Quantcast
Channel: Remote Desktop Services (Terminal Services) Forum
Viewing all 27656 articles
Browse latest View live

RDAC - Remote App dissapearing from taskbar when minimized

$
0
0

Hey guys, just wondering if any of you have seen this behavior or managed to be able to correct it because I can't seem to find a fix. The client computer is running the latest version of Windows and the RDS Servers are at latest patch of Server 2016. The client opens up a remote app and then minimizes it and the remote app disappears from their taskbar.

Any ideas?

Cheers!


Brian Baldock | MCSE | MCSA | MS | MCP Please note: This post is provided as is with no guarantee. Test, then test again


New Windows Server 2019 RDWeb Webclient connection issue

$
0
0

We're currently having issues setting up our Terminal Server for our remote users.
Everything is on place: RD Web Access, RD Gateway, RD Connection Broker (Some confusion) and RD Session Host.

We are able to connect to the interface locally and remotely to servername/rdweb/webclient/index.html, we can use the Remote Apps locally but when we try to use the Remote Apps from a remote computer it gives us this error:

Oops, we couldn't connect to "Remote Desktop Connection"
The connection to the remote PC was lost. This might be because of a network problem. If this keeps happening, ask your admin or tech support for help.

Does anyone have any idea what were doing wrong? It would be really helpful.

Virtual IP addresses in Remote Desktop Session Host

$
0
0

I am having trouble with 2016 Server configuring IP Virtualisation, running as vm on a Hyper-V host

If I use a DHCP Server I get the following error 

"Remote Desktop IP Virtualization could not acquire an IP address for session ID 2.  Error code: 0x800714CA"

(If I time it correct on a Cisco 500 switch I can see the IP address being allocated before it aborted)

If I try and use static iP configured in registry I get the following errors in the log,

Remote Desktop IP Virtualization could not load C:\WINDOWS\system32\TSVIPool.dll. Error code: 0x80070002

An error occurred when the computer tried to start Remote Desktop IP Virtualization: 0x80070002.

I followed the following guides  (links removed)

Deploying Remote Desktop IP Virtualization Step-by-Step Guide

Using Static IP Addresses for Remote Desktop IP Virtualization


I have found this which may describe my issue for the static IP. 

https://support.microsoft.com/en-gb/help/2402260/possible-delays-while-assigning-virtual-ip-addresses-in-remote-desktop

However what does it mean when it advises Workaround:ConfigureRDS Session Initial Program (Startup program) to run with a startup script (logon script) and introduce a 1-3 second delay into the execution of any process

What do I have to do to implement the workaround? or is there any other suggestions 

 

Event 1309 ASP.NET

$
0
0

Hello,

We have a Windows Server 2016 box that is being used for users to remote in to their computers by way of RDWeb. Every time someone goes to the website to login we we get the following Warning logged in events:

Event code: 3005 
Event message: An unhandled exception has occurred. 
Event time: 10/26/2018 10:49:47 AM 
Event time (UTC): 10/26/2018 2:49:47 PM 
Event ID: 00f90daa62f94580925cf71413f5874d 
Event sequence: 5 
Event occurrence: 1 
Event detail code: 0 
Application information: 
    Application domain: /LM/W3SVC/1/ROOT/RDWeb/Pages-6-131850389869549350 
    Trust level: Full 
    Application Virtual Path: /RDWeb/Pages 
    Application Path: C:\WINDOWS\Web\RDWeb\Pages\ 
    Machine name: XXXXXX 
Process information: 
    Process ID: 5096 
    Process name: w3wp.exe 
    Account name: IIS APPPOOL\RDWebAccess 
Exception information: 
    Exception type: NullReferenceException 
    Exception message: Object reference not set to an instance of an object.
   at Microsoft.TerminalServices.Publishing.Portal.FormAuthentication.TSFormAuthTicketInfo..ctor(HttpContext objHttpContext)
   at ASP.en_us_default_aspx.<GetAppsAsync>d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Web.UI.PageAsyncTaskManager.<ExecuteTasksAsync>d__3.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at System.Web.UI.Page.<ProcessRequestAsync>d__554.MoveNext()

 
 
