RDS 2012 R2 with a GW. We were using a reg edit to publish a users full desktop on the server. Friday, that published full desktop is not working like it use to via remoteapp. I'm not sure if a server windows update or client windows update overwrote the reg edit or not but when I look in HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\CentralPublishedResources\PublishedFarms\collectionname\RemoteDesktops\collectionname, the key is no longer in the server registry. I used this reg edit:

http://www.garethjones294.com/publishing-full-desktops-and-remoteapps-on-a-single-server-server-2012-r2-rds/

1. Does the licensing server portion need to be installed on a 2019 Domain Controller or can it be installed on a 2016 Domain Controller?

2. Can the SQL portion be installed on a 2016 Member server?

We've been operating a clusterized hyper-v remote desktop server for a few years now. 2 Hyper-V nodes, one management server / license server / broker / web interface ...

It basically works, live migration, iscsi-backstore, automatic collections (domain join...), UPD on network share... that part is quite nice actually.

Unfortunately there are some programs that don't survive the sysprep / automatic cloning, therefore I'm forced to create a manual collection, do domain join by hand etc etc. This appears to work, as long as I don't put a 2nd VM into that collection. We need UPD to work, but for some weird reason the 2nd and so forth VM don't even try to mount the profile disk. It's not that I forgot to remove the DVD drive and the LUN is blocked, been there, done that. That would create an error in the hyper-v node's log, but there is nothing I can find. Somehow something gets very confused :-(

Please forgive me for my incoherence, I'm quite a bit sleep deprived now.

Hoping that someone has seen this issue before, I don't know where else to look.

Robert

Hi!

I build a RDS deployment based on server 2016. After I finished building my session host and users tested it successfully, I cloned and sysprept the server in VMware vCenter.

Everything works fine and user can login and work on the servers without any problems.

When me and my colleague admins login to the cloned servers with our admin accounts, we always get a message like below;

User profile disks are configured in the environment. Folder redirection is enabled to redirect profile folders to H:\. This is inherited from the original RDS 2008 setup that we are migrating from.

I already tried to delete the entry from the profilelist key in the registry. But this didn't solve anything.

How can I fix this?

Hi everybody,

I have stand-alone Windows Server 2012 configured as DC (for further scalability) with appropriate domain and valid SSL Certificate. The machine is VIRTUAL.

Therefore, it's the same machine for every role (RD Gateway, RD Licensing etc).

Logging on as remote desktop user takes a few seconds and is quite OK.

Logging on of the same user(s) as a remote app always adds 60 secs of extra time.

I talk about the time after password prompt pops up, which happens almost immediately.

The following minute after confirming the password the logon dialog presents the message

"configuring remote desktop".

Those 60 seconds are well documented in the Event Log and the sequence is always the same.

It looks like two consecutive time-outs of 30 seconds each.

Below is an example of events sequence:

Event 1:

Log Name:      Microsoft-Windows-TerminalServices-Gateway/Operational
Source:        Microsoft-Windows-TerminalServices-Gateway
Date:          02/06/2019 09:53:51
Event ID:      312
Task Category: (3)
Level:         Information
Keywords:      
User:          NETWORK SERVICE
Computer:      computer_name.domain.example.com
Description:
The user "user@domain", on client computer "xx.xxx.xx.xxx:58554", has initiated an outbound connection. This connection may not be authenticated yet.
Event Xml:<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"><System><Provider Name="Microsoft-Windows-TerminalServices-Gateway" Guid="{4D5AE6A1-C7C8-4E6D-B840-4D8080B42E1B}" /><EventID>312</EventID><Version>0</Version><Level>0</Level><Task>3</Task><Opcode>30</Opcode><Keywords>0x4000000000000000</Keywords><TimeCreated SystemTime="2019-06-02T06:53:51.283267000Z" /><EventRecordID>31003</EventRecordID><Correlation ActivityID="{F9A66720-F292-459D-9E6D-40D1A86A0000}" /><Execution ProcessID="4696" ThreadID="15348" /><Channel>Microsoft-Windows-TerminalServices-Gateway/Operational</Channel><Computer>computer_name.domain.example.com</Computer><Security UserID="S-1-5-20" /></System><UserData><EventInfo xmlns="aag"><Username>user@domain</Username><IpAddress>xx.xxx.xx.xxx:58554</IpAddress></EventInfo></UserData></Event>

Event 2:
Log Name:      Microsoft-Windows-TerminalServices-Gateway/Operational
Source:        Microsoft-Windows-TerminalServices-Gateway
Date:          02/06/2019 09:53:51
Event ID:      313
Task Category: (3)
Level:         Information
Keywords:      
User:          NETWORK SERVICE
Computer:      computer_name.domain.example.com
Description:
The user "user@domain", on client computer "xx.xxx.xx.xxx:58558", has initiated an inbound connection. This connection may not be authenticated yet.
Event Xml:<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"><System><Provider Name="Microsoft-Windows-TerminalServices-Gateway" Guid="{4D5AE6A1-C7C8-4E6D-B840-4D8080B42E1B}" /><EventID>313</EventID><Version>0</Version><Level>0</Level><Task>3</Task><Opcode>30</Opcode><Keywords>0x4000000000000000</Keywords><TimeCreated SystemTime="2019-06-02T06:53:51.971015500Z" /><EventRecordID>31004</EventRecordID><Correlation ActivityID="{F9A66720-F292-459D-9E6D-40D1A86A0000}" /><Execution ProcessID="4696" ThreadID="3132" /><Channel>Microsoft-Windows-TerminalServices-Gateway/Operational</Channel><Computer>computer_name.domain.example.com</Computer><Security UserID="S-1-5-20" /></System><UserData><EventInfo xmlns="aag"><Username>user@domain</Username><IpAddress>xx.xxx.xx.xxx:58558</IpAddress></EventInfo></UserData></Event>

