Hello I need help with allow local ports to the remote computer.
This is the Windows 10 workstation trying to launch the Remote APP on Session Host server on Windows server 2012 R2.
On Terminal server. for Collection properties there is no option for
This is while launching the RemoteApp on Internet explorer on Windows10 machine. There is no option to enable ports her.
I would appreciate for you helping me in this issue I really need this to be working.
Shekar
Hello,
Because we are going to migrate from hypervisors i need to add an extra rd gateway, rd connection broker and rd web access server to an existing deployment.
Can someone point in to some documentation about adding extra servers? Or is it as easy as adding these server in server manager --> remote desktop services --> overview --> deployment servers --> tasks --> add
Thanks!
LEVD
I'm using RDS/Remoteapp on generally windows 10 clients to fully patched server 2016 hosts.
I'm getting Disconnected due to a protocol error and it's sometimes fixed by rebooting the host. Each host has 8GB of ram and max one user at a time. Even after a reboot it'll often stop working a few minutes later.
Google seems to have no results on this platform and issue over RDS
Printing to redirected printers is not working anymore. (It's OK with W2008 R2).
RDP client being W7 (or Wyse ThinOS)
I tried with two different printers : Dymo Labelwriter 450 and Ricoh Aficio SP 4310N PS (and PCl5e).
- The driver is well present on the host side (the redirection occurs well).
- Easy Print disabled (GPO)
When trying to print, the popup message is "Error printing to ....", Then subsequent tries result in popups "Printer is in error state"
The Printservice log says at the end on the error entry "...Win32 error code returned by the print processor: 50. The request is not supported."
When the RDP client is another W2016 RDSH, then printing to a redirected printer (network printer in that case) works well.
Good Afternoon,
I have a new RDWeb farm built off Server 2016. Architecture consists of:
1 Gateway Server - GW01 - Running RD Gateway and RD Web Access roles.
1 Connection Broker - CB01
1 Session Host - SH01
1 Licensing Server - LIC01
1 Active Directory Controller - AD01 - Domain: domain.contoso.com
I am only publishing applications through a Session Host, I am not using any RD Virtualization Hosts.
I have created another DNS zone (split brain) in my internal DNS to give all my servers a .example.com DNS entry (Eg: CB01.example.com). This DNS name resolves without issue internally, but not externally.
RD Web URL: mystuff.example.com
I have it deployed and it seems to function properly. I have a legitimate certificate installed for the *.example.com on all the Role Services.
I have used this script to change the published FQDN to avoid certificate mismatch errors:
Change-published-FQDN (Powershell script. I can't link cause my account is too new)
What is odd about this tool, is I have to set the published name to the connection broker server. Eg: cb01.example.com. If I try to set it to mystuff.example.com, I get an error and no logins work when clicking the published application.
When users log in, they get the RD Web page. They can log into that and see the published application. When they click the published application, intermittently it will get stuck at "Loading Virtual Machine" at which point the user either needs to reboot, or kill their Remote Desktop process. Other times, it will work properly and the application will load as expected. The intermittent issue happens perhaps 25% of the time.
I am a bit stumped. I don't see any log entries that have helped me get past this issue. I think my problem lies with the Change Published FQDN tool, but I am honestly guessing at this point.
Are there any logs I should be looking at when this issue happens? Any idea what problem I am having?
Ok guys, I have been chasing some weird issues with RemoteApp deployment. I had abandoned the GUI to deploy RemoteApp as the session collection would fail every time when deploying the apps. I have it narrowed down to a specific program that has an issue. When trying to setup the new RemoteApp via Powershell without specifying an -IconPath this app fails with this error:"New-RDRemoteApp : Could not find the specified icon:"
If I try to deploy this app with the -IconPath parameter the process will complete. However, as soon as this hits the RDweb, IIS crashes out with a generic runtime error. I have tried to place the icon in the same root folder as the executable, no luck. I have even opened the exe with Resource Hacker and created a new Icon and exe. Same problem every time. I can use powershell to remove the app from the collection and IIS immediately gives me the working RDweb interface after a refresh. I am at a loss as to why this one application refuses to allow a successful deployment. Any help is greatly appreciated.