Request information: 
    Request URL: https://XXXXXXXXX:443/RDWeb/Pages/en-US/Default.aspx 
    Request path: /RDWeb/Pages/en-US/Default.aspx 
    User host address: XXXXXXXX 
    User:  
    Is authenticated: False 
    Authentication Type:  
    Thread account name: IIS APPPOOL\RDWebAccess 
 
Thread information: 
    Thread ID: 115 
    Thread account name: IIS APPPOOL\RDWebAccess 
    Is impersonating: False 
    Stack trace:    at Microsoft.TerminalServices.Publishing.Portal.FormAuthentication.TSFormAuthTicketInfo..ctor(HttpContext objHttpContext)
   at ASP.en_us_default_aspx.<GetAppsAsync>d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Web.UI.PageAsyncTaskManager.<ExecuteTasksAsync>d__3.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at System.Web.UI.Page.<ProcessRequestAsync>d__554.MoveNext()
Custom event details: 

Any ideas how to fix?


Can't connect using RDP over TLS without NLA

$
0
0

Hi,

I have special circumstances where I need to connect (RDP using MSTSC) to a Windows server that enforces RDP over TLS, but without NLA (enablecredsspsupport:i:0 in the RDP file, the server allow this).

On some clients (I saw this only with Windows Server 2012 R2 clients) I'm getting the following error: "The connection cannot proceed because authentication is not enabled . . .".

The only thing I found online was to change the authentication level, which didn't help.

I analyzed the traffic using Wireshark and I believe the problem is with the RDP negotiation, where the client sends a list of it's supported security protocols. If I connect from the same client with NLA (enablecredsspsupport:i:1) I get this:

requestedProtocols:
    .... .... .... .... .... .... .... ...1 = TLS security supported: True
    .... .... .... .... .... .... .... ..1. = CredSSP supported: True
    .... .... .... .... .... .... .... 1... = Early User Authorization Result PDU supported: True

But if I connect with enablecredsspsupport:i:0 I get this:

requestedProtocols:
    .... .... .... .... .... .... .... ...0 = TLS security supported: False
    .... .... .... .... .... .... .... ..0. = CredSSP supported: False
    .... .... .... .... .... .... .... 0... = Early User Authorization Result PDU supported: False

Where I would expect this (I do get this with some clients):

requestedProtocols:
    .... .... .... .... .... .... .... ...1 = TLS security supported: True
    .... .... .... .... .... .... .... ..0. = CredSSP supported: False
    .... .... .... .... .... .... .... 0... = Early User Authorization Result PDU supported: False

It seems like for some reason disabling CredSSP on the client also disables TLS.

I would appreciate if someone could help me figure out what's happening.

Thanks,
Gabriel

RD Connection Broker service failed to start. HRESULT = 0x8007139F

$
0
0

Hi,

I have a Windows Server 2012 R2 there i have installed:

RD Web Access

RD Connection Broker

RD Session Host

But RD Connection Broker service will not starta I get this 3 errors:

Event ID: 833 Source: TerminalServices-SessionBroker

The VMResource plugin failed to load. Error: VMResource is not a valid Win32 application. 

Event ID: 833 Source: TerminalServices-SessionBroker

The MS Default Provisioning Plugin plugin failed to load. Error: The group or resource is not in the correct state to perform the requested operation. 

Event ID: 898 Source: TerminalServices-SessionBroker

RD Connection Broker service failed to start. HRESULT = 0x8007139F.

I have checked VMResource in register in it´s look fine.

Regards Pierre

Multiple password policy in Active Directory Domain

$
0
0


We have a single forest, single domain AD environment. A password policy has been set through 'Default Domain Policy'. 

We would like to implement second password policy with different complexity requirements. As per the official Microsoft document thus can be achieved through Fine Grain Password policy. 

Please confirm that there is no such system limitations and another password policy can be configured for application administrator's.

Kindly respond at your earliest.

2019 RDS Gateway slow logon. Approx. 80-100 seconds.

$
0
0

Can't figure out why login through RDS Gateway is so slow...

I've setup a 2019 RDS environment.

It's all VM's
Server: Connection Broker and License Server
Server: Session Host (Server 2019)
Server: Gateway (in DMZ)

Using FSLogix.
MFA plugin through Azure.

When logging in from inside network it's fast. (Not asking for MFA)
When logging in from outside through gateway, it takes 1:40 minutes before desktop is ready. (Asking for MFA)

Using a RDP file.
MFA challenge comes ~11 seconds after password is entered.
After that: "Configuring remote session" in a long time.
Occasionally the login is way faster.
(after I wrote this, the MFA challenge took 4 seconds and was 100% logged in in about 10 seconds through gateway)

I can't see where to begin troubleshooting...

