'Never'.
When all the 9 users reconnect to the RemoteApp approx 6 to 8 users reconnect to their disconnected, we see on the broker it redirects them to their disconnected session on the terminal server.
But approx 1 to 3 users are redirected to their session by the broker to their session on the terminal server but they get almsot disconnected instant , the remoteapp does not start/open.
When we click for a second time on the remoteapp in the RDWeb it opens instant.

In eventvwr on the TS we see "The Desktop Window Manager has exited with code 0xd00002fe"

Problem: broker redirects user to their session on the TS but user gets disconnected.

What we tried:
- Use TCP only for RDP
- NTLM v2
- installed all updates on all TS servers
- installed all applicable recommended hotfixes on all TS and broker and RDweb server
- disabled NLA
- disable Receive Side Scaling 
- disable chimney
http://support.citrix.com/article/CTX117374


Can't create self signed certificate for RD Gateway

April 21, 2016, 12:05 pm
$
0
0

I'm trying to set up an RD Connection Broker for RemoteApp, but I'm getting an error when I try to create a self signed cert for the RD Gateway:

The self-signed certificate has been successfully created, but RD Gateway cannot store the certificate in the directory C:\Users\myuserid\Documents. Please specify a different directory, and try again."

I tried other directories, all of which I have full rights to, but still no dice. I can't find anything with this error. Any idea how I can get past it?

FWIW, I have no problem logging into this server through RDP.

Thanks.

Search

General questions regarding Desktop Services

May 4, 2016, 12:56 am
$
0
0

Hi,

We are looking at implementing some RDS servers, but we need to control access based on IP.

Let my try to explain :)

For example user1 and user2 is from companyA, user3 and user4 from companyB. The all log into the same RDS server, but companyA should only be able to contact server 192.168.1.1 and companyB should only be able to contact server 192.168.1.2.

Our firewall guy, say that he can controll this if each company/group get individual ip addresses, then he can control wich IP they can contact. So my question is then, could we assigning individual IP addresses to each user or group ?

/Regards Andreas

RDP screen goes black after successful remote login

February 6, 2011, 1:27 pm
$
0
0

I have a Windows 2008 Server that I have been connecting to once a month remotely to apply OS updates.  Often, I reboot that server and it uses auto-logon to login and run an application. 

Today, I rebooted the server and when I try to connect with RDP, I get the login prompt and enter my credentials, I see a few expected messages fly by on the host OS (the last one I see is the word Welcome), but then the screen goes black.

The apps on the server are running successfully because our applications can connect to them, we just can't logon to the desktop of the Windows Server 2008.

I made no configuration changes (I NEVER do) other than to apply the latest Windows Server updates.

I would prefer not to drive to the computers location, or try to coordinate a time to have the server hosting company assist me with troubleshooting; but is there anything else I can do?  Any ideas about what might cause this?

RD Web Feed does not work anymore after uninstalling .net Framework 4.6.1 (KB3102467)

March 2, 2016, 4:09 am
$
0
0

Hello,

it is already known that RD Gateway Manager crashes in clr.dll if .net Framework 4.6.1 (KB3102467) is installed on Windows Server 2012 R2.

However, when uninstalling KB3102467 RD Gateway Manager is working again as expected but the RD Web Access Feed service does not work anymore.

When trying to add RD feed from /RDWed/Feed/webfeed.aspx I get the following warning in the Application Log and an error connecting to work resources on the client system.

Event code: 3005

Event message: Es ist eine unbehandelte Ausnahme aufgetreten.

Event time: 02.03.2016 12:59:41

Event time (UTC): 02.03.2016 11:59:41

Event ID: 312941b716b442c1a68b6fffa8445d72

Event sequence: 2

Event occurrence: 1

Event detail code: 0

Application information:

    Application domain: /LM/W3SVC/1/ROOT/RDWeb/Feed-1-131013935663217676

    Trust level: Full

    Application Virtual Path: /RDWeb/Feed

    Application Path: C:\Windows\Web\RDWeb\Feed\

    Machine name: PIHRDG1

Process information:

    Process ID: 3148

    Process name: w3wp.exe

    Account name: IIS APPPOOL\RDWebAccess

Exception information:

    Exception type: MissingMethodException

    Exception message: Methode nicht gefunden: "Void System.Security.Claims.ClaimsIdentity..ctor(System.Security.Claims.ClaimsIdentity)".

