Quantcast
Channel: Remote Desktop Services (Terminal Services) forum
Viewing all 21489 articles
Browse latest View live

Issues with connection broker when RDS server has issues

April 17, 2019, 11:57 am
$
0
0

Current Environment:

HA Connection Broker servers and about 30 RDS Servers (all virtual).  What we have noticed is that when an RDS Host is having response issue (it's still online and running but in a state where it's barely responsive, but apparently responsive enough that Connection broker doesn't see it as offline).  Obviously when this happens users trying to log in that have a session on that host the connection broker tries to redirect them to.  The normal timeout function never kicks in because the RDS Server is still responding.  We have to figure out which RDS Server is not responding and reboot it to resolve the issue.

I have seen the registry keys related to HKLM\SYSTEM\CurrentControlSet\Services\Tssdis\Parameters timeserversilentbeforeping , pingmode, etc.

My questions are:

1 - what is the actual "ping" from the connection broker to the RDS Server, is it an actual ICMP Ping or an application ping of the terminal server service?

2 - any suggestions on how to automatically resolve this issue short of having to find the offending RDS Server and manually rebooting it?

-SMB

Search

Please help azure VMs cant RDP after removing weak Ciphers

April 17, 2019, 11:44 am
$
0
0

Hi, I'm having a really rubbish time of trying to get my Azure VM's. I need to remove any weak ciphers suites and still have RDP work. 

Please, in simple steps and English can someone tell me what settings to set. and if possible the actual registry keys I need to set to make it work.

If I require cipher</g> suites that are weak, but required can you please show which ones they are.

'TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384',
'TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256',
'TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384',
'TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256',
'TLS_DHE_RSA_WITH_AES_256_GCM_SHA384',
'TLS_DHE_RSA_WITH_AES_128_GCM_SHA256',
'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384',
'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256',
'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384',
'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256',
'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA',
'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA',
'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA',
'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA',
'TLS_DHE_RSA_WITH_AES_256_CBC_SHA',
'TLS_DHE_RSA_WITH_AES_128_CBC_SHA',
'TLS_RSA_WITH_AES_256_GCM_SHA384',
'TLS_RSA_WITH_AES_128_GCM_SHA256',
'TLS_RSA_WITH_AES_256_CBC_SHA256',
'TLS_RSA_WITH_AES_128_CBC_SHA256',
'TLS_RSA_WITH_AES_256_CBC_SHA',
'TLS_RSA_WITH_AES_128_CBC_SHA',
'TLS_RSA_WITH_3DES_EDE_CBC_SHA',
'TLS_DHE_DSS_WITH_AES_256_CBC_SHA256',
'TLS_DHE_DSS_WITH_AES_128_CBC_SHA256',
'TLS_DHE_DSS_WITH_AES_256_CBC_SHA',
'TLS_DHE_DSS_WITH_AES_128_CBC_SHA',
'TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA',
'TLS_RSA_WITH_RC4_128_SHA',
'TLS_RSA_WITH_RC4_128_MD5',
'TLS_RSA_WITH_NULL_SHA256',
'TLS_RSA_WITH_NULL_SHA',
'TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384',
'TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256',
'TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384',
'TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256',
'TLS_DHE_RSA_WITH_AES_256_GCM_SHA384',
'TLS_DHE_RSA_WITH_AES_128_GCM_SHA256',
'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384',
'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256',
'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384',
'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256',
'TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA',
'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA',
'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA',
'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA',
'TLS_DHE_RSA_WITH_AES_256_CBC_SHA',
'TLS_DHE_RSA_WITH_AES_128_CBC_SHA',
'TLS_RSA_WITH_AES_256_GCM_SHA384',
'TLS_RSA_WITH_AES_128_GCM_SHA256',
'TLS_RSA_WITH_AES_256_CBC_SHA256',
'TLS_RSA_WITH_AES_128_CBC_SHA256',
'TLS_RSA_WITH_AES_256_CBC_SHA',
'TLS_RSA_WITH_AES_128_CBC_SHA',
'TLS_RSA_WITH_3DES_EDE_CBC_SHA',
'TLS_DHE_DSS_WITH_AES_256_CBC_SHA256',
'TLS_DHE_DSS_WITH_AES_128_CBC_SHA256',
'TLS_DHE_DSS_WITH_AES_256_CBC_SHA',
'TLS_DHE_DSS_WITH_AES_128_CBC_SHA',
'TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA',
'TLS_RSA_WITH_RC4_128_SHA',
'TLS_RSA_WITH_RC4_128_MD5',
'TLS_RSA_WITH_NULL_SHA256','TLS_RSA_WITH_NULL_SHA'

P.s I'm just on about a simple RDP connection to a server from a workstation.

