Quantcast
Channel: Remote Desktop Services (Terminal Services) Forum
Viewing all 27656 articles
Browse latest View live

RDP server hangs suddenly

February 18, 2019, 5:39 am
$
0
0

Hi folks,

I am dealing with weird issue on my Windows Server 2012 R2 server. Server is used as DC and RDS server.

Everything was working fine until Friday where I saw this problem first time.

Users reported that they are unable to log on to RDP - they see black screen only. User with active RDP connection are able to work but unable to log off from RDP. In server console I see that RDS is not working properly. I am able to restart all RDS services except this one - UmRdpService.

And there are some errors in event viewer.

13:05:13 Source - System, Service control manager - event ID 7011 - service UmRdpService timeout. 

And then another:

The same source and event id but service is different - hidserv, Netman, ScDeviceEnum, transaction  SysMain 

and the last one - event id 7046 - UmRdpService

There is another error in app event viewer.

13:00:13 - App - Application Hang - event id 1002 - program StwPh.exe verze 5.1.12103.2 stopped cooperate with OS

I would say that problem is caused by app - STWPh.exe.

What do you mean?

Thanks.

Jendislav

Search

Drive and Printer redirection stop working over the day

February 14, 2019, 1:08 pm
$
0
0 
Hello from Austria !!

First of all I wanna say, please excuse my bad english.
Since about 5 weeks I am struggling with the problem, 
that after a reboot of a fully patched 2012R2 RDS server,
the printer and drive redirections at logon will be done only about 2-3 hours after the reboot.
For users who do not log out / disconnect, they work the whole day. But when you log in again, no drives or printers will be redirected.

Sometimes the redirections work after lunch, but here they will be done only about 30 minutes.
After that time, new logged in users will not get any redirections.
At weekends, things usually work the whole weekend.

I have already done SFC / scannow, DISM / Online / Cleanup-Image / RestoreHealth.
Restarting "Remote Desktop Service Port Forwarding in User Mode" service does not change anything.

Deactivating and activating the "Device Redirector Bus for Remote Desktop" in the Device Manager has  worked only once, then the redirected drives and printers reappeared in the session.
Only the restart of the server (what happens Monday to Friday at 5:30) is bringing back the redirects for the mentioned 2-3 hours.

In the event log I find no error messages in consense with Remote Desktop.

I look forward to any kind of feedback, thanks in advance !!!

Regards from Austria

Reinhold

Windows 2016 RDS License Issue

February 8, 2019, 8:34 am
$
0
0

Hi All,

I had a new deployment for RDS environment, a new Windows 2016 RDS license server configured for per user license. The RDS license server was not activated until this week, and the RDSH, which run Citrix XenApp , no longer accept any connection. We tried just regular RDP to the console and always got the following error, on the event log of the RDSH.

But when run the RD Licensing Diagnoser on the RDSH and everything is good, see the following

I could not find any troubleshooting document for Windows server 2016 all I found was for Windows 2008 R2/2003/2000 which was outdated.

Thanks in advance for your help.

Altan

Using RDP Gateway - remote computer uses NLA but domain controller cannot be contacted

February 18, 2019, 2:13 pm
$
0
0

Hi,

This evening I got the error remote computer uses NLA but domain controller cannot be contacted... however I closed the error down, tried again and got straight on.

Could it just simply be a blip? I was using our Server 2016 RDP gateway to get onto my Windows 10 machine.

To confirm I have then gone on to all 3 of our DC's and run a DC diag, and all come back fine...

Migrate roaming profiles to user profile disks

February 12, 2019, 6:09 am
$
0
0

Hi,

I need to migrate about 450 roaming user profiles to user profile disks. I'm working on an upgrade project RDS 2008 to RDS 2016. 

RD Gateway Configuration Failed - Error 2147749890

February 7, 2018, 8:55 am
$
0
0
Hi, I've tried everything I could possibly think of (full server wipe is not an option), I've reinstalled the role and everything but everytime I goto complete the setup it says:" RD Gateway Configuration Failed on (servername) With Error: Unable to configure the RD Gateway server: (servername) The error is 2147749890.". I've looked around I've enabled event log auditing and no errors other than that one, this has been an issue for weeks any help would be super thanks!

HA Connection Broker with Azure SQL

February 14, 2019, 12:40 pm
$
0
0

Hi folks,

I'm planning on building an RDS environment with HA Connection Brokers. I'd like to use Windows Server 2016's new ability to connect to a SQL Database in Azure for the CB Database as this would greatly simplify licensing and the need to have an onsite SQL cluster.

Obviously the performance required of the database is going to be directly proportional to the number of users logging out and in, but there doesn't seem to be any general build recommendations for the sizing of the SQL Database in Azure when using it for this function like:

Basic/Standard/Premium Tier
DTU's

SQL in Azure is pretty cheap overall, but I don't want to oversize (or undersize) what I need to get this done. Can anyone get me started or point me in the right direction?

Jay Schwegler

Recovering Remote Desktop Services after installing AD

February 14, 2019, 9:34 am
$
0
0

We have two servers here. a 2008r2 domain controller, and a 2012r2 file/print/rds server.