   bei System.Web.Security.FormsIdentity..ctor(FormsIdentity identity)

   bei System.Web.Security.FormsIdentity.Clone()

   bei System.Security.Principal.GenericPrincipal.AddIdentityWithRoles(IIdentity identity, String[] roles)

   bei System.Web.Security.FormsAuthenticationModule.OnAuthenticate(FormsAuthenticationEventArgs e)

   bei System.Web.Security.FormsAuthenticationModule.OnEnter(Object source, EventArgs eventArgs)

   bei System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()

   bei System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

Request information:

    Request URL: https://rd.pih.at:443/RDWeb/Feed/webfeed.aspx

    Request path: /RDWeb/Feed/webfeed.aspx

    User host address: 10.0.1.254

    User: 

    Is authenticated: False

    Authentication Type: 

    Thread account name: IIS APPPOOL\RDWebAccess

Thread information:

    Thread ID: 8

    Thread account name: IIS APPPOOL\RDWebAccess

    Is impersonating: False

    Stack trace:    bei System.Web.Security.FormsIdentity..ctor(FormsIdentity identity)

   bei System.Web.Security.FormsIdentity.Clone()

   bei System.Security.Principal.GenericPrincipal.AddIdentityWithRoles(IIdentity identity, String[] roles)

   bei System.Web.Security.FormsAuthenticationModule.OnAuthenticate(FormsAuthenticationEventArgs e)

   bei System.Web.Security.FormsAuthenticationModule.OnEnter(Object source, EventArgs eventArgs)

   bei System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()

   bei System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

Custom event details:

Solution:

After Uninstall KB3102467 uninstall these .net Framework Updates as well (probably all .net Framework Update for 4.6.1 need to be uninstalled!)

Per 18-Mar-2016 on German Windows Server 2012R2 these are:

KB3102473

KB3122660

KB3127231

KB3098785

KB3135998

Best Regards,

Lothar

Lothar Lindinger


Unable to see any information under Processes tab on tsadmin.msc

May 4, 2016, 9:18 am
$
0
0

Hi All

It seems that we are unable to see any info under processes tab when we run tsadmin.msc remotely - This works fine if logged on locally to the server but we connect via workstation (RD) - windows 10 - Everything else works ok

Thank you

Deployment of License Server for 2012 via PowerShell

May 4, 2016, 10:41 am
$
0
0

Through reading web pages and this forum, I have found that you can configure a license server by doing the following...

cd Import-Module ServerManager
Add-WindowsFeature -Name RDS-RD-Server -IncludeAllSubFeature -Restart
Add-WindowsFeature -Name LicenseServer
cd RDS:LicenseServer\Configuration\
set-item FirstName -Value John
set-item LastName -Value Doe
set-item Company -Value Acme
set-item CountryRegion -Value "United States"
cd RDS:LicenseServer
set-item .\ActivationStatus -Value 1 -ConnectionMethod AUTO -Reason 5
cd RDS:\LicenseServer\LicenseKeyPacks
new-item RDS:\LicenseServer\LicenseKeyPacks -InstallOption INSTALL -ConnectionMethod AUTO -LicenseType AGREEMENT -AGREEMENTTYPE 0 -AGREEMENTNUMBER abc -PRODUCTVERSION 2 -PRODUCTTYPE 1 -LICENSECOUNT 5

but I can't find descriptions for the settings for the last command?  what are they

Deployed printers wont stay set as default

January 16, 2014, 3:21 pm
$
0
0

Using RDS 2012 R2 server, we are deploying 4 or so printers via group policy.

When a user sets them to default printer and logs off, when they log back on the default has changed to another non mapped printer (local printer).

Do not set default client printer to be default printer in a session is enabled in GPO.

Tested the same outcome on a 2008 r2 non rds server as well.

Using RDS 2012 with 2008 R2 session brokers/Terminal Server Computers

May 4, 2016, 3:04 pm
$
0
0

We are trying to migrate our Terminal Services to a Windows server 2012, but keep our Server 2008 Session Brokers and Terminal Servers. Is this possible?

Our original configure for Terminal services was simply

2008 R2 Server had installed the RDS Licensing and Connection Broker roles

On this server we simply added the our servers to the respective Session Broker Computers and Terminal Server Computers groups in the Local Groups on this server. And activated licensing.

