I have set up a test Server 2012 RDS collection (Single Server for now) and implemented User Profile disks.

I have two problems.

First: My generic test user can connect and does successfully use the user profile disk as expected. However, atlogoff, the system event log contains these errors:

The error (NTFS 137) is: The default transaction resource manager on volume C:\Users\ts3.test encountered a non-retryable error and could not start.  The data contains the error code.

The warning (NTFS 50) that concerns me is:

It appears that the user profile disk is being "disabled" or "disconnected" before the profile data is completely written at logoff. What can I do to troubleshoot this?

Second:

Update: A post from Mike Connor on the following page: -LINK- solved the problem described below. 

My administrative user always logs on now with a temporary profile. At the beginning, the UPD was working and mounting. That stopped working. In attempting to troubleshoot, I logged the admin user off and deleted the UPD disk file from the share. I remember it working again after generating a new UPD disk file in the share. Soon, it quit working again. I deleted the UPD disk file again from the share and ever since, it has never regenerated a new UPD andalways logs on with a temporary profile.

I have a strange problem, our RDS run perfectly internally but when a user attempts from outside, he can not start an Remote App it says it can not find the server.

but if we try from a PC that is not in our domain, or a phone with remteapp on there is no problem. Do you have any idea what this could be due to

Hi

I wanted to know how to setup Remote Desktop Services on server 2012 to allow multiple users to RDP to a server

I have 30 RDS CALS, but unsure what roles and what configuration needs to be done on what server?

The setup is

Server A - Will be the license server

Server B  - The server i want multiple people to be able to logon to

Server C - The server i want multiple people to be able to logon to

Can you assist please

Hi there,

I'm currently running a RDS environment with 1 fileserver, and 1 terminal server.

On the terminal, which is the Session Host, i'm running "Publish RemoteApp Programs" but it's been running for 24 hours now.
Any idea if this takes as long as 24hours or more?

Or am i missing someting?

Hi,

 I have computer 1 and computer 2 are on the same domain.  When remoting into computer 2 from computer 1, I have to enter my domain credential, why? I shouldn't because I already entered it once when logged onto computer 1.

Thanks

Tuan

We have deployed 15 RDP windows server 2012 r2 machine for our Branch users.

I have monitored these 15 servers few days, in that two of the services consuming more RAM memory.

Due to this our users getting slowness.

And also please find below snapshots of services.

Please help me out from this.

Thanks & Regards

(Senthil.KV)

We are building a Remote Desktop Services environment using Windows 2012 R2 servers.

What is the significance of "Apply the certificate that is stored on the RD Connection Broker server" option in "Select Existing Certificate" dialog when configuring "Role Service" certificates?

It seems that Remote Desktop Services can be configured using the Server Manager from any domain member server so why the emphasis on RD Connection Broker server?

Thank you in advance.

Ben

Hi

Using 2012R2 with all RDS roles on one xox (test purpose).

I have configured the RD web access and gateway, so its possible from the internet to access the server through https.https://server.domain/RDWeb I have a thrusted 3.part wildcard certificate on the domain and it works fine.

What I want is to protect the https://server.domain/RDWeb to require a client SSL certificate (selfsigned). I tried to add this to the website and are asked for certificate, but get a runtime error in the browser and from the eventlog on the server:

Event code: 3005
Event message: An unhandled exception has occurred.

Process information:
    Process ID: 1272
    Process name: w3wp.exe
    Account name: IIS APPPOOL\RDWebAccess

