Quantcast
Channel: Remote Desktop Services (Terminal Services) Forum
Viewing all 27656 articles
Browse latest View live

Slow RDP Initialization and CredSSP

October 16, 2012, 6:51 am
$
0
0

Hi everybody,

After beginning the migration from XP to Windows 7 we noticed that the RDP initialization connection took about 30sec stuck on "Securing remote desktop".
I order to understand better the problem we analyzed the network traffic and discovered that the rdp client tried to contact an external "Akamai" server.
As the traffic is filtered the connection with this server seems to timeout and finally release the  "Securing remote desktop" step.
After some research we disabled the CredSSP setting in the Default.rdp : enablecredsspsupport:i:0, and everything works fine.

Anyway I have two questions :

1 - Why my RDP client is trying to reach an external server ?

2 - What's the security impact of disabling CredSSP ?

Thanks all,

Julien

Search

Disable Multiple session in windows server 2016

March 21, 2018, 1:27 am
$
0
0

Hi,

By default all windows machine has 2 session enabled in RDP. Currently i have RDS setup with multiple client VM. here i have to restrict single user to single computer login (Allow only one session for the specific user for specific computer).

Change should be done in AD/RDS server not in client machine. Both AD & RDS are windows 2016.

Awaiting for your valuable input for this problem .

Thank you!

RDS CAL licensing for middleware system written as a dispatcher to RDS

February 14, 2020, 8:50 am
$
0
0

Hi,

I am software developer and I'm working on web-based distributed system written from scratch in C++, which can work with RDS. In a nutshell, it is a wrapper or rather dispatcher giving accelerated access to virtual desktops.
My system is a middleware and stands between system users and RDS.
In fact, users DOES NOT have direct access to sessions in Remote Desktop, but only through the pool of available "channels" made by my middleware system.

Users are not using any standard Remote Desktop Connection applications nor these HTTP5 based Web Client, but just have access only through my own protocol.
Users might be authenticated by other than AD or AAD systems.

For example, my system provides access for 1000 users, but I know that at the same time, only max. 10 users will need to work simultaneously on the system.

So, is that enough for my middleware system to have 10 RDS CAL devices only, or despite everything, do I still need to purchase 1000 RDS CAL users?

Best regards,
Robert


Win 10 1903-1909 RDP (Remote Desktop) not retaining window/taskbar positions on reconnect (multiple monitors)

January 29, 2020, 10:54 am
$
0
0

Hello,

This is still a problem since windows 10 update 1909 20-1, originally 1903,  so I'm branching out into other forums.  Please excuse the duplicate posts.

[Not-so-]Recently my remote systems were updated to windows 10 1903 and since then every time I reconnect (hit the close button, re-establish a remote desktop session) all of my windows, and the task bar, that I re-locate to my other monitors are all crammed back on the center monitor.  I have three monitors.  Note that this all worked fine before this 1903.



Setup (can provide exact details if needed):

Main computer:
Win 10 pro 1909 20-1  (originally started happenign on 1903) 
i7 8700k
nvidia 1060
3 monitors (1080p, 1440p, 1440p)

Remote Computer 1:
Windows 10 pro 1909 20-1  (originally started happenign on 1903) 
i7 4770
intel integrated graphics
2 Monitors (1080p, 1080p)

Remote computer 2:
Windows 10 pro 1909 20-1  (originally started happenign on 1903) 
xenon 13...
AMD hd 400 or something (dell)
No monitors currently (headless)

Remote computer 3:
Windows 10 pro 1909 20-1  (originally started happenign on 1903) 
i7 8700
intel HD 600 integrated
No monitors currently (headless), have tried with single monitor connected 1080p


Newer example before and after pictures from Main Computer to Remote Computer 3 after connecting, organizing, and simply closing/disconnecting the remote session (x button) and re-connecting:
#1: https://i.imgur.com/cYYasFy.png
#2: https://i.imgur.com/opqmeF9.jpg



Things I've tried:
 - I upgraded all of my computers/VMs to 1903 originally and kept them on the same version since then (currently 1909 20-1).
 - Checked graphics drivers are up to date on all PCs.
 - I tested remoting in from two other computers on windows 10, one with two monitors (both 1080p), one with three (I believe they are all 1080p), same issue.
 - I looked at the windows logs on the computers and there doesn't seem to be any error logs created by the remote connection event (like a graphics driver crash or similar)
 - I ran sfc and similar to check for corruption and nothing of note came up anywhere.

Observations:
This seems similar to what happens when you clean install a graphics driver where it bumps to one monitor low res and back.
I am aware of the black screen issue with RDP and 1903.  The fix is to use a default windows display adapter which only supports low res and one monitor so its kind of pointless to try that.
Given the range of hardware spanning 4 generations it seems unlikely to be a "old computer, not compatible" issue.