Event 3:
Log Name:      Microsoft-Windows-TerminalServices-Gateway/Operational
Source:        Microsoft-Windows-TerminalServices-Gateway
Date:          02/06/2019 09:53:52
Event ID:      313
Task Category: (3)
Level:         Information
Keywords:      
User:          NETWORK SERVICE
Computer:      computer_name.domain.example.com
Description:
The user "user@domain", on client computer "xx.xxx.xx.xxx:58558", has initiated an inbound connection. This connection may not be authenticated yet.
Event Xml:<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"><System><Provider Name="Microsoft-Windows-TerminalServices-Gateway" Guid="{4D5AE6A1-C7C8-4E6D-B840-4D8080B42E1B}" /><EventID>313</EventID><Version>0</Version><Level>0</Level><Task>3</Task><Opcode>30</Opcode><Keywords>0x4000000000000000</Keywords><TimeCreated SystemTime="2019-06-02T06:53:52.033537700Z" /><EventRecordID>31005</EventRecordID><Correlation ActivityID="{F9A66720-F292-459D-9E6D-40D1A86A0000}" /><Execution ProcessID="4696" ThreadID="15348" /><Channel>Microsoft-Windows-TerminalServices-Gateway/Operational</Channel><Computer>computer_name.domain.example.com</Computer><Security UserID="S-1-5-20" /></System><UserData><EventInfo xmlns="aag"><Username>user@domain</Username><IpAddress>xx.xxx.xx.xxx:58558</IpAddress></EventInfo></UserData></Event>

Event 4:
Log Name:      Microsoft-Windows-TerminalServices-Gateway/Operational
Source:        Microsoft-Windows-TerminalServices-Gateway
Date:          02/06/2019 09:53:52
Event ID:      200
Task Category: (2)
Level:         Information
Keywords:      Audit Success,(16777216)
User:          NETWORK SERVICE
Computer:      computer_name.domain.example.com
Description:
The user "domain\user", on client computer "xx.xxx.xx.xxx", met connection authorization policy requirements and was therefore authorized to access the RD Gateway server. The authentication method used was: "NTLM" and connection protocol used: "HTTP".
Event Xml:<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"><System><Provider Name="Microsoft-Windows-TerminalServices-Gateway" Guid="{4D5AE6A1-C7C8-4E6D-B840-4D8080B42E1B}" /><EventID>200</EventID><Version>0</Version><Level>4</Level><Task>2</Task><Opcode>30</Opcode><Keywords>0x4020000001000000</Keywords><TimeCreated SystemTime="2019-06-02T06:53:52.174207400Z" /><EventRecordID>31006</EventRecordID><Correlation ActivityID="{F9A66720-F292-459D-9E6D-40D1A86A0000}" /><Execution ProcessID="4696" ThreadID="3132" /><Channel>Microsoft-Windows-TerminalServices-Gateway/Operational</Channel><Computer>computer_name.domain.example.com</Computer><Security UserID="S-1-5-20" /></System><UserData><EventInfo xmlns="aag"><Username>domain\user</Username><IpAddress>xx.xxx.xx.xxx</IpAddress><AuthType>NTLM</AuthType><Resource></Resource><ConnectionProtocol>HTTP</ConnectionProtocol><ErrorCode>0</ErrorCode></EventInfo></UserData></Event>

Event 5:
Log Name:      Microsoft-Windows-TerminalServices-Gateway/Operational
Source:        Microsoft-Windows-TerminalServices-Gateway
Date:          02/06/2019 09:53:52
Event ID:      300
Task Category: (5)
Level:         Information
Keywords:      Audit Success,(16777216)
User:          NETWORK SERVICE
Computer:      computer_name.domain.example.com
Description:
The user "domain\user", on client computer "xx.xxx.xx.xxx", met resource authorization policy requirements and was therefore authorized to connect to resource "computer_name.domain.example.com".
Event Xml:<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"><System><Provider Name="Microsoft-Windows-TerminalServices-Gateway" Guid="{4D5AE6A1-C7C8-4E6D-B840-4D8080B42E1B}" /><EventID>300</EventID><Version>0</Version><Level>4</Level><Task>5</Task><Opcode>30</Opcode><Keywords>0x4020000001000000</Keywords><TimeCreated SystemTime="2019-06-02T06:53:52.236734600Z" /><EventRecordID>31007</EventRecordID><Correlation ActivityID="{F9A66720-F292-459D-9E6D-40D1A86A0000}" /><Execution ProcessID="4696" ThreadID="1984" /><Channel>Microsoft-Windows-TerminalServices-Gateway/Operational</Channel><Computer>computer_name.domain.example.com</Computer><Security UserID="S-1-5-20" /></System><UserData><EventInfo xmlns="aag"><Username>domain\user</Username><IpAddress>xx.xxx.xx.xxx</IpAddress><AuthType></AuthType><Resource>computer_name.domain.example.com</Resource><ConnectionProtocol></ConnectionProtocol><ErrorCode>0</ErrorCode></EventInfo></UserData></Event>