Exception information:
    Exception type: NullReferenceException
    Exception message: Object reference not set to an instance of an object.
   at Microsoft.TerminalServices.Publishing.Portal.RWSCPubAndTsAccessor.GetApplications(String strSid, Boolean onlyShowAvailableByDefaultResources, AppInfo[]& apps, AppInfo[]& desktops)
   at Microsoft.TerminalServices.Publishing.Portal.RapWebService.GetRemoteApps(String strUserIdentity, Boolean onlyShowAvailableByDefaultResources)
   at Microsoft.TerminalServices.Publishing.Portal.WebFeed.GetDataForFeed(String userIdentity, String folderName, Dictionary`2& resource_list, Dictionary`2& ts_list, List`1& folders, Boolean& supportsReconnect)
   at Microsoft.TerminalServices.Publishing.Portal.WebFeed.GenerateFeed(String userIdentity, FeedXmlVersion xmlVersion, String folderPath, Boolean writeXmlDecl)
   at ASP.en_us_default_aspx.Page_PreInit(Object sender, EventArgs e)
   at System.Web.UI.Page.OnPreInit(EventArgs e)
   at System.Web.UI.Page.PerformPreInit()
   at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)



Thread information:
    Thread ID: 25
    Thread account name: IIS APPPOOL\RDWebAccess
    Is impersonating: False
    Stack trace:    at Microsoft.TerminalServices.Publishing.Portal.RWSCPubAndTsAccessor.GetApplications(String strSid, Boolean onlyShowAvailableByDefaultResources, AppInfo[]& apps, AppInfo[]& desktops)
   at Microsoft.TerminalServices.Publishing.Portal.RapWebService.GetRemoteApps(String strUserIdentity, Boolean onlyShowAvailableByDefaultResources)
   at Microsoft.TerminalServices.Publishing.Portal.WebFeed.GetDataForFeed(String userIdentity, String folderName, Dictionary`2& resource_list, Dictionary`2& ts_list, List`1& folders, Boolean& supportsReconnect)
   at Microsoft.TerminalServices.Publishing.Portal.WebFeed.GenerateFeed(String userIdentity, FeedXmlVersion xmlVersion, String folderPath, Boolean writeXmlDecl)
   at ASP.en_us_default_aspx.Page_PreInit(Object sender, EventArgs e)
   at System.Web.UI.Page.OnPreInit(EventArgs e)
   at System.Web.UI.Page.PerformPreInit()
   at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)

If I change the APPpool from Integrated to Classic pipeline I'm able to get to the web form where I can enter username/password but I just get "The user name or password that you entered is not valid. Try typing it again."

So how is it possible to get it all combined so we require a client certificate to be able see the RD webaccess and preferable get SSO as well? I'm able to get it work on seperate sites, but not combined.

Thanks

Kim

Dear all,

I'm trying to create a Virtual Desktop Collection as a prototype for a future project, but I'm unable to deploy the collection. My enviroment is Windows Server 2012 R2, with separate machines for the broker and the hyper-v server.

We tried deploying a Windows 10 image and now a Windows 7 image (both Professional version). The deployment starts and is able to create the template, but then fails without specifying the reason.

The log shows the following error:

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System><Provider Name="Microsoft-Windows-Rdms-UI" Guid="{XXXXXXXXXX}" /><EventID>8198</EventID><Version>0</Version><Level>2</Level><Task>6</Task><Opcode>0</Opcode><Keywords>0x2000000000000000</Keywords><TimeCreated SystemTime="2016-01-26T14:41:36.652449900Z" /><EventRecordID>8</EventRecordID><Correlation ActivityID="{FD27D6DF-583C-0000-246E-28FD3C58D101}" /><Execution ProcessID="1084" ThreadID="4036" /><Channel>Microsoft-Rdms-UI/Admin</Channel><Computer>XXXXXXXXX</Computer><Security UserID="XXXXXXXXXXXXXX" /></System>
- <EventData><Data Name="arg1">DVBasico</Data><Data Name="arg2">DVBasico</Data><Data Name="arg3" /></EventData></Event>

In general view, the message is:

DVBasico: Pool DVBasico creation failed. Reason: 

Any ideas - I've enabled the RDMS UI Log according to this site but nothing usefull is recorded.

Kind regards,

Rodrigo

Config<o:p></o:p>

Win2012 WAP proxy in DMZ using AD FS and 2FA integration (working fine) <o:p></o:p>

RDS 2012
publishing applications only, separate servers for gateway, broker, web and app hosts. Applications launch successfully for users on internal network.<o:p></o:p>

Problem<o:p></o:p>

When connecting from external https:\\rds.mydomain.com I get a credential check asking for my AD credentials as expected, I then get directed to the RDS credential challenge and then I am presented with my applications. I then try to launch an application andI am asked to enter my credentials again, this time it is asking for 'Type your user name and password to connect to <internal FQDN of the broker server>. Once entered I am told that the gateway is temporarily unavailable.

