Quantcast
Channel: Remote Desktop Services (Terminal Services) forum
Viewing all 21489 articles
Browse latest View live

Lots of empty DOWN sessions

September 26, 2016, 2:14 am
$
0
0

Hi,

on our RDS 2012 R2 farm, which exists of 4 session hosts at the moment, we regularly see empty sessions with State DOWN.

When I try to logoff such an empty session, I get the following error:

Could not logoff session ID 498, Error code 1753
Error [1753]:There are no more endpoints available from the endpoint mapper.

What I now do is I disallow logon to the specific session host and when there are no more active sessions, I reboot the session host and then the empty sessions disappear (of course).

Anyone any idea whys these empty sessions? Users do not always logoff there session, but we have a policy in place that logoffs disconnected sessions after a period of time.

Thanks in advance.

Mario

Search

2012R2 RDS Gateway in front of a 2008R2 Session host farm

September 13, 2016, 6:48 am
$
0
0

Hi.

Is it possible/supported to put a 2012R2 RDS Gateway in front of a 2008R2 session host farm with rds 2008R2 broker?

Ty

Separating RDS Roles

September 23, 2016, 11:26 am
$
0
0

hi there,

Several years ago, the previous IT setup a single server RDS solution (Connection Broker, Session Host, Gateway, Licensing etc on one box). We have experienced performance issue using this setup. When users connect to the RDP during peak time, we are getting disconnections. 

What is the best way to move the core services to a new server, leaving the old server as a second RD Session Host so I don't have to recreate the user profiles there?

Automatic Session Logoff

September 27, 2016, 5:22 am
$
0
0

I am looking for a solution for logging that have open RDP sessions. My user account is constantly getting locked out and I think it is because I may have an open RDP session somewhere. Does anyone know a way I can force a logout of my account if it is open somewhere? I have tried the steps below but it that does not seem to be working. I have also tried the RDP Session group policy settings

"Computer Configuration > Policies > Admin Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Session Timeout" but those dont seem to work either. Am I missing something or is there another way to get this accomplished?

Set Log-On Hours Restrictions for Users

i. Open AD Users & Computers 
ii. Select the user account(s) 
iii. Go to the account's property -> logon hours -> set the desired denial period

(This needs to be completed on a individual user basis)

2

Enforce User Log-On Restrictions GPO

i. Open the Group Policy Management Console 
ii. Edit an existing policy or create a new one 
iii. Ensure the following policy is enabled: Computer / Policies / Windows Settings / Security Settings / Account Policies/ Kerberos Policies/ Enforce user logon restriction

3

Enforce User Log OFF GPO

i. Remain in the policy 
ii. Enable the following policy: Computer / Policies / Windows Settings / Security Settings / Local Policies/ Security Options/ Network security: Force logoff when logon hours expire

Chad Guiney

2012 RDS User Profile Disks

September 27, 2016, 7:12 am
$
0
0

I have a setup, where for no reason, sometimes the users login to the server and instead of there being a virtual drive icon on their users folder there is just a folder icon. The users can also then not delete any documents on their desktop. There aren't any errors in the event log in regards to a temporary profile, and their profile disk is locked when I go to look at them as well.

I cannot pinpoint why this happens, but usually more than half the users (10) get this error.

I have all 2012 R2 servers, with a domain controller running AD and the connection broker service, and a data server with the ts licensing role and the UPD san share mapped to it. There is then only one RDS as I had a vm group but Chrome was filling up the CPU to 50% when one user was browsing so I had to use the whole physical server 16 cores and 160GB memory to utilise the GPU and change the configuration so that Chrome wouldn't kill the CPU and cause delays.

Any thoughts would be appreciated.

Unable to connect to the workstation on the network using the gateway server after upgrading RDP to 8.0

September 27, 2016, 11:56 am
$
0
0

Initiating workstation = Windows 7 SP1 - RDP 8.1 (update it with 8.0 first)

Gateway server = Server 2012 R2

Target workstation = Windows 10

I am able to connect to the gateway server directly and then establish a RDP connection to the target workstation from there.

Issue started after TLS 1.0 was disabled on the gateway server.

I turned off UDP on the client and the target workstation but the issue persists.

The error I get: "This computer can't connect to the remote computer because Terminal Services Gateway server's certificate is expired or revoked."

Please advise. Thank you!

How to get RDS Licensing Manager Servers in the domain?

September 27, 2016, 3:03 pm
$
0
0

Hi,

I am wondering if anyone here has methods on how to make a quick report or inventory of existing RDS Licensing Managers in a domain. The disclaimer here is that the previous person who was handling the RDS infrastructure deleted his documentations and went AWOL.