Thanks

Russ


VirtualizeLoopbackAdresses RDS 2016

April 15, 2019, 7:04 am
$
0
0

Hi all,

has anyone used the VirtualizeLoopbackAdresses configuration on RDS?

We are currently facing a problem with a SAP/Genesys integration that run on loopback address.

1 user works, multiple users not.

The application bind itself to 127.0.0.1 but we need a different looback address per session.

Any help is very appreciated.

Thanks.

Faq.ini

Published HTTPS Remote App logs users off after 20 seconds.

April 14, 2019, 7:12 pm
$
0
0

I have recently deployed a 2016 RDS server farm. This is being used to publish remote apps to users via RDWeb.

Now, for some strange reason there are 3 seperate applications that I have deployed (All 3 being https URL's via Internet Explorer) which simply log the users off 20 seconds after the app has been launched. No errors are generated inside the Session host at all, simply a user logoff event.

This session host server is responsible for publishing several other applications and this particular issue does not present itself anywhere else. Also to note is that if an existing session exists for that user, then they are able to run the HTTPS published apps without any issues and their session is maintained.

Please help, I am bashing my head in with this one!

Windows 2012 r2 remove certificates from deployment properties -> certificates

April 12, 2019, 4:49 am
$
0
0

Hi everyone,

I`m either complitly blinde or dumb, but i can`t find any way to delete certs from deployment properties -> certificates to make them all "not configured" again. May be some one can helps me with that?

Windows Server 2016 Remote Desktop Services - Workgroup environment, CAL Licensing

April 17, 2019, 11:33 am

lock down RDS 2016 for standard users

April 8, 2019, 10:14 am
$
0
0

hello we are providing full session desktop (rds 2016)

i notice that any domain user can open "server manager" and "administrator tools"

this seems to be security risk.  How can I disable these two items but still allow it for the domain admins?

Error setting up User Profile Disks for Server 2019 RDS Farm

April 16, 2019, 4:22 pm
$
0
0

Hello,

I have been trying to configure the "User Profile Disks" option for an RDS Farm with no luck.

I have one Server 2019 RDS Broker server and four Server 2019 RDS Session Host servers. I have successfully created the collection and added the SH servers to the farm. However, when I try to configure the UPD option, I get the following error:

"Could not create the template VHD. Error Message: -2147023174"

I have been trying to create the share on the broker server and have verified the share for the UPD is created and permissions are correct. When I try to configure the UPD, the process does add the SH server accounts to the list of permissions, but does not seem to actually create the VHD.

Automount is enabled on all servers in the farm, all servers have the latest updates.

I have tried creating a new share on a different server (Server 2016 STD) and get the same error message. The name of the share doesn't have any spaces or special characters: UserProfileDisks


Search

Load Balance 3391/UDP and 443 for Gateways

April 18, 2019, 1:27 pm
$
0
0

Looking for some help concerning the RDS Gateway Role and load balancing.

I have an pre-production RDS environment that contains 3x Gateway Servers. I have tested the environment by connecting through each one of the individual Gateways and everything works just fine.

I'm now at the point where I want to use my hardware load balancer (F5) to receive the connections and distribute them between the 3 Gateways. I would also like to use the UDP Transport on 3391 as well.

The part that I don't completely understand is that I'm assuming that each individual connection, which will be coming in on both TCP 443 and UDP 3391 would need to be routed to the same gateway?

It would make sense and be easy to set the LB up to balance both ports to the 3 Gateways, but without any specific load balancer magic, connection "A" might go to one gateway for 443 and a different gateway for 3391.

 

 

Jay Schwegler

RDS licensing issue in windows server 2012 R2 Datacenter evolution.

April 21, 2019, 11:18 pm
$
0
0

we are facing RDS licensing issue in windows server 2012 R2 Datacenter evolution. 

Error : RD Licensing Manager : the license code is not recognized .ensure that you have enter thr correct code  



RDP Broker / Host session freeze

April 16, 2019, 11:26 am
$
0
0

Hi Everyone,

We have one of are larger clients that was recently transitioned into a server farm using Broker with 10 hosts (approx. 75 users). Broker and hosts are all on Server 2019 Datacenter. The issue seems to crop up randomly, some users are effected after 10 minutes, some after 5 hours, regardless of host but either way their session hangs (completely unresponsive). 

They have 9 offices, all are point to point VPN'd to our Datacenter where the servers are and all of them work fully out of RDP. I've turned logging on the Broker but doesn't seem to be catching much, on the other hand I am getting the following error from the hosts when a user has the "freezing" issue:

EventID 1401: The server is using version 0xA0600 of the RDP graphics protocol (client mode: 0, AVC available: 1).