Links to other posts as they have replies with potentially useful info on them:

https://social.technet.microsoft.com/Forums/en-US/5128b7f0-d2d2-43fb-8076-674b6aad1658/win-10-1903-rdp-remote-desktop-not-retaining-window-positions-or-task-bar-positions-multiple?forum=win10itprogeneral

https://answers.microsoft.com/en-us/windows/forum/windows_10-networking/win-10-1903-rdp-remote-desktop-not-retaining/4855e9f2-a775-4bc1-94be-f5f408aee87f?messageId=978adfdb-b732-4f2a-a7f4-28f261663fe8&auth=1


Any help or nudge in the right direction as to where I should look next would be appreciated.


Thanks for your time,
"Reload"

      

Point a 2008 TS to itself for licensing

February 14, 2020, 9:54 am
$
0
0

Hi

I have a 2008 R2 TS that I need to stay around for a few more weeks. Trouble is that is was pointing to a 2008 TS license server that was decommissioned recently. I have the license agreement info and I would like to point this TS server to itself for CALs. 

No users are getting denied right now, but I want to be sure that won't happen.

TYIA

Change rdweb port

January 29, 2020, 1:41 pm
$
0
0

Hi,

Is it possible to change rdweb port if gateway is not installed in windows 2012 std Remote Desktop Server?

Thanks.

Has Anyone Rejoined Their RDS Server to a New Domain Controller and What Happened?

February 13, 2020, 12:01 pm
$
0
0

I have a production Windows Server 2019 with Remote Desktop Server for multiple users to login to for running a shared application on that server.  I need to rejoin that server to a different domain controller.  Has anyone moved their RDS Server to a different domain controller, and what happened?  What settings had to be adjusted, or did the entire RDS need to be reinstalled?

Thanks!

Remote desktop services not installing in Windows Server 2019 Essentials - Unable to install role services....

February 14, 2020, 7:46 pm
$
0
0

I'm not sure why remote desktop services role services fails to install.  Failed message says. "Unable to install role services.  ArugmentNotValid. The role, role service or feature name is not valid.  'rds-connection-broker'  The name was not found."

Remaining installs for remote desktop services were cancelled.  Retried a number of fixes...all failed.  Any help is greatly appreciated.

Search

Remote Desktop License Manager - Configuration issue (not a member of TSLS Group)

February 11, 2020, 12:16 pm
$
0
0

Hello,

I am trying to install the RD License manager on a member of computer in AD. The AD Schema is Windows Server 2016 and this member computer is Windows Server 2019.

I have successfully installed the role and activated the server, added the member computer in the BUILTIN "Terminal Services License Server" group but in the configuration page I get the message "the system cannot determine if the license server is member of tsls group".

All the required ports are also open as specified by : https://support.microsoft.com/en-us/help/832017/service-overview-and-network-port-requirements-for-windows#method53

Does anyone have a similar issue or know how to solve this? I dont want to install any CaLs if the service has any errors.

Regards,

Tony

antonis michael

Windows 10 Virtual Desktop error upon remoting

February 10, 2020, 1:47 am
$
0
0

Hi,

Somebody's can help us what is causing of this error in Remote Desktop Connection. ? We Still have Window 7 pooled collection and everything is fine and working. And now we are provisioning the Windows 10 Virtual Desktop in the VDI infrastructure. After installation of windows 10  pooled collection in RDCB and have it created/Add  a 30 virtual Desktop we got this error during the connecting of our Wyse Thin client Device. 

Is there any steps need to check on this. ? 

Current Infra:

2 RDCB

2 RD Virtualization Host

1 RD gateway server (w/ DMZ switch )

1 RD web Page server (w/ DMZ switch )

1 RD Licensing Server Role

1 File Server

2 SQL Database Server Node

Checked and Verified the following : 

1. Windows 10 Master Image have been sysprep properly in the Session Host.

2. Created a Windows 10 Virtual Desktop properly.

3. Path to the correct cluster storage volume, parent disk and user profile disk. 

4. Ensure that Windows 7 profile disk, CSV and parent disk folder is separate to windows 10 pooled collection. 

5. Windows Server 2016 Version.

6. 2 times to recreate all VM's and collection in the RDCB.


Thanks

Homer Sibayan

Your computer can't connect to the Remote Desktop Gateway server.

February 11, 2020, 3:59 am
$
0
0

Hi!

I've been testing out RDS for our company and have deployed all roles on a single Windows server 2012 R2 (version: 6.3 Build 9600) for testing. It worked for a couple of days but suddenly almost nobody can login in, the users get this error "Your computer can't connect to the Remote Desktop Gateway server. Contact your network administrator for assistance". In the windows log on the server this shows up: "The user "user@domain", on client computer "xx.xx.xx.xx:12345", has initiated an outbound connection. This connection may not be authenticated yet.".

4 different users have tried logging on at home at their home network without success. But somehow it works for me, both at the office and at home on a another computer and a completely different network. And the other user accounts work at my PC even tho none of the computers is connected to the domain that the RDS solution is running on. 

