Hi,
our workstations with Windows 10 pro are in this weekend updated to version 1803. For main system we use RemoteAPP aplications on Windows server 2012R2 (Windows server 2012R2 is full updated). After update on client station are RemoteAPP slower, and right mouse button is unresponsive, or react verly long time...
It is a big problem for us.
PS: after replace mstsc.exe and mstscax.dll from older version Windows 10 is all OK. but this is not a solution.
Thanks.
I have a (old) ERP system setup as a RemoteApp.
When you go to spool invoices etc and display them, it goes to generate them, brings up WordPad but then comes up with the following message:
"\\ServerFQDN\c$\Program Files (x86)\Application Folder\Sub Folder\Filename.txt
Cannot find this file
Please verify the correct file name and path are given."
It has never written the file.
If I open WordPad as a RemoteApp and manually browse to that location I have full access and create and modify a file there so I dont believe its a permissions issue.
Any advice would be greatly appreciated.
Hello to All!
We have a problem with RDS feature on 2016 Server.
Server was deployed with no CALs installed and worked some time in a trial mode. Then owners of this server bought 30 Per User licenses trough SPLA programm and I was asked to activate and install licenses in it.
Before I connect to server I saw that owners are now in procces of deleting grace period registry entry (because grace period has ended and they was in big hurry to make it work again).
After all this and mine (standart activation and installing licenses proccess) manipulations server now did not want to see legal licenses and continuing working in trial mode (grace period still ticking). Last manipulations was to delete grace registry again and reboot the sever (I found similar situation https://www.360ict.nl/blog/no-remote-desktop-licence-server-availible-on-rd-session-host-server-2012/) but it did not helped and now grace period start ticking from beginnig (120 days).
I found info that 2016 server is still can issue Per User CALs to local users in Workgroup environment and made all manipulations with local group policies https://digitalbamboo.wordpress.com/2017/04/05/deploy-remote-desktop-services-in-a-workgroup-easily/ and other stuff and now in diagnostics there have no warning and all green.
Maybe some one faced similar problem or have any suggestions I would be very graceful. I'm desperate already.
Hi
I am doing a POC on RDS and I am currently running into some limitations that I hope someone here on the forum can help answer if those are indeed limitations or if what I try to do can be achieved in another way.
Explanation of environment.
1 datacenter site (6 RDS hosts)
11 large branch sites (2-3 RDS hosts in each branch)
Datacenter is publishing applications from central systems running in the datacenter
Branches are publishing applications from system running locally on the branches. Most of these local systems for several reasons have to run locally in the branches and it is mission critical for thin clients and computers running at the same local branch to have access to those local published applications 24/7. That means also when the WAN link to the datacenter should go down.
Published applications must be able to be launched from computers and mobile devices, from the internet. This should be archived with gateways and web access servers placed only in the Datacenter. We don't want to have internet facing servers running on our branch sites. Of course those local published apps on branches can only be launched from internet when the WAN link to the datacenter is up, but this is ok. Critical part is for local clients on the same site as the RDS hosts to be able to launch them if WAN should be down.
Design considerations
Since we don't want an individual deployment for each branch, where we would need internet facing gateway and web access servers on each branch, those should be placed in the datacenter, so the best fitting design here would be the below.
Datacenter: 2 x RDS gateway/Web access servers, 2 x connection broker, license server and 6 RDS hosts.
Branches: 2-3 RDS hosts
Collections: 1 for datacenter and 1 for each of the 11 branches.
This setup however would not allow clients to start locally published applications if the WAN link is down to that branch, since users in that branch cannot reach the Web access and broker in the datacenter.
Questions:
Is there any way around this or any way it could be designed to allow users to start local published apps (not desktops) when users cannot reach the broker and web access servers.
Can you setup that if a broker is not available, the remote apps will still launch, just without load balancing and the feature to reconnect to disconnected sessions. So it should just launch directly against RDS host servers (You could probably use DNS RR to then still get some kind of client distribution across the hosts) ?
When setting up remote desktop clients on phones and computers, they require a URL feed. This is pointed to the Web access server "https://server.domain/rdweb/feed/webfeed/xxxxxx.aspx" does this mean that the web access server is mandatory to even be able to launch remote apps or is there another way to launch them that doesn't rely on the Web access server ?
Thanks
Martin
Dear colleagues and support.
That is not something that was solved here, I found a couple of similar problems with 2008r2, but it cannot be applied to latest OS. And problem described in other topics are a little different
Our case:
We are using large infrastructure based on many Servers 2012r2 all in one RDS servers (Broker, Web, SH is installed at every server). Many servers published behind some load balancer.
As we have a lot of servers in farm - we have a redirected profiles configured (over GPO) and placed at DFS.