Event 6:
Log Name:      Microsoft-Windows-TerminalServices-Gateway/Operational
Source:        Microsoft-Windows-TerminalServices-Gateway
Date:          02/06/2019 09:53:52
Event ID:      302
Task Category: (3)
Level:         Information
Keywords:      (16777216)
User:          NETWORK SERVICE
Computer:      computer_name.domain.example.com
Description:
The user "domain\user", on client computer "xx.xxx.xx.xxx", connected to resource "computer_name.domain.example.com". Connection protocol used: "HTTP".
Event Xml:<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"><System><Provider Name="Microsoft-Windows-TerminalServices-Gateway" Guid="{4D5AE6A1-C7C8-4E6D-B840-4D8080B42E1B}" /><EventID>302</EventID><Version>0</Version><Level>4</Level><Task>3</Task><Opcode>30</Opcode><Keywords>0x4000000001000000</Keywords><TimeCreated SystemTime="2019-06-02T06:53:52.252342300Z" /><EventRecordID>31008</EventRecordID><Correlation ActivityID="{F9A66720-F292-459D-9E6D-40D1A86A0000}" /><Execution ProcessID="4696" ThreadID="1984" /><Channel>Microsoft-Windows-TerminalServices-Gateway/Operational</Channel><Computer>computer_name.domain.example.com</Computer><Security UserID="S-1-5-20" /></System><UserData><EventInfo xmlns="aag"><Username>domain\user</Username><IpAddress>xx.xxx.xx.xxx</IpAddress><AuthType></AuthType><Resource>computer_name.domain.example.com</Resource><ConnectionProtocol>HTTP</ConnectionProtocol><ErrorCode>0</ErrorCode></EventInfo></UserData></Event>

Event 7:

Log Name:      Microsoft-Windows-TerminalServices-SessionBroker/Operational
Source:        Microsoft-Windows-TerminalServices-SessionBroker
Date:          02/06/2019 09:54:05
Event ID:      819
Task Category: RD Connection Broker processes connection request
Level:         Verbose
Keywords:      
User:          NETWORK SERVICE
Computer:      computer_name.domain.example.com
Description:
This connection request has timed out. User could not log on to the end point within the alloted time. Remote Desktop Connection Broker will stop monitoring this connection request.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"><System><Provider Name="Microsoft-Windows-TerminalServices-SessionBroker" Guid="{D1737620-6A25-4BEF-B07B-AAC3DF44EFC9}" /><EventID>819</EventID><Version>0</Version><Level>5</Level><Task>101</Task><Opcode>11</Opcode><Keywords>0x2000000000000000</Keywords><TimeCreated SystemTime="2019-06-02T06:54:05.832911900Z" /><EventRecordID>534539</EventRecordID><Correlation ActivityID="{F420F4EE-0602-48B0-BB7C-BEDE86130000}" /><Execution ProcessID="4596" ThreadID="13724" /><Channel>Microsoft-Windows-TerminalServices-SessionBroker/Operational</Channel><Computer>computer_name.domain.example.com</Computer><Security UserID="S-1-5-20" /></System><EventData></EventData></Event>

Event 8:

Log Name:      Microsoft-Windows-TerminalServices-Gateway/Operational
Source:        Microsoft-Windows-TerminalServices-Gateway
Date:          02/06/2019 09:54:22
Event ID:      303
Task Category: (3)
Level:         Information
Keywords:      (16777216)
User:          NETWORK SERVICE
Computer:      computer_name.domain.example.com
Description:
The user "domain\user", on client computer "xx.xxx.xx.xxx", disconnected from the following network resource: "computer_name.domain.example.com". Before the user disconnected, the client transferred 229 bytes and received 156 bytes. The client session duration was 30 seconds. Connection protocol used: "HTTP".
Event Xml:<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"><System><Provider Name="Microsoft-Windows-TerminalServices-Gateway" Guid="{4D5AE6A1-C7C8-4E6D-B840-4D8080B42E1B}" /><EventID>303</EventID><Version>0</Version><Level>4</Level><Task>3</Task><Opcode>44</Opcode><Keywords>0x4000000001000000</Keywords><TimeCreated SystemTime="2019-06-02T06:54:22.319436200Z" /><EventRecordID>31009</EventRecordID><Correlation ActivityID="{F9A66720-F292-459D-9E6D-40D1A86A0000}" /><Execution ProcessID="4696" ThreadID="15348" /><Channel>Microsoft-Windows-TerminalServices-Gateway/Operational</Channel><Computer>computer_name.domain.example.com</Computer><Security UserID="S-1-5-20" /></System><UserData><EventInfo xmlns="aag"><Username>domain\user</Username><IpAddress>xx.xxx.xx.xxx</IpAddress><AuthType></AuthType><Resource>computer_name.domain.example.com</Resource><BytesReceived>156</BytesReceived><BytesTransfered>229</BytesTransfered><SessionDuration>30</SessionDuration><ConnectionProtocol>HTTP</ConnectionProtocol><ErrorCode>1226</ErrorCode></EventInfo></UserData></Event>

Event 9:

Log Name:      Microsoft-Windows-TerminalServices-Gateway/Operational
Source:        Microsoft-Windows-TerminalServices-Gateway
Date:          02/06/2019 09:54:22
Event ID:      300
Task Category: (5)
Level:         Information
Keywords:      Audit Success,(16777216)
User:          NETWORK SERVICE
Computer:      computer_name.domain.example.com
Description:
The user "domain\user", on client computer "xx.xxx.xx.xxx", met resource authorization policy requirements and was therefore authorized to connect to resource "computer_name.domain.example.com".
Event Xml:<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"><System><Provider Name="Microsoft-Windows-TerminalServices-Gateway" Guid="{4D5AE6A1-C7C8-4E6D-B840-4D8080B42E1B}" /><EventID>300</EventID><Version>0</Version><Level>4</Level><Task>5</Task><Opcode>30</Opcode><Keywords>0x4020000001000000</Keywords><TimeCreated SystemTime="2019-06-02T06:54:22.397561300Z" /><EventRecordID>31010</EventRecordID><Correlation ActivityID="{F9A66720-F292-459D-9E6D-40D1A86A0000}" /><Execution ProcessID="4696" ThreadID="5640" /><Channel>Microsoft-Windows-TerminalServices-Gateway/Operational</Channel><Computer>computer_name.domain.example.com</Computer><Security UserID="S-1-5-20" /></System><UserData><EventInfo xmlns="aag"><Username>domain\user</Username><IpAddress>xx.xxx.xx.xxx</IpAddress><AuthType></AuthType><Resource>computer_name.domain.example.com</Resource><ConnectionProtocol></ConnectionProtocol><ErrorCode>0</ErrorCode></EventInfo></UserData></Event>