Sometimes the connection is lost, asking the MFA challenge again.
Tried using "Negotiate" and  "RDP Security Layer"

Tried looking Event Viewer on several servers with no luck

Sorry for the jumping in text.



Issues with RDS web client to gateway

$
0
0

Side note. this all works fine using the legacy reweb and rds client.

When trying to connect using the web client, we get the usual "Oops, we couldnt connect".

When i look in the dev view, I see websocket connection to the gateway failed, 404:

WebSocket connection to 'wss://gateway.testcloud.co.uk/remoteDesktopGateway?CorId=%7B334da63a-1571-428b-903f-b23d4a860000%7D&ConId=%7B32369577-63bd-4dee-a4bc-dd8f08495d4e%7D&ClGen=HTML%3D1&ClBld=Type%3DRdClient%3B%20Build%3Dprivate&AuthS=SSPI_NTLM' failed: Error during WebSocket handshake: Unexpected response code: 404

Any ideas?

ntuser.dat and GPO Issue

$
0
0

Dear all,

Enviorment:

2 DCs: Windows Server 2012R2
1 Terminalserver Session Broker: Windows Server 2016 (Session Broker and License Server)
3 Terminalserver Host: Windows Server 2016 (RDS Host)

If I deploy a new GPO on the DCs to the OU of the terminalservers the deployment works fine for all users. If I deactivate the GPO on the DCs and force the gpupdate on the terminalservers the GPO will stay activated to the users. After a bit of research it seems like the ntuser.dat from the user stored in the user profile disk won't be updated. If I delete the ntuser.dat manually and login again to the terminalservers I will get the right activated GPOs.


Folder permissons for the folder where the UPD are stored: Everyone (Read and Execute, Read Folder), System (Full Access), Every Terminalserver (Full Access), Domain-Admins (Full Access), Local Users (Read and Execute, Read Folder) Local Admins (Full Access)

File permissions for UPD vhd-files: Everyone (Read and Execute), System (Full Access), AD User himself (Full Access), Every Terminalserver (Full Access), Admin (Full Access), Domain-Admins (Full Access), Local Users (Read and Execute, Read Folder) Local Admins (Full Access)

For me it seems like the ntuser.dat do not work fine. Has anyone an idea?

Thanks!

Check Health status from RDS Farm

$
0
0

Hi all,

We have made a RDS Farm to deploy a Virtual App. After configuring the roles, we have this structure:

  • server1 - RDBroker/RDGateway/RDWeb access
  • server2 - RDBroker/RDGateway/RDWeb access
  • server3 - RDLicensing/RDSH
  • server4 - RDLicensing/RDSH
  • server5 - RDSH

server 1 and 2 are in DMZ VLAN, and server 3, 4 and 5 in midd VLAN. To publish our public DNS, we use a pool into VIP F5 that balance the connections with Round Robin mode and assign a static public IP to this DNS.

All roles are in HA: RD bróker have a DNS RR register with the server 1 and 2 IP, RDGateway is duplicated on both servers, RD Web Access and IIS is installed on both servers and the RDSH role is blanacing via RDBokrer service.

The question is: Is possible to check the health status of every role (RD Gateway, RD Bróker and RD Web Access) to remove of the F5 pool the machine when some role is out of service in a server1 or 2 ?

Thanks!


Gerardo,

Blackscreen after logon

$
0
0

Hi

We have a problem with logon times on our RDP 2012R2 servers. It must be related to the roaming profile.

The problem:

The users logon on via RDP. The profile gets loaded, applying group policy settings and so on, and then the "black screen" starts. I can take up to 15 minutes before the users desktop is visible and ready to work.

While there are black screen I can press CTRL+ALT+DEL and go to the task manager. The only process that is working is explorer.exe.

If we create a new profile the users are logged in less than a minute, but the logon process and the time for the black screen increases over time. It happens for all our users on our 30 RDS servers.

Any suggestions?

Windows 10 Remote Desktop Session Randomly Unexpectedly Exits and Terminates all apps - please help!