Windows Server 2016 Datacenter
Running on VMware ESXi6.5
****-License01.corp.contoso.com = RD License, Broker, Gateway and Web Access (Also handles application licensing)
****-APPS01.corp.contoso.com = RD Session Host (houses the applications and data)
Hi,
The new web client seems very limited when it comes to configuration. I need to force a keyboard type (PC/UK) but I can't seem to find any way of doing this. Are there some super secret options out there or is it a case of waiting for the next version and hope this functionality is included?
Thanks
Rob
正規ライセンスをもって、ドメイン参加したWindows 2016サーバマシンに、
RDS ライセンスサーバをインストールし、アクティベートを成功し、
CAL (user)ライセンスをインストールし、診断ツールでチェックしていても、正常。
ライセンス数が10個に対して、ユーザ2つにそれぞれアサインされていて、残りのライセンスは8個。
RemoteAppの配布も、リモートPC接続も、同じドメインにある他のマシンから接続できている。
ライセンスの状態もアクティブとなっていて、有効期限は「期限切れなし」となっている。
しかし、CALライセンス情報は、有効期限として、発行日から60日後となっている。
エラーも何も発生していないのですが、なぜ、CALライセンスの有効期限が「期限切れなし」とならないでしょうか?
i am trying to disable Hyper V (its not going well if anyone could help id appreciate that). So i tried to install Hyper v and then delete it, but when i deleted it i had to restart and it must have deleted the GUI with it. So my VPS is blank with only Administratoron the top of the box. I need to find a way to get back into the server. Now i did find a solution to it using "SConfig" and that method (heres the link to it https://www.howtogeek.com/111967/how-to-turn-the-gui-off-and-on-in-windows-server-2012/ ) . However with mine number 12 says "Log Off User". It doesnt say anything to do with GUI. I know or i think i deleted it but i need it back to get back into my vps. Thanks .
I also had this issue yesterday but that was because my vps was hacked or had a virus, this time i definitely know its my fault. I went to my vps provider and they fixed it for me by reinstalling i for me. I cant go back to them every time i fuck up and get them to fix it. I need to learn how to do this myselfHello,
we are running a RemoteApp environment using RDS Gateway running on Windows Server 2016 Standard. Our problem is that clients running on Windows 10 are not able to connect to RemoteApp at all. After entering the credentials, the login window pops up again after 1 second (it's an endless loop).
An entry with the Server IP to our internal server name was created in the hosts file. Pinging it also works fine.
RDP Client logs show the following (unfortunately in German):
Fehler10.05.2018 12:11:42Microsoft-Windows-TerminalServices-ClientActiveXCore1033AllgemeinKomponentenname:CClientProxyTransport, :: 'Gateway Error' in CClientProxyTransport::SetErrorStatus at 2853 err=[0x800759d9], Fehlercode:0x800759D9Clients running on Mac OS are able to connect just fine.
Thanks in advance for any help!
I have a relatively simple setup. I have a previous 2012 R2 deployment that I am replacing with this 2016 deployment. 1 Gateway, 1 Broker, and 2 Load Balanced Hosts. Everything is working fine for users connecting from the local network. Users connecting remotely are getting a Code 0x607 authentication error when they are redirected to the second host.
Our gateway server is using a 3rd party certificate. This server is running 2012 R2. It is still part of the 2012 R2 deployment, but my understanding is that it should continue to work just fine. The eventual plan is to replace this server with a 2016 that is part of this deployment, once I have transitioned my users.
Our Broker server also serves as a host. This server is using a cert issued by our local domain CA. All is well on this machine. The RDWeb service is also installed here. I should mention that our users do not use the RDWeb service. Rather, I use the RDWeb to get an RDP file that I distribute to the users.
Our 2nd Host is where we are seeing the issue. This server is also using a cert issued by our local domain CA. When users are redirected to this serverwhile connecting remotely, they are getting the error I mentioned above.
My clients require TLS. The RDP files are directed toward the Broker and have all of the load balancing details and use redirection server name set to 1.
The 0x607 error seems to indicate that I have a certificate issue when the client is trying to connect to the host. What has me confused is the the fact that they work just fine locally, when only one of my servers has issues remotely (both using local domain cert).