EventID 266: RDPClient_SSL: An error was encountered when transitioning from TsSslStateDisconnected to TsSslStateDisconnected in response to TsSslEventInvalidState (error code 0x8000FFFF).

Event ID 1105: The multi-transport connection has been disconnected.

They always seem to get this string of reports under Microsoft-Windows-TerminalServices-RDPClient/Operational when the hang happens. We've tried restarting all of the hosts and broker, all firewalls, etc but the issue continues and needless to say they are getting frustrated. The only two "fixes" seem to be booting their session, or waiting the 30+ minutes for the session to come back.

I've done a fair bit of research but most paths seem to lead to a dead end, any insight provided would be massively appreciated. I can upload all the logs I've collected if need be.

Thanks


EVENT 56

April 14, 2019, 6:44 pm
$
0
0

Dear Support , 

i would like to ask how to resolve the problem with event id 56 and Source name call " TermDD ? 

this is the Terminal server in OS 2008 R2 . 

it was keep prompt the error The Terminal Server security layer detected an error in the protocol stream and has disconnected the client.

the situation is remote desktop not function when try to access from client. 

Server restart 1 time after 12 hours will getting this error again. 

thank you 

ray 

Troubleshooting Remote Desktop connections

April 22, 2019, 1:31 am
$
0
0

For brief explanations of several of the most common Remote Desktop Services (RDS) issues, see Frequently asked questions about the Remote Desktop clients. This article describes several more advanced approaches to troubleshooting connection problems. Many of these procedures apply whether you are troubleshooting a simple configuration, such as one physical computer connecting to another physical computer, or a more complicated configuration. Some procedures address issues that occur only in more complicated multi-user scenarios. For more information about the remote desktop components and how they work together, see Remote Desktop Services architecture.

 

Troubleshooting Remote Desktop connections

Please remember to mark the replies as answers if they help.
If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

Remote Assistance without user's permission.

September 14, 2017, 11:55 pm
$
0
0

Hello. I'm trying to configure RA connections with my co-workers in office using Windows Server 2012 and Windows 10.

Having workstations and users in domain i've managed to setup everything. I use "msra.exe /offerra" command and it works but it requires user's permission for connection and another one for giving control.

Is there a way to disable this prompts in Server 2012/ Windows 10? 

Thanks

Lukasz

Can A Windows 7 Virtual Machine Be Used As An RD Session Host?

April 18, 2019, 2:03 pm
$
0
0

Hi all, our Windows 2012R2 RDS system was just handed over to me to support. With little knowledge I was tasked with setting up the following and am wondering if this even possible.

Task: Set up a Windows7 32bit session host so that some very old software can be loaded on it and it would be accessed by only one person. The user is working remotely and can only get to an internet accessible RDS gateway that would provide access to the Windows 7 Session Host inside our network.

The windows7 Hyper-V virtual machine was created and then I get on our Windows 2012R2 server where RDS is managed and I open up Server Manager and add the new Windows7 PC. The Server Manager shows a Manageability status of "Online - Cannot manage a client-based operating system'.

Can I still add this Windows 7 vm as a Session Host in RDS? Is Windows 7 even a supported operating system to function as an RDS Session Host? Can I create a session collection such that the win7 session host will be used for Remote Desktop sessions?

Any feedback will help me understand RDS better and would be much appreciated.

 

Search

Difference between deployed rd license server and rd license server in deployment properties?

April 22, 2019, 4:44 pm
$
0
0

In a very simple windows 2012 r2 RDS server there are two setting which seem almost the same. If someone could explain the difference that would be helpful.

Both are accessible from the RDS Overview panel.

#1 is found in the Deployment Overview panel where there is a RD Licensing icon. If one adds a RD License Server via that icon, the server will appear in the adjacent Deployment Servers list.

#2 is exposed via Tasks list when you choose Edit Deployment Properties. The four deployment properties that are exposed there include an entry for RD Licensing, which allows you to again specify the FQDN for a RD License Server and to choose between licensing per device or per user.

Windows 2019 RDG issue

April 21, 2019, 1:30 pm
$
0
0

Hello,

I've deploy RDS on one server (RDWeb/RDG/RDL/RDConennection broler/ RD session host). I try to disable UDP and/or change RD Gateway port and received the error:

---------------------------
RD Gateway
---------------------------
The following error(s) occurred:



Unable to set transport settings
---------------------------
OK   
---------------------------

In log Microsoft - TerminalServices-Gateway - admin:

event id 4004

The Windows Firewall exception to allow network traffic comprising of Remote Desktop Services client connections data through the configured UDP port of Remote Desktop Gateway could not be modified.

or 

4002

The Windows Firewall exception to allow network traffic comprising of Remote Desktop Services client connections data through the configured (non-default) HTTPS port of Remote Desktop Gateway could not be modified.