We started testing 2016 servers, and our test group start reporting problems with "Remote Desktop Services is currently busy".
Usually problem solved itself in 1-2 min, user have to try several times before he is able to connect. There was no hanged user sessions or something like this or some useful even log as i can see.
There was no solution for 2016 problem over the internet, so I was hoping to find it with 2019 server.
But we are able to reproduce problem even on "clean", powerful (8 cores, SSD, 32 GB RAM), freshly installed server with single role (RDS) on it for the minimal number of users (1-2 users online)
So that is not something like server load or not enough resources.
I assume it is related somehow to redirected profiles or some service really "busy" with what? But why it is working stable for 2012R2 and has such problem with 2016/2019? May be we can adjust some parameters, timeouts or something like this?
Do we have any workaround for this except disabling redirected profiles or living forever based on 2012 r2 (that is not an option when you have a farm for 1000 users online and many member servers behind balancer)
Many thanks for your ideas!
Regards,
Sergii V
Hey
I'm trying to exclude this file from the UPD:
Added this in the GUI: \AppData\Local\Microsoft\Windows\UsrClass.dat
All new users still have the file included in the UPD file - why?
Michael
Hi, on some clients when connecting to a remoteapp the abort button is not displayed correctly.
On one of the clients where this problem is occurring is Windows 10 Enterprise Version 1809 (Build 17763.437) installed. The OS of the RDS-Server is Windows Server 2016 Standard.
Any ideas how to solve the problem?
We have a WinForms application we use as a remote desktop app and recently we've had multiple users report a situation where clicking on one monitor actually interacts with windows on another monitor. Restarting the remote desktop application seems to fix the problem. Our users have a two monitor setup.
Has anyone else experienced this issue?
Hello, I've got a question regarding the use of VDI and RDS at the same time.
We managed hotels and most of our front desk computers will be required to use VDI and not RDS due to software that has to be installed at each front desk pc for credit card and room keys and it won't work on RDS since each reader is independent.
My question is if we setup VDI for the front desk computers which will use Dell Wyse ThinOS and then all the other computers in the Hotel are RDS on Dell Wyse ThinOS can we set it up so that if a user logs into a front desk computer it goes to the VDI machine and then if they sign into a back office terminal it goes to the RDS server?
If that's possible do you just have the wyse terminal set to sign into the VDI machine using the vdi hostname or would you still point it to the Broker?
For RDS I've went into the DNS and put in a A record since we have multiple RDS servers. How would this work with VDI?
The other question is what is the difference between buying a VDI license vs just buying a Windows 10 license and putting that on a Hyper-V VM?
Thanks
Hello,
I'm receiving a few errors with my RDS 2016 build. Randomly a user, upon logging in will be given a temporary profile. I do the normal remediation steps by deleting the temp profile in the registry and Advance User options, the server is rebooted and they can log in fine. But after a while the error comes back again. All other users can remote in fine with no issues, it only effects one user at a time. A few errors I see....
1. Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
2.
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user (xxxxxxxxxxxxxxxxxx) SID (S-1-5-21-3444666529-4500789-23435591xx-xxxxx) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services
administrative tool.
The RDS server shows this error
3. Remote Desktop Services could not apply a user desktop for a user account with a SID of S-1-5-21-3444666529-4500789-23435591xx-xxxxx. A temporary profile was enforced for the user. Verify that the user profile disk settings are correct. The error code is 0x15.135
4. Remote Desktop Services could not attach a user profile disk for a user account with a SID of S-1-5-21-3444666529-4500789-23435591xx-xxxxx. The error code is 0x15.135
Thanks.
Please assist,
Seneb
Good afternoon,
We had some contract work done by a MITS company to deprovision our old RDS VMs and build a new one. Once the new one was in place, we started letting users into it, but we found a couple of strange problems I haven't encountered before.
-Right-Clicking doesn't work. I've checked the local GP, and the File Explorer context menus are not disabled. Neither is it disabled in the registry.
-In File Explorer, users do not see the "This PC" section in the left navigation pane, where they would normally select local and mapped drives. They can still access these drives by typing the file path in the navigation bar.
We do not have these problems with domain admins, only non-admin users. It happens if we RDP into it or use any other remote software, such as vsphere's remote in or Jade's ScreenConnect. These problems are not occurring on all of our other VMs, which are all WinSvr2012R2.
The crew who deployed this VM were not instructed to implement any special security measures, our previous GPOs and ACLs were sufficient for access control.
Can i add custom sign in option in addition to already available sign in options (password, smart Card) ?
Custom sign in option is related to smart card but without reading certificate on smart card. Rather it will perform sign in on other attributes fetched through smart card and comparing them againstemployee ID attribute of AD?