It is my understanding that we should not be using a DNS Farm name with 2012+ versions of RDS. Perhaps I am breaking that logic by handing out a static RDP File. If that is the case how do I fix it? I have thought about getting a 3rd party cert for my internal domain servers, but that is an expensive guess if I am wrong about the issue.
What have I done wrong?
We have completed RDS deployment and now trying to add RD Gateway role. The wizard fails with no information. Checking the event logs and it says the role was successfully installed, but it is not. Have enabled debug logs and checking RdmsUI-trace.log, it also says the role was successfully installed, but it is not.
According to this article, we should also have an RDMSDeploymentUI.txt file in Windows\Logs, but none has been created (yes registry entry is added and server has been rebooted multiple times).
Have run the wizard several times, including several reboots and get the same every time. When adding the RD Gateway role, the instructions on certificate is exceedingly confusing, conflicting itself. We don't want to use a self-signed certificate - we have a proper certificate, but it's not clear whether we can specify the real certificate or must use a temporary self-signed certificate initially. In any case, I have tried both, specifying the actual public certificate common name we will use (rds.ourdomain.co.uk) as well as the local server name (our-rds.domain.local). Same failure every time.
With zero information on why the wizard says it failed while other parts say it succeeded, but didn't because the role is most definitely not installed, how can we determine what the issue is?
For information, this 2016 server is a member server on a network controlled by an SBS 2011 box, if that has any bearing.
Adam@Regis IT
Hi,
we host multiple clients with highly standardized environments but on the servers of a single customer i have the following behaviour:
The associations xml is right since it works with every other customer. The only FTAs (or protocols) included are http and https.
The values get written to the correct reg key: HKU\Software\Microsoft\Windows\Shell\Associations\UrlAssociations\http(s)\UserChoice
There ProgID and Hash are also written but it seems like the Hash is wrong.
If i set the default Program in the dialog (OpenWith), another Hash is written and this Hash seems to be correct since opening Hyperlinks works then. But since UsrClass.dat doesn't roam after a logoff the settings are gone.
If I take a hash value that has been set through the OpenWith dialog that is working and replace it with the hash set from profsvc it also works.
I read that the generation of the hash also includes the timestamp of the reg key. If this is true replacing the hash with an older version should not work right?
Since this behaviour only occurs on one of our clients i do not rule out the possibility of customizations made by the customer but i can not find any further clues to pin down the culprit.
Said Server is a 2012 R2 with latest patches, Citrix VDA 7.6, Citrix UPM 5.5. The issue occurs on all tested clients (Win7, Win10, IGEL ThinClients)
What are other areas i could look or tools i could use to do any further analysis? My traces so far involved monitoring the activity on said registry keys and the mentioned associations.xml in procmon. In both cases only svchost with UserProfileService on the Stack accessed said items.
Thanks in advance!
associations.xml:
<?xml version="1.0" encoding="UTF-8"?><DefaultAssociations><Association ApplicationName="Internet Explorer" ProgId="IE.HTTP" Identifier="http"/><Association ApplicationName="Internet Explorer" ProgId="IE.HTTPS" Identifier="https"/></DefaultAssociations>
Stack of the RegSetValue Operation on the hash on User login:
0 ntoskrnl.exe RtlEqualUnicodeString + 0x1f00 0xfffff8033d425d80 C:\WINDOWS\system32\ntoskrnl.exe
