Hi all,

Quick question

I'm told that under rds 2008 r2, if one user has an issue when logging in, that causes all subsequent users to wait until the first user successfully logs in.  That simply doesn't sound right to me.

Hello,

I'm trying to find a way to disk isolate a published app.

Because it creates local files at the install path of the published executable file, the next user that runs it will be blocked from using it until the current user quits the app. This way only 1 user at a time can run the application.

I thought about putting the app inside the profile of the user using User Profile Disks, but for that I would need a string

like c:\users\%username%\path2app\ at the path to the publish application, could not find a way to do that.

Create a User Profile Disk seems fine because it will be created from the template where i can put the app.

What can I use to disk isolate a running app?

Regards.

I'm having a strange issue with some RDS GPO's. Since automating the RDS server build process through SCCM I've moved the RDS farm / connection broker settings to a GPO. This works fine, once the servers are built the GPO applies and the machines join the farm.

However, when any GPO associated with the farm is changed, all the sessions connected to the farm are dropped. User can reconnect but this is very inconvenient for us to try and push shortcuts and what not during production.

After searching fro a while, to me, it seems like the GPO that assigns the farm settings is being reprocessed, causing the settings to drop and connections to be dropped.

I wouldn't think that this would be normal behavior? Can anyone confirm for me that this should work as I expect it to?

Thanks!

Our customer has windows server 2012 terminal server with 7 accounts to log in. 7 people are randomly connecting to this server by any of those logins. without any reason one computer, when connecting to this specific server ( when connecting to any other server with the same system, there is no problem - tested), hangs on ‘Configuring remote session’. It worked but from now on for some reason it doesn't. This computer is windows 7 with all updates. There is no other security restriction (for connecting to that server) than connecting from one specific IP (which is the same for all the computers).

connecting to that server  is not over IP but over address (mail.<customer>.com) and then I am supposed to log in.

After filling really right login and password it gets stock on configuring remote session for a while and then it ends due to timeout.

I Tried:

• disable sound in RDP connection
• disable local drives
• disable constant bitmap caching
• deleted RDP history -using ccleaner
• cleared registry - HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\Default and I was searching for any other sign of this client in registry.
• connections to other servers with the same security restricitions and server versions
• updated computer
• restarted computer many times
• tried with other domain and admin accounts from the same computer

I am desperate. Any other ideas ?
Thank you so much.

I have been watching my test connections into my remote desktop eval setup and every connection that comes in via the web access site or the webfeed URL seems to go through the gateway even if I am on the local LAN or coming in over the internet?

is there a console somewhere that we configure what our local lan IP ranges are such that connections from those IP's bypass the gateway?  I have selected in the system to bypass the gateway for local connections. What does the gateway consider local?

We have been fully embracing RDS and remote apps(working great internally). On the four major platforms OSX iOS Android and Windows we are using the official Microsoft application to connect to "Remote Resources" through VPN. Every platform besides windows just popped up a certificate error you could accept that you could accept. The windows client from the windows store was a miserable experience by going to the webpage and installing the certificate into the Trusted Root Certification Authorities. Something no end user will be able to achieve.

Why is the windows experience worse then the other 3 platforms. I am by no means certificate expert. Is this where we purchase an offical certificate and not have this issue? Still doesn't explain the lack of user friendliness on windows compared to the other OS'es 

We have a Windows 2012R2 Domain Controller. In the domain as a member server, we have a 2008R2 Terminal Server (TS). We want to lockdown this TS using a group policy for specific users. Right now we have those users in Active Directory as Domain Admins (plan to just be Domain Users). They are also listed on the TS as members of the local Remote Desktop Users Group. These users only login to the TS, they do not have local desktops as they are using old XP computers for this purpose. All is working fine, except now we want to do the lockdown.

 Here are the steps we plan to take, in this order, and we would like any advice/feedback, corrections you can assist with:

1. Make these specific users 'Domain Users' in ADCU on 2012 Server.
2. In ADCU, create a Security Group called 'Inventory Control Users' (based on their function on TS) and add the users to this group.
3. Remove the users from the local TS Remote Desktop Users group.
4. On the TS, go to the local Remote Desktop Users group, and make the new Security group in Step 2 a member.
5. Test login to TS with one of the users.
6. Within ADCU on the 2012 Server, create a new OU called 'Terminal Servers' and move the TS into it.
7. Create a new Group Policy (called ' Inventory GP') and link it to the OU.
8. On this GP, check 'Blocked Inheitance'.
9. On the Secuity properties on the GP:  1. Remove Authenticated Users group, add the "Inventory Control Users' (Allow Read & Apply GP) 2. Add the TS (allow Read & apply GP) 3. For Domain Admins (Deny Apply GP).
10. On GRO, enable Loopback Processing - Replace
11. Follow Windows 2003 TS lockdown whitepaper

Does anyone have any comments, suggestions, etc?