Rox_Star
We have a RDS (Remote Desktop Services) deployment, and recently went through the process of installing the HTML5 web client as per the directions at:
Our deployment is hosted on domain A, which has an active directory instance. There is also domain B with its own active directory instance, there is a two way trust between the two.
The problem we are having is that the traditional RD Web Access works fine for all users, but when users from domain B log on to the HTML 5 web client and try to open an app they get a message "We couldn't connect to the gateway because of an error". At the same time the browser console shows the following error:
Connection(ERR): The connection generated an internal exception with disconnect code=GatewayProtocolError(52), extended code=, reason=Gateway tunnel authorization failed with error code=2147965403
During troubleshooting we’ve tried:
Any ideas on other areas we can look at?
Hey
I have a few creative studens, who bypassed the blocking of cmd, and created some batch file.
One of them give the access to whole path c:/ trough the file explore .with this command: start %windir%\explorer.exe "C:\"
Im running some batch files my self for all the users, so i wont block for batch file running.
How do I stop or block for these creative studens. :-(
King Regards
Jerry
Hi,
Not sure if this should be asked here or not. If I have submitted in error, please let me know and I will redirect my query elsewhere.
We have an RDS platform (single GW/CB/Lic server - Windows Server 2016, 3 RDSH servers - also Windows Server 2016). The platform is accessed using HP Thin Clients via the Gateway's RDWeb feed. The clients connect fine and all applications and hardware devices appear to work correctly.
However, intermittently (doesn't seem to be any rhyme or reason that I can ascertain) one of the servers (it can be any of the three) will BSOD with a bugcheck of 0x0000009f (DRIVER_POWER_STATE_FAILURE). The server automatically reboots after a period of time and then works normally. Sometimes the BSOD happens only once, but then other times it will BSOD three or four times in a row shortly after coming up from the previous BSOD reboot.
From what I can gather, Windows is attempting (and failing) to instruct some device attached to the system (presumably via one of the remote sessions) to enter into a power saving mode and BSODs as a result. I have disabled USB power saving on the server but this does not resolve the issue. I have tested one of the RDSH servers by removing it from the connection pool and left it running without clients for a number of months and it has so far not given me any problems.
I took the MEMORY.DMP file (which is available for anyone to peruse upon request) and tried my best to analyse it using the tools available, and it seems to point to hidusb.sys, though I am unsure as to how to trace the problem any further.
All RDSH servers are patched with latest crticial/security patches as of a week ago.
Any possible thoughts as to avenues I could explore to diagnose/resolve this issue?
Thank you in advance for any advice you might be able to offer.
I have a windows 10 computer and it has a hyperv windows 10 VM within it. When I try to log into the VM using enhanced session mode of HyperV, which requires RDP support, my logon is refused with the classic 'you need the right to sign in...".
I have verified the following:
The account I am using to logon is an administrator account and also has the User right 'allow logon on through terminal services'
Remote desktop connection is enabled through control panel system.
Firewall port for RDP is open and allows anyone in.
Is there something I have missed?
Thanks
David Z
1.We have installed RDS (RDCB, RDSH, RDWeb) on one host. RDS service is working well without any errors. But if we open Server Manager->RDS we're getting "A
Remote Desktop Services deployment does not exist in the server pool.
To create a deployment, run the Add Roles and Features Wizard and select the Remote Desktop Services installation option."
2. We get the same error after Get-RDServer - "The RD Connection Broker server is not available"
3. If we add Roles-> RDS Installation, the next error - "could not retrieve the deployment information from the rd connection broker"
4. If we add this server to Server Manager on another host we receive - "Kerberos Security Issue". All hosts was added to Trusted.
All RDS services are running (including WID). ServerManager and Posh running by Administrator.
How to resolve it?
Dear concern,
I am using 200 RDS Device CALs. I am using 2 RDS server in workgroup environment. I installed RDS host and licensing role in my one server and installed 200 RDS CALs in this server. Also installed RDS host role in another server and map of the first one server as it's licensing server via local policy. Users randomly connect to these two server via Remote Desktop. Licensing server shown the 200 device CAL in console but when user connect to RDS server via thin client (non Microsoft endpoint) they can establish connection only for one hour and got a warning message"There is a problem with your license for Remote Desktop and the session will end in 60 minutes. Contact your system administrator to resolve this issue"then user forcibly disconnected. I had seen two things that RDS server didn't assign temporary license for thin client user and RDS license not count down, it fixed on 200.
Please response me ASAP.
Thanks,
Babu
Babu
I have setup a Windows RDS box on Server 2016 that runs in a VM. I've got The DDA (PCIe device passthrough) setup on a Nvidia P2000 gpu.
To make the RDS server use the gpu instead of the CPU for video which group policies should I modify?
Thank you