Event 10:

Log Name:      Microsoft-Windows-TerminalServices-Gateway/Operational
Source:        Microsoft-Windows-TerminalServices-Gateway
Date:          02/06/2019 09:54:22
Event ID:      302
Task Category: (3)
Level:         Information
Keywords:      (16777216)
User:          NETWORK SERVICE
Computer:      computer_name.domain.example.com
Description:
The user "domain\user", on client computer "xx.xxx.xx.xxx", connected to resource "computer_name.domain.example.com". Connection protocol used: "HTTP".
Event Xml:<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"><System><Provider Name="Microsoft-Windows-TerminalServices-Gateway" Guid="{4D5AE6A1-C7C8-4E6D-B840-4D8080B42E1B}" /><EventID>302</EventID><Version>0</Version><Level>4</Level><Task>3</Task><Opcode>30</Opcode><Keywords>0x4000000001000000</Keywords><TimeCreated SystemTime="2019-06-02T06:54:22.397561300Z" /><EventRecordID>31011</EventRecordID><Correlation ActivityID="{F9A66720-F292-459D-9E6D-40D1A86A0000}" /><Execution ProcessID="4696" ThreadID="5640" /><Channel>Microsoft-Windows-TerminalServices-Gateway/Operational</Channel><Computer>computer_name.domain.example.com</Computer><Security UserID="S-1-5-20" /></System><UserData><EventInfo xmlns="aag"><Username>domain\user</Username><IpAddress>xx.xxx.xx.xxx</IpAddress><AuthType></AuthType><Resource>computer_name.domain.example.com</Resource><ConnectionProtocol>HTTP</ConnectionProtocol><ErrorCode>0</ErrorCode></EventInfo></UserData></Event>

Event 11:

Log Name:      Microsoft-Windows-TerminalServices-Gateway/Operational
Source:        Microsoft-Windows-TerminalServices-Gateway
Date:          02/06/2019 09:54:54
Event ID:      302
Task Category: (3)
Level:         Information
Keywords:      (16777216)
User:          NETWORK SERVICE
Computer:      computer_name.domain.example.com
Description:
The user "domain\user", on client computer "xx.xxx.xx.xxx", connected to resource "computer_name.domain.example.com". Connection protocol used: "UDP".
Event Xml:<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"><System><Provider Name="Microsoft-Windows-TerminalServices-Gateway" Guid="{4D5AE6A1-C7C8-4E6D-B840-4D8080B42E1B}" /><EventID>302</EventID><Version>0</Version><Level>4</Level><Task>3</Task><Opcode>30</Opcode><Keywords>0x4000000001000000</Keywords><TimeCreated SystemTime="2019-06-02T06:54:54.123103000Z" /><EventRecordID>31012</EventRecordID><Correlation ActivityID="{F9A66720-F292-459D-9E6D-40D1A86A0000}" /><Execution ProcessID="4696" ThreadID="3132" /><Channel>Microsoft-Windows-TerminalServices-Gateway/Operational</Channel><Computer>computer_name.domain.example.com</Computer><Security UserID="S-1-5-20" /></System><UserData><EventInfo xmlns="aag"><Username>domain\user</Username><IpAddress>xx.xxx.xx.xxx</IpAddress><AuthType></AuthType><Resource>computer_name.domain.example.com</Resource><ConnectionProtocol>UDP</ConnectionProtocol><ErrorCode>0</ErrorCode></EventInfo></UserData></Event>

Event 12:

Log Name:      Microsoft-Windows-TerminalServices-Gateway/Operational
Source:        Microsoft-Windows-TerminalServices-Gateway
Date:          02/06/2019 09:54:54
Event ID:      205
Task Category: (2)
Level:         Information
Keywords:      (16777216)
User:          NETWORK SERVICE
Computer:      computer_name.domain.example.com
Description:
The user "domain\user", on client computer "xx.xxx.xx.xxx", successfully connected to the remote server "computer_name.domain.example.com" using UDP proxy. The authentication method used was: "Cookie".
Event Xml:<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"><System><Provider Name="Microsoft-Windows-TerminalServices-Gateway" Guid="{4D5AE6A1-C7C8-4E6D-B840-4D8080B42E1B}" /><EventID>205</EventID><Version>0</Version><Level>4</Level><Task>2</Task><Opcode>30</Opcode><Keywords>0x4000000001000000</Keywords><TimeCreated SystemTime="2019-06-02T06:54:54.123103000Z" /><EventRecordID>31013</EventRecordID><Correlation ActivityID="{F9A66720-F292-459D-9E6D-40D1A86A0000}" /><Execution ProcessID="4696" ThreadID="15808" /><Channel>Microsoft-Windows-TerminalServices-Gateway/Operational</Channel><Computer>computer_name.domain.example.com</Computer><Security UserID="S-1-5-20" /></System><UserData><EventInfo xmlns="aag"><Username>domain\user</Username><IpAddress>xx.xxx.xx.xxx</IpAddress><AuthType>Cookie</AuthType><Resource>computer_name.domain.example.com</Resource><BytesReceived></BytesReceived><BytesTransfered></BytesTransfered><SessionDuration></SessionDuration><ConnectionProtocol></ConnectionProtocol><ErrorCode>0</ErrorCode></EventInfo></UserData></Event>