Findings:

Checking the event logs it appears that the process  goes as far as launching the application (app server says that the applicationwas launched successfully). There is an error on the brokeras follows:

EventID: 1306
Remote Desktop Connection Broker Client Failed to redirect the user <domain>\<user>. Error NULL<o:p></o:p>

TechNet says this error means that the Broker is unavailable. This is not the case. I can rdp to it, the services are all running, it has no errors and locally things are working fine.

The process which appears to be failing is when connecting to the broker and applying the user specific settings, profile, policy etc

more details:

I took an .rdp file from a client which was failing and launched it on the internal network, it asked for my credentials then launched the application successfully.

There is a 'locally stored group' on the gateway containing the RAP for the RD users and the IP addresses of the application host servers.

The RAP contains the user group of the RDS users

the CAP also contains the user group of the RDS users, there are no computer group members, password is the authentication method

in RD Gateway Manager: Properties of local gateway

there is one RD Gateway server farm member, the RD CAP store is local so no local NPS is used.

The server farm tab shows one gateway with a status of OK

Local groups such as RDS Endpoint Servers are populated as described in their descriptions.

Anyone got any ideas?  it feels like I've tried everything!

Dan

Dear technet forum,

My Company has a Terminal Server Farm with Server 2008 R2 running for a Customer. We have about thirty XenApp Servers and one Licensing Server up.

The Licensing server has the Remote Desktop Licensing Role installed, as well as the Citrix Licensing Role.

The farm is running well and without any licensing errors on the clients side, which are a mix of private laptops/I-Pads and ThinClients on site.

The problem lies within the remote desktop licensing manager console: We have 1050 Device CALs installed, but only about 450 get used and only by the private laptops/I-Pads and some older Fat-Clients. The Thin-Clients one the one hand somehow do not draw a license but show no problems with connecting on the other hand.

I looked through a ton of technet articles and also some Citrix configuration articles to look for errors in the configuration, but i found nothing wrong.

I would appreciate every help/tips i can get on the topic.

Greetings and thanks in advance,

Michael H.

Hi there,

I've got a strange problem which i can'nt figure out.

A small introduction, my colleague and me manage multiple RDS environments as a Multi-tenant desktop from the cloud for our customer’s. The differences are:

RDS1 =
1. Hosted on ESX
2. Single Gateway and Broker
3. Al servers RDSH, RDCB, RDGW are Server 2012 R2.
4. Domain Functional level Windows Server 2008.

RDS2 =
1. Hosted on Hyper-V HA Cluster.
2. 2 Gateway servers (DNS Round robin) 2 HA Brokers.
3. Al servers are Windows Server 2012R2.
4. Domain Functional level Windows Server 2012 R2.

Our customer’s vary from 2 to 50 desktops, some have their own RDSH and collection, some have a shared (generic) collection with multiple RDSHs. Mostly we work with none joined clients which vary from desktops, laptops, thin clients. All with a minimum of Windows 7 and RDP 8.0. Customer’s connect from anywhere over the internet through our Web access/Gateway Servers to their desktop.

The problem:
Sometimes we migrate customers from a local domain and server park to our cloud solution. Mostly they will stop using their local domain in the end. The domain mostly exists for a couple of months before we bring it down.
When this is the case, we have problems connecting the clients with our RDS2 environment. We get the message “The connection was denied because the user account is not authorized for remote login”. I am not sure there is a relation but it looks like in most cases there is a local RDSH involved. Although at the office we have a domain without a RDSH.

Of course we checked if the users are member of the “Remote Desktop Users” group form the RDSH they should connect with. But still we get the message. In the end we found out that the local client is somehow trying to setup a remote desktop connection with the Gateway server. When we add the user to the “Remote Desktop Users” group from the GW server the user successfully logs on to the GW server!?