If you could provide methods on how to extract the said servers that would be very helpful. I prefer a p0wer shell script but any other methods are welcome.

Reminder: This is to extract RDS Licensing Servers NOT Terminal Servers.

Thank you in advance!



How to install SSL certificate on session host server for secure RDP access.

September 27, 2016, 2:26 pm
$
0
0

I am trying to install SSL certificate for session host so my users can connect securely to me server to access data.

I have tried to use few powershell but it's not working

 wmic /namespace:\\root\cimv2\TerminalServices PATH Win32_TSGeneralSetting Set SSLCertificateSHA1Hash="THUMBPRINT"

Akshay Pate

Search

Single Session

September 23, 2016, 8:21 am
$
0
0

I have RDS working on Server 2012 R2 Workgroup mode. Is there a manual way to configure single session logon restriction? I cant do it through the GUI management tools when in Workgroup mode.


Unable to do RDP on Windows Server 2008

September 20, 2016, 12:40 am
$
0
0

I am unable to do RDP on a Windows Server 2008 which was working fine till now. I checked all the RDP settings which have not changed. Any help would be appreciated.

Error in data encryption

September 28, 2016, 4:26 am
$
0
0

Dear All,

I've windows 10 anniversery edition. I'm trying to connect remote windows server 2008 64 bit edition. After some time Remote desktop gives me error "Because Of Error in Data encryption this session will end.". I don't understand what does it mean. Before connection was working fine. I've changed the setting in Kaspersky AV "Do not scan encrypted connections". But it doesn't help. I've not tested any other solution. 

Please help me to solve this problem.


Using multiple RADC connections on a client PC

September 22, 2016, 10:29 am
$
0
0

Hi All,

I have a circumstance where we need to have a user log into two different RD Gateways using RADC. These RADCs are provided by two completely separate vendors. Is it possible to configure more that one RADC connection for a user's desktop?

If so, what are the dependencies? 2012, 2012 R2, Win 8, Win 10? I see this as more of a client issue than a server issue.

Any help is greatly appreciated.

Alan

Connection Issues, maybe doule NAT?

September 22, 2016, 10:21 am
$
0
0

Hey All,

Trying to get my home lab setup and was messing around with RemoteApps in Server 2012r2 Datacenter. I can access and run everything just fine on the LAN, but when I connect over the internet I can only establish the connection once. If I end the session and try to reconnect it will timeout. I have to restart the server, not just IIS before I can reconnect. 

Also, all my hyper-v machines are running just fine and I can access their services over the internet with no issue. I'm pretty sure the port forwarding is working on the router because of this. It seems like anything that gets forwarded to the bare metal server address is getting double NAT'd, maybe by the OS? Not sure how to remedy this...

Ben Rau

Waiting For Group Policy Client-Terminal Services session environment crashes on TSVIPSrv.dll, no Citrix updates involved

September 21, 2016, 11:20 am
$
0
0

On a Windows 2008 R2 workgroup server, no domain involved, get this error every few days, no one can log in to Remote Desktop, get the Waiting For Group Policy Client error, there are NO custom Group Policies either:

Faulting application name: svchost.exe_SessionEnv, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: TSVIPSrv.dll, version: 6.1.7601.17514, time stamp: 0x4ce7ca09

Anyone know of a fix?

Thanks in advance!

Remote Desktop Server

September 21, 2016, 6:49 am
$
0
0

Hello Guys, I have a big problem.

Today, it expired on 120 days of desktop licenses.
I had already installed the utilities package and therefor configured and active; However, the remote desktop now stopped working because it was non-configured Remote Desktop Management.
Searching the Internet I saw that to configure the DR for user would have to access the host by Server Manager -> Remote Desktop Services Manager, but was shown me a message that it found it impossible as it was not a domain user.

yet I found trying to have to install the role of Active Directory dominoes, and so I did, creating a new forest, and restarting the server.
Server Name: BS-ITACOM2012
Forest name: BS-ITACOM2012.Foresta
NetBIOS: BS-ITACOM20120
But now you can still access the management as it does not remain RDMS started the service in any way, essential because it is able to use the Remote Desktop Services.

Can someone help me?
Search

WIN 10 cannot connect via Remote Desktop connection after update

September 19, 2016, 6:15 am
$
0
0

Hi

I was able to connect to my RDS 2012R2 using the built-in win 10 remote desktop connection via the web interface without problems until the desktop was upgrade to built 14393.187. Now I receive the error message "Your Computer can't connect to the gateway server"

I can connection on a win7 desktop and can connect on a WIN10 desktop using theRemote Desktop preview app found on the windows store.