$
0
0

I remote desktop to my Window 10 Surface laptop via LAN (to use Outlook from the laptop) allowing me to create send/emails on the Surface laptop via remote desktop from my desktop PC. This has been working fine for 2+ years. Recently the Surface 10 has started ending the remote desktop session randomly perhaps 2 or 3 times per day. The worst parts is that it also terminates all running applications so when I can finally remote desktop back in my Outlook sessions have been lost. This is frustrating as I have lost a lot of drafted emails.

(I’ve setup Outlook to save every 1 minute but even so sometimes I lose the active email I'm working on in Outlook or recently received emails - I've lost lots of work because of this - it is driving me crazy.)

If I try to immediately log back in via RDP I sometimes get:

The number of connections to this computer is limited and all connections are in use right now. Try connecting later or contact your system administrator

I wait and try again and I can log back in but all my applications have been terminated. Perhaps the user session is being logged out and back in – I can’t tell.

Why on earth would all apps be terminated - it's as if the Surface computer user session is logged out and terminates all running apps for absolutely no reason.

There are no failed attempts in System Event Log Security, only forced log off. I noticed over 100 Audit Success security events at same time:

Credential Manager credentials were read.
Subject:
    Security ID:        DOMAIN\My Name
    Account Name:       My Name
    Account Domain:     DOMAIN
    Logon ID:           0x1A293A3D8
    Read Operation:     Enumerate Credentials
This event occurs when a user performs a read operation on stored credentials in Credential Manager.

This is then followed with:

An account was logged off.
Logon Type:         3

This event is generated when a logon session is destroyed. 
It may be positively correlated with a logon event using the Logon ID value. 
Logon IDs are only unique between reboots on the same computer.

Windows System Events at arounds this time shows a number of Errors:

The server {AAC1009F-AB33-48F9-9A21-7F5B88426A2E} did not register with DCOM within the required timeout.
The system is exiting connected standby 

Reason: Input Keyboard.
A timeout was reached (30000 milliseconds) while waiting for the Sync Host_1a14de225 service to connect.
A timeout was reached (30000 milliseconds) while waiting for the Windows Push 

Notifications User Service_1a14de225 service to connect.
The Clipboard User Service_1a14de225 service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
A timeout was reached (30000 milliseconds) while waiting for the Clipboard User Service_1a14de225 service to connect.

The Connected Devices Platform User Service_1a14de225 service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
A timeout was reached (30000 milliseconds) while waiting for the Connected Devices Platform User Service_1a14de225 service to connect.

The Clipboard User Service_1a14de225 service terminated unexpectedly. 
It has done this 1 time(s). 
The following corrective action will be taken in 3000 milliseconds: 
Restart the service.

The Sync Host_1a14de225 service terminated unexpectedly. 
It has done this 1 time(s).
The following corrective action will be taken in 10000 milliseconds: 
Restart the service.

The Windows Push Notifications User Service_1a14de225 service terminated unexpectedly.
It has done this 1 time(s).
The following corrective action will be taken in 10000 milliseconds:
Restart the service.

Note, I posted this at https://superuser.com/questions/1484818/windows-10-remote-desktop-session-randomly-unexpectedly-terminates 

But no-one could help there.  This is really driving me crazy as I am losing emails on a daily basis





Connecting to RDWeb issues.

$
0
0

Hi

I have set up RDS on Win 2019 server, but when trying to connect to the I keep getting that the Gateway in unavailable.

I can connect to there server with RDP fine, but not RDWeb. Could someone point me in the right direction.

I am using Azure

RDS 2016 - Connection certificate

$
0
0

Hi,

I'm sure this has been asked many times before, and I'm probably just missing something simple but we've built a new RDS 2016 system consisting of 2 Connection Brokers and a few RDS Hosts which will be used for plain Remote Desktops. 

Clients are getting certificate warnings when connecting as the DNS name for the farm (RDSFARM.domain.com) is different to the host name on the self-signed certificate which is presented. We have a wildcard cert which we could use, in place of a SAN certificate, but I'm unsure where we configure this. 

In the RDS Server Manager, you can configure the RD Conncection Broker for SSO, Publishing, Web Access and RD Gateway but these aren't related to what I'am talking about are they? 

I've also tried putting this wildcard cert into the RDS system certificate store and removing the self signed cert, but no luck doing that. So what is the right way to configure this? 