Event 13:

Log Name:      Microsoft-Windows-TerminalServices-Gateway/Operational
Source:        Microsoft-Windows-TerminalServices-Gateway
Date:          02/06/2019 09:54:54
Event ID:      302
Task Category: (3)
Level:         Information
Keywords:      (16777216)
User:          NETWORK SERVICE
Computer:      computer_name.domain.example.com
Description:
The user "domain\user", on client computer "xx.xxx.xx.xxx", connected to resource "computer_name.domain.example.com". Connection protocol used: "UDP".
Event Xml:<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"><System><Provider Name="Microsoft-Windows-TerminalServices-Gateway" Guid="{4D5AE6A1-C7C8-4E6D-B840-4D8080B42E1B}" /><EventID>302</EventID><Version>0</Version><Level>4</Level><Task>3</Task><Opcode>30</Opcode><Keywords>0x4000000001000000</Keywords><TimeCreated SystemTime="2019-06-02T06:54:54.123103000Z" /><EventRecordID>31014</EventRecordID><Correlation ActivityID="{F9A66720-F292-459D-9E6D-40D1A86A0000}" /><Execution ProcessID="4696" ThreadID="3132" /><Channel>Microsoft-Windows-TerminalServices-Gateway/Operational</Channel><Computer>computer_name.domain.example.com</Computer><Security UserID="S-1-5-20" /></System><UserData><EventInfo xmlns="aag"><Username>domain\user</Username><IpAddress>xx.xxx.xx.xxx</IpAddress><AuthType></AuthType><Resource>computer_name.domain.example.com</Resource><ConnectionProtocol>UDP</ConnectionProtocol><ErrorCode>0</ErrorCode></EventInfo></UserData></Event>

Event 14:

Log Name:      Microsoft-Windows-TerminalServices-Gateway/Operational
Source:        Microsoft-Windows-TerminalServices-Gateway
Date:          02/06/2019 09:54:54
Event ID:      205
Task Category: (2)
Level:         Information
Keywords:      (16777216)
User:          NETWORK SERVICE
Computer:      computer_name.domain.example.com
Description:
The user "domain\user", on client computer "xx.xxx.xx.xxx", successfully connected to the remote server "computer_name.domain.example.com" using UDP proxy. The authentication method used was: "Cookie".
Event Xml:<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"><System><Provider Name="Microsoft-Windows-TerminalServices-Gateway" Guid="{4D5AE6A1-C7C8-4E6D-B840-4D8080B42E1B}" /><EventID>205</EventID><Version>0</Version><Level>4</Level><Task>2</Task><Opcode>30</Opcode><Keywords>0x4000000001000000</Keywords><TimeCreated SystemTime="2019-06-02T06:54:54.123103000Z" /><EventRecordID>31015</EventRecordID><Correlation ActivityID="{F9A66720-F292-459D-9E6D-40D1A86A0000}" /><Execution ProcessID="4696" ThreadID="12344" /><Channel>Microsoft-Windows-TerminalServices-Gateway/Operational</Channel><Computer>computer_name.domain.example.com</Computer><Security UserID="S-1-5-20" /></System><UserData><EventInfo xmlns="aag"><Username>domain\user</Username><IpAddress>xx.xxx.xx.xxx</IpAddress><AuthType>Cookie</AuthType><Resource>computer_name.domain.example.com</Resource><BytesReceived></BytesReceived><BytesTransfered></BytesTransfered><SessionDuration></SessionDuration><ConnectionProtocol></ConnectionProtocol><ErrorCode>0</ErrorCode></EventInfo></UserData></Event>

Event 15:

Log Name:      Microsoft-Windows-TerminalServices-Gateway/Operational
Source:        Microsoft-Windows-TerminalServices-Gateway
Date:          02/06/2019 09:54:54
Event ID:      303
Task Category: (3)
Level:         Information
Keywords:      (16777216)
User:          NETWORK SERVICE
Computer:      computer_name.domain.example.com
Description:
The user "domain\user", on client computer "xx.xxx.xx.xxx", disconnected from the following network resource: "computer_name.domain.example.com". Before the user disconnected, the client transferred 637 bytes and received 4567 bytes. The client session duration was 0 seconds. Connection protocol used: "UDP".
Event Xml:<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"><System><Provider Name="Microsoft-Windows-TerminalServices-Gateway" Guid="{4D5AE6A1-C7C8-4E6D-B840-4D8080B42E1B}" /><EventID>303</EventID><Version>0</Version><Level>4</Level><Task>3</Task><Opcode>44</Opcode><Keywords>0x4000000001000000</Keywords><TimeCreated SystemTime="2019-06-02T06:54:54.466828900Z" /><EventRecordID>31016</EventRecordID><Correlation ActivityID="{F9A66720-F292-459D-9E6D-40D1A86A0000}" /><Execution ProcessID="4696" ThreadID="3132" /><Channel>Microsoft-Windows-TerminalServices-Gateway/Operational</Channel><Computer>computer_name.domain.example.com</Computer><Security UserID="S-1-5-20" /></System><UserData><EventInfo xmlns="aag"><Username>domain\user</Username><IpAddress>xx.xxx.xx.xxx</IpAddress><AuthType></AuthType><Resource>computer_name.domain.example.com</Resource><BytesReceived>4567</BytesReceived><BytesTransfered>637</BytesTransfered><SessionDuration>0</SessionDuration><ConnectionProtocol>UDP</ConnectionProtocol><ErrorCode>1226</ErrorCode></EventInfo></UserData></Event>