I installed AD onto the 2012r2 server in the hopes that it could work as a backup dc, not realizing that doing so would kill Remote Desktop services.

So I removed AD from the 2012r2 in the hopes that would bring back RDMS, but it doesn't. Every time I try to start the service it says "The Remote Desktop Management service failed to start. Error code: 0x88250001"

Did installing the AD role change something that did not get reverted when I removed the role? Is there a way to get this server to accept RDP connections again?

As an aside, I am also getting this error message. "RD Connection Broker service denied the remote procedure call (RPC) from an unauthorized computer ::1."
Search

RDS Gateway Domain-Joined in New DMZ or Existing?

February 13, 2019, 2:30 pm
$
0
0

Is there a best practice regarding putting an RDS domain-joined gateway in an existing DMZ with other systems or creating a new isolated DMZ for it? 

Thought process is that if a system in the DMZ is compromised it could more readily lead to a compromise of the gateway and then straight to a domain controller.

 

What RDP and windows CALS are needed for the following scenario

February 13, 2019, 11:15 am
$
0
0

Hi all,

I am getting confusing answers so I am hoping a licencing expert can help me.

I have a client that requires 6 staff to be able to access a server at any time. They then also require us to be able to log in as their support provider if/when issues arise. This would be up to 7 concurrent logins.

I am told you get 2 RDP licences includes with Windows server.

We have decided already that user licences are what is required as the staff at their organisation can log in from 3 different locations.

I want to know in the above how many RDP licences need to be purchased.

Do we only need 5 as there are the two provided on Windows servers?

Do we need 6 as their are 6 staff and one administrator needed?

Do I need 7 as there will be seven concurrent logins?

Windows 2016 RDS Error 0x800703E3 when copying from Windows 10 to RDP session

February 11, 2019, 12:37 pm
$
0
0

We are connected to a Windows 2016 RDS server using Windows 10.  Any time we try to copy a file from a connected drive that is passed through in the session it causes the session to disconnect for about 10-15 seconds and then it will reconnect and shows"Error 0x800703E3: The I/O operation has been aborted because of either a thread exit or an application request."

We have tried changing SMB settings, disabling RemoteX on the RDS server and changed the RDP client to use limited bandwidth.  Any suggestions would be greatly appreciated.

Is it possible that rds / windows server change/reset register settings to default automatically

February 19, 2019, 1:50 am
$
0
0

Hi everyone,

We have customer that has a strange issue. Only few users have this issue and not everyone. Scenario is like this, customer have roaming profiles with folder redirection. They have application that is installed on all rds servers. That application calls another program and to make this work they had to change registry entry for every users under HKCU\software\software name

Now issue here is that when some users log in path to the program changes from S (which is manually configured in registry and it is giving path to the files of program) to C: where the program is installed. My question is, is this windows error of is this the application error. I think that windows registry should not change this automatically or am I wrong? I am not sure what to do because application vendor told us that this is windows issue not application?

Bogus error: “The remote computer requires Network Level Authentication, which your computer does not support.”

September 9, 2015, 8:32 am
$
0
0

Hello, 

We have Windows 2008 R2 servers with SP1 fully patched and Windows 7 SP1 desktops also fully patched. We enabled NLA (Network Level Authentication) via group policy recently after we decommissioned our last 2003 R2 server. We can connect to all of our 2008 R2 servers via remote desktop except for one. We get the error: 

“The remote computer requires Network Level Authentication, which your computer does not support.”

We are using other 2008 R2 servers and Windows 7 desktops to try to connect to the server. They all support NLA. But we still get the message. We rebooted the server from the console. That still did not resolve it. We could turn NLA off in the group policy at least for this server but we need it turned on for compliance reasons. 

Any suggestions on what the issue is? 

Thanks. 

Outlook unable to search after update

December 3, 2018, 6:51 am
$
0
0

After installing 2018-11 Cumulative Update for Windows Server 2016 (1709) for x64-based Systems (KB4467681) on our RDS servers the outlook 2013 search bar does not work, clicking on the magnifying glass does nothing.

Going to advanced find and searching there works.

Search works again after uninstalling update.

RDS 2019 (but probably other versions as well): locked RDP session logs in after session reconnect

February 19, 2019, 6:57 am
$
0
0

Hi. I'm running into some sort of security issue. Some of our customers actively lock their RDP session so obviously no-one can use it. It seems that when you lock your RDP session, and then get a reconnect to the server, and the RDP client reconnects, it automatically logs you in again, circumventing the lock.

Easy to abuse too: locked session? Just disconnect the network cable / wifi until the session starts reconnecting, and reconnect the cable and *poof* you are in.

Now some of this is prevented as we have some customers that have 2FA implemented on the RD Gateways, so when the session reconnects, you'll need to approve the 2FA. But not all customers have that.

Would there be any way to prevent this? Anyone else can confirm this?

Search

Publish applications with RemoteApp from network drive

February 19, 2019, 7:06 am
$
0
0

Hello!