Thanks in advance, 

Dave

 


FSLogix Profiles being overwritten

$
0
0

Hi, 

We've been rolling out FSlogix and so far have been loving it. We came from roaming profiles.

When we migrated I left the 'Profile Path' field set on the AD object as there are app servers and various others that users may logon to without FSlogix - so keeping roaming for these seemed ideal.

For two users, whenever they login to the RDS Farm with FSLogix, the roaming folder in their VHDX gets overwritten (*profile*\appdata\roaming) Weirdly the local folder is unaffected. If I restore the VHDX and remove the Profile Path field this stops happening.

Only happens for these users and I cannot find any documentation related to this.

Anyone have any ideas?

Thanks,

Andrew

RDS Server 2016 & SSL's

$
0
0

Hi everyone

We have recently renewed our SSL wildcard (GoDaddy) certificate and have successfully installed it.  However we now have a problem where some users are unable to connect and I suspect its an issue with SSL and possibly something I've not done correctly.  Below is a brief overview of the RDS deployment

7 Servers - 1xGateway/web access, 1xConnection broker/licensing, 4xdesktop hosts and 1xapplication host.
SSL Wildcard purchased from GoDaddy and assigned to each server.  CN *.abcd.co.uk

Server FQDN (as seen from connection broker) is server.ad.domain.com (I think this has changed since adding the new SSL from server.abcd.co.uk but can't be certain).
Forward looking DNS A record abcd.co.uk set to private IP for gateway and connection broker servers.

We have a mixture of W7 & W10 Pro clients, a large number of HP thin clients and a few Apple Mac's.

Connecting internal seems to work for Windows user and some thin clients but the Apple users and some of the HP clients cannot get on.  If we change the Gateway settings from defined to automatically detect on on the connection broker, the Apple clients work but not some of the thin clients.

I am convinced the root cause is the way we have configured our Wildcard SSL which has effected the gateway and other settings.

Unfortunately, I cannot find any literature which gives in depth instructions on how to configure and assign SSL certificates from start to finish for an RDS deployment.  

Prior to us renewing the certificates, everything was working fine.

If there is anyone who can advise, then I would be grateful.

Regards

Thackers

RemoteApp - Reconnecting to a Disconnected Session on RDSH Server

$
0
0

Hello,

I am currently evaluating RemoteApp to deliver applications to our roaming users. It is working well.

However, whenever user reconnects, it creates a new session rather than hooking up to a disconnected session. My requirement is that till the time a disconnected session does not end, user must reconnect to their corresponding disconnected sessions only.

I have tried configuring following Group Policy Settings on the Session Host Server, but could not achieve the objective:

  • Automatic reconnection = Enabled
  • Configure keep-alive connection interval = 30 mins
  • Restrict Remote Desktop Services users to a single Remote Desktop Service session = Enabled

Request if someone can guide me about some missing configuration to achieve the objective.

Thanks,

Amit Jogi

Cannot connect to Remote Desktop from Android (error 0x1307), but I can from a Windows PC

$
0
0

Using Group Policy Editor, I have added Administrators into Computer Configuration\Windows Settings\Local Policies\User Rights Assignment\Deny access to this computer from the network. This is to make sure that file sharing users cannot bypass the NTFS rights. However, I want members of the Administrators group to be able to login interactively using Remote Desktop. It works from Windows PCs, but not from Microsoft RD Client for Android, where I get the following error message:

  • We couldn't connect to the remote PC because the admin has restricted the type of logon that you may use. Ask you admin or tech support for help. Error code: 0x1307

I can connect from Android only if I remove that policy.

Any ideas?

Windows 2016 and 2008 r2 RDS issue

$
0
0

I have the following:

RDS Gateway = Windows 2016

TS server = Windows 2008 R2

TS Server2 = Windows 2016

I get into the RD webpage without issue, there lies 2 RDP published apps pointing to 2 different servers.

When the icons are launched and authentication box appears, domain credentials are put in, and the error stated below comes up.

End users can access the gateway without issue, when they select the TS Server RDP icons they get the following error:

RemoteApp Disconnected - Your computer can't connect to the Remote Desktop Gateway server. Contact your network administrator for assistance.

The TS connection is set to maximum, everything else is set correctly to. I have read all the articles I can find and it has not resolved the issue, is there something I am missing?



Viewing all 27656 articles
Browse latest View live


<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>