Event 16:

Log Name:      Microsoft-Windows-TerminalServices-Gateway/Operational
Source:        Microsoft-Windows-TerminalServices-Gateway
Date:          02/06/2019 09:54:54
Event ID:      303
Task Category: (3)
Level:         Information
Keywords:      (16777216)
User:          NETWORK SERVICE
Computer:      computer_name.domain.example.com
Description:
The user "domain\user", on client computer "xx.xxx.xx.xxx", disconnected from the following network resource: "computer_name.domain.example.com". Before the user disconnected, the client transferred 1641 bytes and received 7160 bytes. The client session duration was 0 seconds. Connection protocol used: "UDP".
Event Xml:<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"><System><Provider Name="Microsoft-Windows-TerminalServices-Gateway" Guid="{4D5AE6A1-C7C8-4E6D-B840-4D8080B42E1B}" /><EventID>303</EventID><Version>0</Version><Level>4</Level><Task>3</Task><Opcode>44</Opcode><Keywords>0x4000000001000000</Keywords><TimeCreated SystemTime="2019-06-02T06:54:54.529322500Z" /><EventRecordID>31017</EventRecordID><Correlation ActivityID="{F9A66720-F292-459D-9E6D-40D1A86A0000}" /><Execution ProcessID="4696" ThreadID="15808" /><Channel>Microsoft-Windows-TerminalServices-Gateway/Operational</Channel><Computer>computer_name.domain.example.com</Computer><Security UserID="S-1-5-20" /></System><UserData><EventInfo xmlns="aag"><Username>domain\user</Username><IpAddress>xx.xxx.xx.xxx</IpAddress><AuthType></AuthType><Resource>computer_name.domain.example.com</Resource><BytesReceived>7160</BytesReceived><BytesTransfered>1641</BytesTransfered><SessionDuration>0</SessionDuration><ConnectionProtocol>UDP</ConnectionProtocol><ErrorCode>1226</ErrorCode></EventInfo></UserData></Event>

Event 17:

Log Name:      Microsoft-Windows-TerminalServices-SessionBroker/Operational
Source:        Microsoft-Windows-TerminalServices-SessionBroker
Date:          02/06/2019 09:54:54
Event ID:      800
Task Category: RD Connection Broker processes connection request
Level:         Verbose
Keywords:      
User:          NETWORK SERVICE
Computer:      computer_name.domain.example.com
Description:
RD Connection Broker received connection request for user domain\user. 
Hints in the RDP file (TSV URL) = tsv://MS Terminal Services Plugin.1.RemoteApps 
Initial Application = rdpinit.exe 
Call came from Redirector Server = computer_name.domain.example.com 
Redirector is configured as Virtual machine redirector
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"><System><Provider Name="Microsoft-Windows-TerminalServices-SessionBroker" Guid="{D1737620-6A25-4BEF-B07B-AAC3DF44EFC9}" /><EventID>800</EventID><Version>0</Version><Level>5</Level><Task>101</Task><Opcode>11</Opcode><Keywords>0x2000000000000000</Keywords><TimeCreated SystemTime="2019-06-02T06:54:54.669933800Z" /><EventRecordID>534540</EventRecordID><Correlation ActivityID="{F420EE10-A030-485A-8B06-EFE8C1E30000}" /><Execution ProcessID="4596" ThreadID="13724" /><Channel>Microsoft-Windows-TerminalServices-SessionBroker/Operational</Channel><Computer>computer_name.domain.example.com</Computer><Security UserID="S-1-5-20" /></System><UserData><EventXML xmlns="Event_NS"><param1>domain\user</param1><param2>tsv://MS Terminal Services Plugin.1.RemoteApps</param2><param3>rdpinit.exe</param3><param4>computer_name.domain.example.com</param4><param5>Virtual machine redirector</param5></EventXML></UserData></Event>

Event 18:
Log Name:      Microsoft-Windows-TerminalServices-SessionBroker/Operational
Source:        Microsoft-Windows-TerminalServices-SessionBroker
Date:          02/06/2019 09:54:55
Event ID:      801
Task Category: RD Connection Broker processes connection request
Level:         Verbose
Keywords:      
User:          NETWORK SERVICE
Computer:      computer_name.domain.example.com
Description:
RD Connection Broker successfully processed the connection request for user domain\user. Redirection info: 
Target Name = COMPUTER_NAME 
Target IP Address = XXX.X.XX.XXX, a000:b000:c000::d000:e000 
Target Netbios = COMPUTER_NAME 
Target FQDN = computer_name.domain.example.com 
Disconnected Session Found = 0x0
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"><System><Provider Name="Microsoft-Windows-TerminalServices-SessionBroker" Guid="{D1737620-6A25-4BEF-B07B-AAC3DF44EFC9}" /><EventID>801</EventID><Version>0</Version><Level>5</Level><Task>101</Task><Opcode>11</Opcode><Keywords>0x2000000000000000</Keywords><TimeCreated SystemTime="2019-06-02T06:54:55.091773200Z" /><EventRecordID>534541</EventRecordID><Correlation ActivityID="{F420EE10-A030-485A-8B06-EFE8C1E30000}" /><Execution ProcessID="4596" ThreadID="6204" /><Channel>Microsoft-Windows-TerminalServices-SessionBroker/Operational</Channel><Computer>computer_name.domain.example.com</Computer><Security UserID="S-1-5-20" /></System><UserData><EventXML xmlns="Event_NS"><param1>domain\user</param1><param2>COMPUTER_NAME</param2><param3>XXX.X.XX.XXX, a000:b000:c000::d000:e000</param3><param4>COMPUTER_NAME</param4><param5>computer_name.domain.example.com</param5><param6>0x0</param6></EventXML></UserData></Event>

I have numbered the events for ease of reference.