I need help with the following scenario ... I currently have a Terminal Services server that contains an application, which must be used through a network drive, users access remote desktop media to the server and use the shortcuts of the applications that point to the shared unit, for example, the X :

Now it is required to do the same but through RemoteApps, but when trying to add the path of the applications, from the network unit, I do not or can not, from C: if it does it without problems, but I need to add it to point to the network unit ... how could I do this?

Thank you

Can't RDP / Network Share Across Subnet

February 19, 2019, 8:37 am
$
0
0

I have 1 Server that can't RDP or be RDP'd, access file shares or have its file shares accessed from other servers on a different subnet. 

I can access the file shares and RDP to and from it from other servers in the same subnet. 

Windows Firewalls are off, no I cannot change the IP address for testing because web and application services are dependent upon it. 

Other servers can access shares and RDP across the subnets just fine. It's literally just this 1 server that's having the issue.

Idle Time reset for all users at logon

December 20, 2016, 7:49 am
$
0
0

When I run a 'query user' command to get the idle time for each user, I have noticed that it gets reset back to 0 when a new user logs in. This is a problem because our session timeouts never kick in, even if a user actually is idle. Every single time a user logs on it resets the counter for everyone.

Has anyone seen this behavior before or know how to prevent it? We have idle users who are never kicked off the server because the counter keeps getting reset.

Remote Desktop fails to connect on Windows 7 for users who have been assigned administrator rights. [The Local Security Authority cannot be contacted]

February 19, 2019, 10:32 am
$
0
0

Everything was working fine until about 2 months ago.

I have a Windows 7 system that I access with Remote Desktop Connection from a Windows 10 system.  One day I found that my user account, which had been given administrator rights quite some time ago, couldn’t log on remotely.  The Windows 7 system was configured for remote access with the setting “Allow connections only from computers running Remote Desktop with Network Level Authentication (more secure)”. When I tried to log on, I got an error stating “The Local Security Authority cannot be contacted”

If I configured Windows 7 to “Allow connections from computers running any version of Remote Desktop (less secure)”, then I could log in but I didn’t want to use this less secure setting.

Doing some experimentation, I found that if I enabled the built-in Administrator account, then the Administrator could log in remotely using “Allow connections only from computers running Remote Desktop with Network Level Authentication (more secure)”.

If I created a new standard user called Test.  I found that Test could also could log in remotely using “Allow connections only from computers running Remote Desktop with Network Level Authentication (more secure)”.

If I promoted Test to an administrator, then Test couldn’t remotely log on.  He got the LSA error.  If I demoted my account to a standard user then I could log in remotely using “Allow connections only from computers running Remote Desktop with Network Level Authentication (more secure)”.

When I promoted my account back to an administrator, the logon failed with the LSA error.

All users have valid passwords that are set to never expire and are members of the Remote Desktop Users group.  The only thing that is changing is whether or not the users have administrative privileges.

Is this a permissions issue, or a behavior change cause by an update to Windows 7?

Mark Wilson

Windows update breaks Remote Desktop service on Windows 2008 R2

January 22, 2019, 8:17 pm
$
0
0

Dear Sir,

We hit the issue on 2 windows updates - KB4462915 & KB4462923 (KB4462927). Once we apply them, the RD connection via RD gateway to RD Host is not working. but the internal connection is no issue if I bypass the RD gateway.

In Event Viewer, I found the connection and resource authorization polices are passed but it can't connect to the farm address with warning / error message below in different logs

TerminalServices-Gateway Log: The user "DDD\ABC", on client computer "W.X.Y.Z", met connection authorization policy and resource authorization policy requirements, but could not connect to resource "farm.domain.name". The following error occurred: "817".

System Log: A fatal error occurred while creating an SSL client credential. The internal error state is 10013.

There are the system setting we applied on Remote Desktop Service (all RD servers are Windows 2008 R2),

- Only TLS1.2 is enabled with FIPS (Disabled TLS1.1/1.0)

- "Send NTLMv2 response only" is applied

- RD Gateway and Broker are in the same server and RD Host is in the other machine

If we can enable TLS1.0 on RD Gateway, the RD connection can be resumed but this is not a good solution and will leave the backdoor on server.

Besides, we tried to change security layer to negotiation or enabled back NTLMv1 on servers but they didn't help.

I suspect the main issue might be on the change by KB4462923(KB4462927) which fixes TLS1.0/TLS1.1 issue on FIPS (see below) but MS didn't have a fix for RDG / RDCB to support TLS1.2 completely

  • Addresses an issue that makes it impossible to disable TLS 1.0 and TLS 1.1 when the Federal Information Processing Standard (FIPS) mode is enabled.

At this moment, we only can stop the windows update on RD gateway to prevent the blocking again on RD connection. 

I tried to apply the latest windows update (up to Jan 2019) for the test but the problem is still there...

Does Anyone have the solution to enable TLS1.2 only for RD Service for Windows 2008 R2 with update applied? 

Any advice is much appreciated..

MK

Viewing all 27656 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>