I have a Remote Desktop Licensing Server setup on my domain controller running Windows Server 2012 R2. I have installed a’Windows Server 2012 Remote Desktop Services per-User CAL’ there and activated the licensing server already.

Currently I use ONLY Windows Server 2008 R2 machines as RDS Session Hosts (in the future I plan to transition them to 2012 R2, hence the CAL I bought is already in the newest version).

I have already configured my WS 2008 RDS Session Hosts: setPer-User licensing mode and specified license server address. The connectivity between my Session Host(s) and my License Server seems to be ok as theRemote Desktop Session Host Configuration window on the Session Host correctly lists the 2012 per-userlicense (CAL installed on server) from the license server.

On the License Server I can also see event logs entries (inMicrosoft-Windows-TerminalServices-Licensing/Admin), indicating that the user has been issued a license.

The issue I am having is that the license being issued is2008 Per User CAL license (Build-in OverUsed - temporary) and not the 2012 Per User CAL license which is the only license installed on the server. According to the RDS CAL interoperability matrix atsocial.technet.microsoft.com/wiki/contents/articles/14988.rds-and-ts-cal-interoperability-matrix.aspx, I was expecting the 2012 license to be backward-compatible with 2008 client (and that in the absence of legacy licenses, the (only) 2012 license would be used for all clients connecting to the licensing server)

Before I bought my license, I found this document: 

download.microsoft.com/download/3/D/4/3D42BDC2-6725-4B29-B75A-A5B04179958B/WindowsServerRDS_VLBrief.pdf 

which says that - "newer version RDS CALs can be used with an older version of the server software" (In section FAQ, Q4), which means to me that the 2012 license would work as-is for the 2008 Server and gives me flexibility when upgrading to the new server version.

How can I make this CAL work in my environment? 

Note:

I have already explicitly disabledPrevent license upgrade Group Policy setting which I assumed would fix the issue but nothing has changed.
Then I have enabled License server security group Group Polity setting and added computers from my domain to RDS Endpoint Servers AD group. I have also created new AD group calledTerminal Server Computers and added the computer accounts there, but it changes nothing. Reference - technet.microsoft.com/en-us/library/ee791761.aspx , technet.microsoft.com/en-us/library/cc725704.aspx and blogs.msdn.com/b/rds/archive/2009/09/17/control-the-issuance-of-rds-cals.aspx.

I found one potential ‘workaround’ which involved manually downgrading my CAL license by calling Microsoft Clearinghouse. I am very reluctant do to so because, as I upgrade parts of my infrastructure to Server 2012, I’d need to then ask Microsoft to manually upgrade a part of my license back as well.

I have XenApp 7.6 installed on Server 2012 and want to launch an executable from this key upon session connection:

HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\icawd\StartupPrograms

Problem is on Server 2012 it looks like this key doesn't get called anymore.  I ran procmon and don't see it.  This key works in Server 2008 R2.

Has something changed in Server 2012?

I have a pool of 24 Windows 8.1 desktops that are used in a computer lab with Wyse thin clients. All the VDIs are stored on a single SSD array. We're using 2012 R2 datacenter as the host server and a 2012 server as the broker. After I built the 24 virtuals I had about one-third of the array left with free space. Over the course of several days the free space shrunk to less than ten percent. Eventually I ran out of disk space and had to delete a few virtuals to get things working again.

Trying to troubleshoot this I've been logging in and then out on each individual machine. This seems to release a little of the disk space. I've done this on about half and have freed up a good chunk of space. I have no idea on why the disk space is shrinking. Since each time I log into a virtual in the pool and log out the disk space increases, I'm assuming the pool is where the trouble is. Where would I start to look to determine what might be causing this?

Thanks,

Kevin

Hi All,

Edit: I forgot to mention that this is in Azure.

I seem to be running into an issue of which; I have two Remote Desktop Gateways in Azure which are both in the same cloud service to create the availability group, I am trying to load balance them using a load balanced set and have configured the endpoints according to Microsoft's documentation. However whenever I attempt to connect to the session collections, I get prompted for credentials at the gateway but after that it hangs at "initializing remote connection....." 

If I shut down one of the gateways I am able to connect to the session with no problems at all. I also seem to be getting the following error; "Http transport: IN channel could not find a corresponding OUT channel, Source: TerminalServices-Gateway. Event ID:201.   And after some reading it seems to be an issue with the load balancing, has anyone had experience with this or knows of an alternative way I could troubleshoot it?

Hi guys,

I have to install and configure Terminal Server for SAP Business One 1 on Windows Server 2012R2.

I have some concerns for this implementation:

1. What is the best approach for this scenario (How many servers, what roles to be installed)?

2. Does it matter if users accessing the SAP client will be in trusted domain but not in the domain where the servers are located?