1 ntoskrnl.exe SeAssignSecurity + 0x2d77 0xfffff8033d45d5cf C:\WINDOWS\system32\ntoskrnl.exe
2 ntoskrnl.exe setjmpex + 0x6523 0xfffff8033d1d51a3 C:\WINDOWS\system32\ntoskrnl.exe
3 ntdll.dll NtSetValueKey + 0xa 0x7ffaead70d5a C:\WINDOWS\SYSTEM32\ntdll.dll
4 KERNELBASE.dll RegCreateKeyExW + 0x187 0x7ffae8161477 C:\WINDOWS\system32\KERNELBASE.dll
5 KERNELBASE.dll RegSetValueExW + 0x141 0x7ffae8161601 C:\WINDOWS\system32\KERNELBASE.dll
6 SHELL32.dll OpenRegStream + 0x2daf 0x7ffae97924df C:\WINDOWS\system32\SHELL32.dll
7 SHELL32.dll Ordinal714 + 0x32ad 0x7ffae9840f2d C:\WINDOWS\system32\SHELL32.dll
8 SHELL32.dll SHGetFolderPathAWorker + 0x74b 0x7ffae98568fb C:\WINDOWS\system32\SHELL32.dll
9 SHELL32.dll SHGetFolderPathAWorker + 0xa5c 0x7ffae9856c0c C:\WINDOWS\system32\SHELL32.dll
10 SHELL32.dll SHGetFolderPathAWorker + 0x904 0x7ffae9856ab4 C:\WINDOWS\system32\SHELL32.dll
11 SHELL32.dll SHGetFolderPathAWorker + 0x148a 0x7ffae985763a C:\WINDOWS\system32\SHELL32.dll
12 SHELL32.dll SHGetFolderPathAWorker + 0xdde 0x7ffae9856f8e C:\WINDOWS\system32\SHELL32.dll
13 SHELL32.dll Ordinal891 + 0x17a36 0x7ffae98c6ae6 C:\WINDOWS\system32\SHELL32.dll
14 profsvc.dll profsvc.dll + 0x4ad8 0x7ffae59b4ad8 c:\windows\system32\profsvc.dll
15 profsvc.dll profsvc.dll + 0x499b 0x7ffae59b499b c:\windows\system32\profsvc.dll
16 profsvc.dll UserProfileServiceMain + 0xe69 0x7ffae59c2079 c:\windows\system32\profsvc.dll
17 profsvc.dll UserProfileServiceMain + 0x16f1 0x7ffae59c2901 c:\windows\system32\profsvc.dll
18 profsvc.dll profsvc.dll + 0x7d3d 0x7ffae59b7d3d c:\windows\system32\profsvc.dll
19 profsvc.dll profsvc.dll + 0x68da 0x7ffae59b68da c:\windows\system32\profsvc.dll
20 ntdll.dll TpSimpleTryPost + 0x1be 0x7ffaeacf679e C:\WINDOWS\SYSTEM32\ntdll.dll
21 ntdll.dll RtlFreeUnicodeString + 0x17ed 0x7ffaead18e8d C:\WINDOWS\SYSTEM32\ntdll.dll
22 KERNEL32.DLL BaseThreadInitThunk + 0x22 0x7ffae8c213d2 C:\WINDOWS\system32\KERNEL32.DLL
23 ntdll.dll RtlUserThreadStart + 0x34 0x7ffaeacf54f4 C:\WINDOWS\SYSTEM32\ntdll.dll
Need help to log into Windows Server 2012 R2 after installing it on a laptop running Windows 10.
Admin password cannot get in too.
Thank you.
Hello,
I'm currently in process of setting up an RDS environment and recently a new session collection started showing up called QuickSessionCollection along side my other 2 collections. How can I remove this? In my RDS setup I only have the 2 collection but this rogue one recently showed up. This is on Server 2016.
Any help would be greatly appreciated
Thanks!
Hi.
Is there some way to turn on/off Drain mode for RDSH server
without addministrative permissions (user in Administrators group)?
We have a Windows 2012 R2 RDS environment that we have been using successfully for sometime for our ERP solution. We recently made an acquisition and discovered that their primary subnet was the same as the subnet we use for our server environment. We working to make changes, but in the mean time we have setup NAT rules on each end of a point to point connection facility normal traffic, and a trust between the domains. This is all working wonderfully, until we got to allow users on their side of the connectivity to our ERP solution through RDS.
Out Environment
1 RDS Connection Broker
1 RDS Licensing Server
1 RDS Web Access Server
6 RDS Session Hosts (Prod)
1 RDS Session Host (Test)
Some of the testing appears to show the RDS Connect Broker communicating with the Client, up until point that it attempts to redirect the client to the Session Host. We see the Client starting to broadcast a Who Is for the actual IP of the Session Host. Which of course is going to fail, both client and Connection Broker then time out trying to communicate.
My Question: Is the RDS Connection Broker redirecting bases off of the IP or FQDN of the Session, and if it is by IP, is there a way to have it use the FQDN.. other input and suggestions are also welcome.