As can be seen from event #7  and #14 the user disconnects twice after 30 sec timeout.

From some research it seems like a possible problem may be in the VM settings, which is not in my control so if it is the case I would have to know what exactly to ask from the hosting service.

Any idea/solution will be greatly appreciated!

Within Hyper-V we have set up the following multi-tenant domain where every customer has his own child domain and Private VLAN (customer tenant is in a Secondary Community VLAN). All machines are therefore Hyper-v guests.
The following problem occurs here. When an RDS server is placed in the Promiscouous VLAN, you can set up a UDP-enabled RDP connection from outside externally via the RD Gateway without a problem. However, if you place this RDS server in the secondary community VLAN, the UDP connection drops. In the log of the RDS gateway you can see that a UDP connection is being set up for a short time, but that it is almost immediately terminated.

So this seems to be a issue with UDP traffic on secondary community VLAN mode. Had anyone had this kind of issue? We tried the RDS VM on different hyper-v clusters (2016 /2019). Updated all the host drivers to the latest

Hi

I have setup a Windows Server 2016 RDS Server with Certificate as,

• RD Connection Broker - Enable Sign on - Trusted - OK
• RD Connection Broker - Publishing - Trusted - OK
• RD Web Access - Trusted - OK
• RD Gateway - Trusted - OK

It works well , I can start the RD Web Access without any error.. but when I trying add RemoteApp in clients Desktop, I got Error messages about Security Certificate.

How will I do to fix that ?

Please help me

----- S-O-K-O-B-A-N -----

Hi,

I have set up a brand new 2012R2 RDS farm but I have a strange behavior that I am unable to fix : 

"Idle session limit" and "End a disconnected session" are set by GPO  ( 1 hour, each)

But each time a user reach one of this limit, this cause an issue on the terminal server service : 

 - svchost process ( attached to terminal service) becomes unresponsive

- no more users are able to login  ( login process goes fine, no error message; but users get a black screen... CTRL+ALT+DEL works and permits to launch some commands ( calc, notepad...) 

- connected users can't close their session : they get stuck at " waiting for user profile service"

Any idea of what is happening ?

Thank you.

Hi Guys,

I'm unable to active RDP Cals on Server 2019 Standard. Please see below steps and errors

They keys we received from our Partner Portal. 

I'm not able to post images as I get the below:

I have a setup RDP setup that refuses to hand out cals. to be fair i didn't set this up and my other infrastructure deployment do not seem to have this issue.

Cals are not handed out and also in the RDS console its is displaying the error message 

The system can not determine if the Licensing server is a member of the TSLS group in Active Directory Domain Services ADDS as ADDS cannot be contacted.

I have followed an article thats confirm via ADSI edit that the permissions are correct and also confirmed permissions and group membership via the use of process explorer. Also i cvan confirm that the server is a member of the domain built in grp TSLS......

i have tested name resolution and also Firewall settings even comparing this to a working set of infrastructure  and it all seem to match. anyone have any ideas as i am not finding a deal on the web other than link that seem to remain un resolved.

Hi All

I have a virtualised (VMWare) RDS 2012R2 environment with 20 Session hosts spread across 6 Dell ESXI Hosts - 2 Sets of different PowerEdge Models. Over the past 4-6 weeks we have started to get multiple event 7011's followed by a 7046.

A timeout (30000 milliseconds) was reached while waiting for a transaction response from the UmRdpService service.

The following service has repeatedly stopped responding to service control requests: Remote Desktop Services UserMode Port Redirector

At this point some existing connected users cant sign out and applications start to crash including explorer.exe. Trying to shutdown via the GUI just hangs and the only way to get the server back is to reset the power using vSphere console. 

Applications on the Session Hosts are mainly MS Office 2016, Acrobat Reader, 7Zip and Webroot AV. Windows OS and applications are fully patched and up to date and Dell Firmware and drivers are fully up to date. 

Users connect in via RemoteApp and local drives and printers are redirected into their sessions. 

The weird thing is, like clockwork the crashes happen at the end of each day usually between 16:00 - 18:00 - To me its like a degradation symptom or perhaps its the actions of users disconnecting or logging off their session - Its affecting a couple of servers each day. 

On top of this, it appears 7011, 7046 results in a BSOD. I have grabbed the Memory.dmp file and opened it with WinDbg. 

Im now trying to figure out the dmp - uploaded to PasteBin here (happy to paste dmp here but didnt want to "dump" to much information in the post)

What stands out to me is rdbss.sys

Probably caused by : rdbss.sys ( rdbss!__RxAcquireFcb+1f3 )

IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high.  This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 0000000000000000, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, bitfield :
bit 0 : value 0 = read operation, 1 = write operation
bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: fffff80179d3ba44, address which referenced memory

BUCKET_ID:  AV_rdbss!__RxAcquireFcb

PRIMARY_PROBLEM_CLASS:  AV_rdbss!__RxAcquireFcb

My rdbss.sys version - 6.3.9600.18895

Can anyone help to try and decipher the above and suggest next/best cause of action?