3. How users will access the application? Web?

Questions might be stupid but I do not have much experience with RDS.

Thanks in advance!

There is Windows Server 2008 R2 Remote desktop services deployed with "Remote desktop session host" and "Remote desktop licensing" both running on single server. There are 30 per user licenses installed. New server is currently introduced into network which will be remote desktop sesion host aswell. Both servers should be able to use those licenses. Also, if any of servers fails remaining server should still be able to pull licenses. How to configure licensing to allow that?

We have an install of Server 2008R2 Essentials which is showing the error below when trying to access Remote Web Access.

When accessing Remote Web Access by going to https://remote.abc.com/remote and logging it, the following error is displayed:

Everything was working fine before this error and i didn't make any changes

Hello,

We have a 2012 r2 server running RDS publishing a number of RemoteApps.

When we go to the Server Manager and drill down to the Remote Desktop Services area we are seeing a number of the sections that will not display their information and we can no longer manage RDS via Server Manager.

Starting at Server Manager\Remote Desktop Services\Overview the "Deployment Servers" window shows a red banner with "Could not refresh the list of servers"

Going to the Server Manager\Remote Desktop Services\Collections, all three of the windows, Collections, Host Servers, and Connections will eventually display the similar type of error message, stating to check the status of the services for Remove Desktop Connection, Windows Remote Management and Windows Internal Database.

The server is fully patched, event logs don't show anything of note.

We've rebooted the server and confirmed all those services and all "Remote Desktop *" services are running.

We're still able to access the RDWeb instance to use the published applications. 

This had been working previously, not sure when it last was though as we don't always go into Server manager. We can manage the remoteapps via powershell, but are curious why Server Manager no longer functions.

Any assistance would be greatly appreciated.

thanks...

I'm trying to migrate RDS CALs from a 2008 R2 licensing server to a 2012 R2 licensing server. I have added both servers to RD Licensing Manager on the new server. When I right-click the old server and choose Manage Licenses, I am presented with the following message:

If I click Yes, it takes me to the Reactivate Licensing Server wizard. My concern is that this wizard is pre-populated with the details of an employee who has not been here for several years

Can I update these to my own details? What happens if I do, will it break the licensing? If I don't update it, will a confirmation email of some kind be sent to this mailbox? If so it will be lost as the mailbox no longer exists. Unfortunately I'm not in a position to just give it a go (either way) to see what happens, as we have some critical 24x7 users consuming these CALs.
 

Hi guys

My current scenario is that I have and existing SBS 2008 server running IIS which has the Gateway server role installed and directs HTTPS traffic to TS server.  I have install Server 2012 in the environment and have setup the Gateway, Broker, IIS roles as part of the RDS deployment guide.  To test the connections I forward all HTTPS traffic to the new gateway server and I am not able to connect from external.  FQDN is gateway.domain.com, I have added external DNS entry point to WAN of the firewall, then port forward 443 to Gateway Server.  External DNS as 2 entries point to different WAN ip address, 1. remote.domain.com and gateway.domain.com.  When I try to connect to my new gateway server is does not find the server.  When I connect to remote.domain.com it then finds my 2012 GW server.  Does not make any sense has all 443 traffic is point to gateway.domain.com server.  What am I missing here ???

Hi Everyone,

Wonder if someone have the same issue and has fixed it. I have one stand-alone host PC that can be accessed using RDP from 2 different stand-alone client PC's at a different time during the 24 hours and each client PC located in different town.

The problem is, if client PC 1 user for example have logged-in to the host PC above to do his own work and then other client PC 2 user decide later on to log-in to the same host PC above while PC 1 user already logged-in. Simply the RDP will through PC 1 user out the game with losing all his data work and let PC 2 user log-in without even further warring to inform client PC 2 user that the host PC is in USE.

So, hope that someone have came-cross this stand-alone RDP issue and have fix it without changing host PC to something expensive like server 2003 or later as I know server 2003 have the facility to warn the client PC before log-in that host PC is use.

Hello i have a question about moving my C:\users profiles.

My current settings on the servers are:

AD-Server 2012

SQL-Server 2012

TS- server with RDS roles (RDwebacces, RDs broker, RD session host) 2012

everything about user profiles is now in C:\Users

My new settings for the server will be:

AD-ActiveDirectory - server

SQL-Server

TS1- RDS (RDwebacces, broker, RDS server group management) 2012R2 (I have enabeld userProfileDisks to Filesistem server)

TS2- RDS(Session host) load balance 2012R2

TS3- RDS (Session host) load balance 2012

FileSistem - server ( here i will have on E: partition the new functionality UserProfileDisks) 2012R2

So is there a way to move profiles from TS - C:\Users to FileSistem - E:\UserProfileDisks

I am new to this so any idea wil be helpful.