After the upgrade I browser to my RDS and click on the remote desktop connection icon as normal and then I receive a new window that asks for my password, I have double logon so this is not unexpected, the look of the window is new however.

Firstly, I was wondering is other people are experiencing the same problem and secondly if there is a work around.

The remote desk connection program on the client is version 10.0.14393 

Cheers

laurie

USB printers on RDS

September 15, 2016, 9:56 am
$
0
0

Hello,

I need some helps for usb printers on RDS 2012 R2

We have some printers in session RDS. printers arereassembled correctly in the session, but when an impression lauched, there are one error.

The parameters print and point restriction is disabled for computer and users.

Thank you

Remote Desktop device redirection stops working

September 28, 2016, 9:29 am
$
0
0
Hi folks,

Looking for some advice on where to start with a problem that has cropped up and I cannot explain. I have a small 2012R2 RDS environment with a connection broker and 2 session hosts. It has been in production for about a year.

Randomly (once a week or every few days), the device redirection stops working (Only within the last month or so). I am only redirecting the local drives and the clipboard (no printers). If you log in, the redirected drives are not mapped for any users logging into that terminal server. I take a look at everything, Windows logs don't have anything of note. In the last few cases where this happened, it has not been limited to only one of the RDS servers, and if I log into the other one, the drive redirection is fine. If I reboot the affected TS, the redirection seems to work fine again for X amount of time.

The weird thing about this is that I have a friend with a similar 2012 environment that is having basically the same problem (cropped up in the last few weeks like mine). I thought maybe Microsoft patches, however mine are fully patched, but his are a few months behind, so I think that at least semi-rules that out.

Before I rebooted the affected server the last time, I tried to simply restart the Remote Desktop Port Redirection Service and it actually hung on when trying to stop it, so clearly something is causing that service or other related services to crash.

Jay Schwegler

Add custom RADIUS Server to RD Gateway for two factor authentication

September 28, 2016, 10:10 am
$
0
0

Hi Technet

From a long term project we have developped a more or less RFC 2865 compliant RADIUS Server. It supports challenge/response in order to check an OTP sent by text message. For any RADIUS capable client (e.g. firewalls, SSL VPN, Direct Access) we may use our RADIUS Server to protect those appliances with a 2FA/MFA.

Now we would like to test our RADIUS Server with RDS 2012 R2.

We have set up a Demo LAB with a DC and a member server holding all the RDS roles (RD Web Access, Connection Brocker RD Session Host, RD Gateway). This setup works as expected.

There are a lot of partly documentations about NPS and RADIUS and RD Gateway Manager and RADIUS. But there is no how to implement a custom RADIUS Server.

So: which steps do we need to protect the RD Gateway with our RADIUS Server?

And it does look like our RADIUS Server does not respond correctly to the NPS request:

This is what we receive:

Code      : 1 Access-Request
Identifier: 28
Length    : 156
------------------------------------------
  1 User-Name                : lab\user1
  6 Service-Type             : 12
 26 Vendor-Specific          : Vendor-ID: 311 (Microsoft)
                               Data:      2F 06 00 00 00 01
 30 Called-Station-Id        : UserAuthType:PW
 33 Proxy-State              : ??      ?2??+??  
 61 NAS-Port-Type            : 5 Virtual
 80 Message-Authenticator    : 3F 13 3F 3F 3F 56 3F 01 3F 3F 25 2A
------------------------------------------

And what we respond:

Code      : 2 Access-Accept
Identifier: 28
Length    : 40
------------------------------------------
 18 Reply-Message            : Welcome lab\user1
------------------------------------------

For every Firewall, Appliance, Direct Access, Citrix NetScaler our response works. But why won't it work with RD Gateway? It is resending its Access-Request 5 times and we are responding always with Access-Accept. But no Access to the RDP.

BTW: We have no information about RADIUS Service Type 12. RFC 2865 has values from 1-11, but MS RD Gateway sends 12?

Any Ideas?



RDS Gateway / AD with .local suffix / Certificate Mismatch

September 28, 2016, 10:28 am
$
0
0

Hi,

I have the following RDS deployment:

On Windows Server 2012:

RD Gateway, RD Connection Broker, RD Webaccess on SRV1

On Windows Server 2012 R2:

2 RDS hosts in farm 

I have acquired at a CA a public certificate for our external FQDN abc.domain.com

However, my AD structure is domain.local.

Each time a user connects, he receives a pop up Windows due to the certificate mismatch (abc.domain.com =/= abc.domain.local).

What can I do to bypass the mismatch w/o changing my whole AD to .com?

Many thanks,

Roberto

Viewing all 21489 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>