On the 2012 server is was an easy setup, but I do not see where to add the 2008 session broker and terminal servers. I finally got them to show in the objects wizard, but it said that the RDS had to be on a 2012 or greater OS.

How can I get this to work?

Search

File changes when someone connects and checks out a CAL?

April 15, 2016, 8:29 am
$
0
0

Gents - 

I'm trying to setup a file based trigger for healthy monitoring for a 2012 terminal license server. Should be easy right? It would be if I can sort out what file or registry key changes when someone successfully connects?

I tried to see if when a user connects and checks out a device cal if any of the files change in the C:\Windows\System32\lserver\ folder, but they don't upon successful client connection. 

Does anyone know what file or reg key on the server has a time stamp update or changes when a device successfully connects and checks out a cal?

Thank you.

Server 2012 R2 no longer serving Remote Connection web page after April 2016 update

April 25, 2016, 11:19 am
$
0
0

We have a Server 2012 install with Remote Web Desktop services enabled. Prior to the April 2016 update, users were able to go to the server's address on the internet, and were provided with a landing page where they could login, then either look at file shares, or connect to a desktop PC.

After the update, users are now presented with a dialog box that says 'The server is asking for your user name and password. The server reports that it is from Digest." The user name and password is accepted, but that's followed with "webpage cannot be found."

I've tried redeploying the remote desktop services, doublechecked the bindings in IIS, doublechecked the permissions in \Windows Server\bin\WebApps, and I can't quite figure out where to go from here.

Anybody else run into this? And how can I restore the old web desktop services?

Thanks

bkd

Allow only connections through RDWeb servers from outside

April 25, 2016, 2:32 pm
$
0
0

Hi All, 

for a proof of concept i would like to Build an RDS Farm 2012 R2 that is accessible from the outside. But only when logging in on the RDSWeb. So to get access outside i installed a RD Gateway. But now it is possible to login through servers behind the gateway without loggin in to the RDWeb. Is it possible to disable this?.

Thanks in advance

Event ID 311 - remote computer does not support secure device redirection

April 26, 2016, 1:55 am
$
0
0

I'm seeing the following 311 Event ID in my Remote Desktop Services logs on a Windows 2012 R2 server when trying to connect to the RDGateway server using itself as an Remote Desktop Gateway server:

The user DOMAIN\User, on client computer "IPv4 IP Address", did not connect to the following network resource: "hostname" because the remote computer does not support secure device redirection. Try selecting another network resource or possibly lower RD Gateway security by modifying RD CAP to allow client connections to resources that do not enforce device redirection.

  • DOMAIN\User is a Domain Administrator account
  • IPv4 IP Address is the external IP address of the PC from which I'm attempting the connection
  • hostnamis the name of the server I'm trying to connect to (which is the RD Gateway Server itself)

I can RDP directly onto the server, so I don't believe it's a problem with the Remote Desktop client application on my PC.  I can also use the RDGateway server to connect to other machines on the same network and domain as the RDGateway server - it only fails when I attempt to connect to the RD Gateway server using the RD Gateway server.  All machines on the domain are Windows 2012 R2, but I can only surmise there's a difference somewhere between the working servers and the RDGateway server which is causing this error.

Looking through some articles the only suggestion is to remove the Only allow client connections to Remote Desktop Session Host servers that enforce RD Gateway device redirectionoption from the CAP, however that appears to make the connections less-secure, and also shouldn't be necessary being as it works for all the other PCs I'm connecting to.  To confuse matters further, I have another completely separate environment built from the same scripts where this works as expected!  Finally, to add insult to injury, this does appear to work following a reboot of the RDGateway server (not a practical solution for a production environment, obviously!).

Any ideas, assistance or thoughts would be greatly received.

RDS Login minimum time restriction?

April 26, 2016, 9:01 am
$
0
0

I know about Remote Desktop Session time limits for disconnected and idle sessions etc.

Is there a way to set a minimum time for users to log back in?

We just had an issue where a user logged out, then logged right back in. Their User Profile Disk did not have enough time to un-mount and the user got logged into a different Session Host with a temporary profile.

This is on a Server 2012 Standard RDS Farm.

We would like to force users to wait at least 60 seconds before they can log back into the RDS Collection.

Viewing all 25525 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>