Many thanks :)

Scope of this is that out of dozens of accounts that work fine for rdwc sessions, there are two that do not.  The connection starts but within a few seconds fails with, user facing side, 'we couldn't connect to gateway because of an error.'  When running a capture, the key error appears to be:

Any pointers in the right direction, or if anyone else has seen these errors, would be much appreciated!

Working on an environment with all 2016 servers.  Parent.local domain and child.parent.local domain.  If I log into RD-sessionhost.child.parent.local session host with a user in the parent.local domain everything works except group policy.  On the session host server I see event ID: 1053 processing of group policy failed.  Windows could not resolve the user name.  The RDSH is joined to the child.parent.local domain but is on a separate VLAN and only allowed to communicate with the child.parent.local network but not the parent.local network.  The child.parent.local network can fully communicate with the parent.local network and no issues there.  Does the session host in child.parent.local network need to communicate directly with the parent.local network for group policy to work? 

Thanks in advance!!

Hi All

It's been a while, good to be back though.

Cutting to the chase, for expediency I want to add (possibly a pair) of 2019 GWs to our current production 2012R2 farm:

1.  Can 2019 GWs front up a 2012 farm (CB/Web/Hosts)?

2.  Or do I need to update the RDWB, RDCBs to 2019 also?

Would have been useful for the doc to be updated: https://docs.microsoft.com/en-us/windows-server/remote/remote-desktop-services/upgrade-to-rds#flow-for-deployment-upgrades

3. Also want to implement 2FA or or some type of one time auth (SMS) without Azure etc.

https://duo.com/docs/rds ??

We have two RDS 2012R2 farms in separate buildings totaling somewhere around 45 servers, a 2012 PoC used for UAT and a nice shiny new 2019 PoC farm for testing (fixes a few bugs in 2012 R2 RDS), one which we call 'switching' where the wrong window is presented to the user upon an auto reconnect post network dropping.

I'm looking to find an expedient solution.  I know adding all the apps and several of our tricks to ensure 16-bit applications function (yes don't fall off your seats) take TIME.  I also know that calling 2012R2 RDP application files 'workspace' from 2019 RDHosts works well too, so am pondering leaving all apps on 2012R2 and fronting using 2019.

Something like this:

User > 2019 RDWB > 2019 RDCB > 2019 RDHost (x2 for HA in each container) > calls RDP files (you can find these in Control Panel) which directs user to 2012 RDHosts (which have all the apps on).  This would avoid reinstalling all apps and still retain HA.  I've tested this on a 2019 PoC, all good and quite funky!

But maybe there are other options?

Lea

So I am having a little issue.  Made a single session server setup. Ran it as a local LAN setup and was successfully deployed.

Cool I thought, it was ready to meet the internet.

generated a cert  session.domainnamehere.com. Added the cert to trusted storage, then exported to create pfx and tried to add to the RDWeb services.  I was given an error that only one of the two servers could be contacted. 

There is no indication as to what the second server was to be.

ran set-RDPublishedName.ps1 and it reported success however the URL showing in the services management window still indicates the URL as https://machinename.domain.local rather than session.domainamehere.com

Verified that IIS default site, RDWeb, Pages, DefaultTSGateway was set to the correct URL.

I did not think that I needed to run RD Gateway setup in this scenario, but ran it anyway.  Added the external domain name as requested. Added cert with a trusted blessing but a warning that the same cert has to be applied for the RDWeb service as well. Tried to add the cert to RDWeb service and same cannot contact one of two servers error showed up.

removed Remote services role.  Re added Remote services role.  Was not given opportunity to input URL as I was given on the first time through.  Still showed up with the old URL ready to cause me havoc. 

RDWeb now does not show any thing to choose in the user window. Not even the quickstart apps, nor newly created ones. 

So It looks like I have two issues.  How to get the RDWeb service talking as if it is on the same server as it is (with the correct URL expressed). And issue two how to clean up the RDWeb collection data.

Hello,

I upgraded our RDS infrastructure to Server 2019 and ti seems any kind of right click context menu or admin prompt will eventually crash the session after about 15-20 seconds. For instance, with an admin prompt after you enter the credentials, a remaining white box will hang around until the remote session crashes. No settings were changed between Server 2016 and Server 2019 however the infrastructure is in VMWare. Also, If I turn off Remote FX the box is then black and the same thing occurs. Please Help!

Thanks!

We have 22 Thin Client servers with domain FL @ 2016. All 22 servers are running 2016 Standard. DC's are Server 2016 Standard. We are also all Windows 10. Patched and running fine.

We are migrating to a new web filter that requires us to Use automatic configuration script. We have tried pushing it out with GPO and registry keys. I have also tried applying the setting locally on the machine.

We can see the Automatically detect settings change. It shows it has applied with gpresult /r but the address never shows up in the address bar. I can manually add it to an account but we have over 1k users in different OU's and this will not work.

No events in the event log and the WinHTTP Web proxy Auto service is running.

I created a separate OU just for this test and it is applied to our user.

This has our Filter engineer baffled and I have been trying for days.

Any help would be great.

Thanks.

1. Does the licensing server portion need to be installed on a 2019 Domain Controller or can it be installed on a 2016 Domain Controller?

2. Can the SQL portion be installed on a 2016 Member server?

Posting this for the benefit of everyone who comes across this issue.

Environment: Windows Server 2016 RDS

Issue: After applying Windows updates, Remote Desktop Management service fails to start.

Errors: 

eventID 7036 - The Remote Desktop Management service entered the stopped state.

event ID 1: The Remote Desktop Management service failed to start. Error code: 0x88250003

Fix: 

Uninstall KB4493470 Windows update and reboot. It takes about an hour to uninstall and apply rollback so don't panic when you see status stuck on "Working on updates 100% complete"

Hope this helps.