And settings didn't change

Active Directory and "Require User's permission" under the "Remote Control" tab.

April 22, 2019, 7:55 pm
$
0
0


Looking for Remote into computer without user permissions, however we want to limit the account.. How to control the account with remote control permissions to limited computers in organisation instead of full permissions to entire organisation workstations  

Windows 2019 server not retaining memory of local printers in terminal server

April 22, 2019, 1:52 pm
$
0
0
I am running a Windows 2019 Server Trial edition.  Working well EXCEPT for the printers is not retaining the port memory.  Every time a new session needs to occur, as Admin I have to hunt down where the printer is.  Why is this happening?

export-startlayout gives non readable output

April 23, 2019, 3:55 am
$
0
0

Hello readers,

We have a server 2012R2 environment with 2 RDS servers and a Connection Broker.

When I try to export the Startdesktop (Export-StartLayout -Path "C:\Beheer\start_new.xml") -Path ", i get instead of a xml file an output in non readable format like:

LMXL@  H  ÷^*xœÍ—oOAÆç£ßòç@H¬    \cªÅh«}ÁÃš"RÀj5ýîýÍs'FÛØÚX —Û›™ÝyfgwvnÛFÖ³+Û©}¶Ä¦–³oúÎìÜ.῱
+ñæìÈv­¥þ†íØ6zçh^#3Ç´ËŽlNoJ›jA_ba¢Þœ1#4sÖ€3YÌxg8u‹­j¼¦V€jÒ,”Äy5¸5Qmž2½ªô*ÐmÚ‚ý°.㻕•Ûع²{•ÇúؾÈ÷ð6C=³¯è8îÄŠšç&ûºf ×W(±æ›1—qÙæ¼j    gÈ\MÛc Ub÷ªLÏ©¼-yÕ„n`¯È¨¼Z¯{•Îí{òfŒ½´À;‡šg‘[ŽwûðOÝï½<²{cÚ9^Ü0b„|š­¿Çf¨=7ÒYÒˆ½=ÕNHV¸6'ŠÑ€þ5Üt%fìÅ9œÉ/¸®¡Ð¾G^†ióÉ™û»ø;ľCñáßµ÷´;dLžØ~âÍ ÙêVõ1ÆŽ}´¶Ç·cïÖ£cŠh÷ÖßýPB½g5×å>7Mƒuô•<âYÊ;2t¤›+D»Í<žË Ù]ÒÆÊïžÉC$=—–Ð- õ[­´åwÏ
}ì8zßW®Ï‹jÝÐ-æé>â=Œ8„SÆBþÍ«ç»Ë-]ž6õBg¢û  Æ.½>6&šc@?ÎÆϾu@3²ïò¯¯¬™®ÈêvaCµÄ¥½ÕœÉâ6 »CÚĪßùuµûHZPvßêé-ïÕJ ß+˜²v…˫쓪öÃr<|>2sÅb¾†‘yí“w¦
*§úe¨jåBÞ¤5ptiM;Î*¬®bÛÔ¨2Ÿc-ÏBÜ<yÉ«êÏÿ9ÏÅ5Q\ÏU`F¯Š{ªÍÓ\qªsëÕÚqVÇ;ÿ8»åï³éºž³6c–¶bšF¿ªÓåõu¨ëv(KZ×éóÜwGË1ÚË:g/÷ÐsD‹·
æ8û7(gžOJòµ­ÿ…’(÷¯˜ý9„ðªø­±‡Ep–@ãWSÞT²ÿ¥@hZò+B¡(ÞE÷·®*Ò¯íáÓ;nsñ§›öžþ1ï˜ÙOüáe

When I ran the cmd, there was no error message.

A few years ago, the StartLayout was exported succesfully.

What I have tried so far:

- tried the export on different servers (RDS and non-RDS)

- tried the export with a different (domain) admin account

- tried the export with optie "-as bin"

I found only one other reference to this issue online, but unfortunately no solution: https://social.technet.microsoft.com/Forums/en-US/71e76f2a-2b40-466a-8046-fa191babfb9a/how-to-hide-additions-applications-from-windows-81-using-group-policy-server-win2k8-r2?forum=w8itprogeneral

Anyone an idea how to fix this?

Viewing all 21489 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>