At the office we have multiple vlans, 1 which has a domain in it and 1 without (Just a guest vlan) but share the same connection (IP) to the internet. In the first vlan we have the problem in the second we don’t. At Home I have my own local domain and also a stand-alone RDS server, I am also experiencing the same problem.

We can’t figure out why this is happening. Does anybody here experienced the same problem?

Hi,

 I have 2 nodes Server1 and Server2 in a Cluster. In Node Property I set the Preferred Owner to Server1 and Allow Failback-Immediately setting in the Failover. All the Persistent VMs does what it suppose to do (When server 1 restarts, all VMs migrated to Server1 and migrate back to Server1 once it is up and running). However, the same setting is applied to non-persistent VMs, it did not work (Server1 restarts, non-persistent VMs are migrated to Servr1 but never migrated back to Server1 and the settings for Preferred Owner and disappeared and back to prevent failback).

Thanks

Tuan

We also have a couple of RDP 2012 servers which when a user gets allocated session ID 114, they get a black screen.Been having this for 6 months and still can't find a solution. Any ideas?

Hi all,

I've wrote a powershell script for my devs. With this script, they can logout all users using their application and after execute the patching of the applications.

The problem is that my devs don't have admin rights. They are simple user.

In my script, I use the Get-RDUserSession, Send-RDUserMessage, Invoke-RDUserLogoff, but without admin rights .... it's bullshit.

How can i delegate the right to use this cmdlet to use the script ?

I've found this topic with the same problem but no solution : https://social.technet.microsoft.com/Forums/office/en-US/ada13337-0917-4423-9373-08f85abddb23/nonadmin-users-are-unable-to-manage-rds-2012-r2-sessions?forum=winserverTS

My farm is in 2012r2, 10 RDSH, 2 HA Broker, all roles are splitted on differents virtual server.

Thank you !

I've setup a small lab which I'd like to access via RD Gateway. My server is 2008 R2 and it's connected to a Cisco RV082 behind a domestic ADSL router.

I can access the RDG and other devices on the same subnet, but I get Certificate errors from outside the subnet - either the subnet it feeds through or from the WAN.

I've forwarded ports 443 and 3389 to the 'upper subnet' and then on through to the WAN, I've transferred the certificate to the client, but I get this error either from the upper subnet or from the WAN.

• "Your computer can't connect to the remote computer because the Remote Desktop Gateway server address requested and the certificate subject name do not match."

The RDG subnet is 192.168.2.xxx and the upper subnet (the one it passes through to get to the WAN) is 192.168.3.xxx.

I think this is at the heart of my problem, but I'm not sure how to get around it.

Thanks.

Hi....

On one of our Windows 2012 Remote Desktop Host servers we have the following problem.

--Not working example:

-- Working example:

---

So black boxes all over the place. When I troubleshooted this as admin I found that switching the theme to "Windows" under Windows standard theme  made the black boxes go away. But switching to the "Windows Basic" them makes them appear again.

So:

-- How do I fix the basic theme? As this is the theme regular users uses and they have no option of changing theme. RemoteApp technology is used.

-- Or possibly, as I think it works fine with the "Windows" theme, how do I apply this to all users logging in to the server?

Also, I have tried to find a solution on this on the forum, the internet and be general troubleshooting. No errors in the event log in Windows......

Looking forward to hear from you. Thank you in advance.

Red Baron

Hi all,

I've just added and configured the RD Gateway role on our server so that users can access their individual PCs remotely. I've tested it on my machine and one other user's with great success. However, one user cannot connect.

I examined the event viewer logs, and found event ID 304, with this message: "The user....met connection authorization policy and resource authorization policy requirements, but could not connect to resource "...". The following error occurred:"23005"."

Based on my preliminary research, this means that the user's machine cannot be found by the gateway server. I then tried pinging the user's PC, and got no response.

I double checked, and remote desktop connections are enable on the user's PC, and the user's account is authorized for remote connections.

Can anyone suggest a fix?