I've tried adding the registry keys LmCompatibility and EnforceChannelBinding but it doesn't work. 

Any thoughts on what i'm missing?

Second broker not functionning

February 12, 2020, 4:48 am
$
0
0
Hello,

I need your help.

I have a RDS FARM with 

8 host session (named RDS01, RDS02...)

2 Brokers (BRK01 and BRK03)

1 Management (MGM01) where we deployed the farm and see the collection, and with the SQL server for broker HA

DC is on another server

Everything is in 2016 version, windows server 2016, SQL server 2016

My connection chain : Driver={ODBC Driver 13 for SQL Server};Server=MYENTERPRISE-MGM01,1433;UID=sa;Pwd={password_replaced};Database=RDFarm

DNS name for the mstsc connection : RDS.MYENTERPRISE.LOCAL

collection name : RDS-MYENTERPRISE

name of the DB : RDFarm

Round robin on the dns between the 8 host (RDS01,...)

Problem : The second broker for the HA is not working. 

We had BRK02 but with many problems, so we created a new server : BRK03. 

But BRK03 is not working too

When a RDS Host is going through BRK01, everything is ok, we see users in the connection of the collection on the MGM.

But when RDS Host is going through BRK03, we don't see the users in the collection, and users got temp session when disconnect/connect.

In the events on BRK03 : 


Microsoft-Windows-TerminalServices-SessionBroker/Admin    ID 802

Server farm specified for connection is not present



- <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System>
  <Provider Name="Microsoft-Windows-TerminalServices-SessionBroker" Guid="{D1737620-6A25-4BEF-B07B-AAC3DF44EFC9}" />
  <EventID>802</EventID>
  <Version>0</Version>
  <Level>2</Level>
  <Task>101</Task>
  <Opcode>11</Opcode>
  <Keywords>0x4000000000000000</Keywords>
  <TimeCreated SystemTime="2020-02-12T09:28:07.054322400Z" />
  <EventRecordID>86</EventRecordID>
  <Correlation ActivityID="{8FE15758-B0A3-48C0-A516-4C98547234BF}" />
  <Execution ProcessID="3536" ThreadID="1864" />
  <Channel>Microsoft-Windows-TerminalServices-SessionBroker/Admin</Channel>
  <Computer>MYENTERPRISE-BRK03.MYENTERPRISE.local</Computer>
  <Security UserID="S-1-5-20" />
  </System>
- <UserData>
- <EventXML xmlns="Event_NS">
  <param1>MYENTERPRISE\MY.USER</param1>
  <param2>La batterie de serveurs spécifiée pour la connexion n’est pas présente.</param2>
  <param3>2</param3>
  </EventXML>
  </UserData>
 </Event>



And in Microsoft-Windows-TerminalServices-SessionBroker/Operational

ID 787 : The name farm is empty

We don't have the event ID 801 compared to a connection on BRK01





Anyone have an idea ? 

Thanks

Excel license terminal server - collection users vs app users

February 12, 2020, 8:32 am
$
0
0

Hi all,

We are deploying two apps in terminal server Windows Server 2019 (app1 and app2). Both apps are in the same farm and collection.

The users from the collection use a user group, the same user group that the app1. Nevertheless, the app2 use another user group to limit who can use it.

the problem is that the app2 need to use Excel, only in this app. We want to use excel but we just want to pay only the app2 user group license (5 or 6 users), not the user group used in collection (more than 100 users). Is possible to pay only for the app2 group or need to pay to all connection group?

thanks and regards,

Gerardo,

Network Stability and Remote Desktop Blamed For Intermittent Database Error

February 12, 2020, 10:31 am
$
0
0

My company is using a software package which is installed on RDS. All users access this program via Remote Desktop. The program is a business application which directly executes CRUD operations on a Pervasive database (no middle tier!). Our RDS server and database server reside in the same room (actually on the same vm host). Some of our users are remote over a VPN tunnel. These were the main reasons I wanted to install on RDS, because software updates and stability would be a nightmare if the application was installed on individual PCs, most notably with some running remotely. This setup would promote more stable execution because the servers are local to each other.

On occasion, the software produces database errors.

Certain errors are reoccurring, and the software company blames the issue on dropped packets. They claim desktops using a wireless connection can cause issues. They claim that this corrupts cache files and causes the database corruption.

I'm under the impression that RDP should generally negate any network issues because the application is executing on the server, not the PC. If a connection is interrupted, the application should continue to gracefully execute in the background until the session is reestablished.

On a setup like this, is it at all possible (or even heard of) to introduce database errors via RDP? Any thoughts?

Thank You.

Server 2019 RDS administrative session shadowing works, but shows a black shadow window

February 12, 2020, 12:38 pm
$
0
0
Hi there !

On a Server 2019 properly set up as a domain member with activated RDP services ("quick access" method), the "collection" is displayed correctly in the server manager; including the registered non-administrators or the normal remote desktop users.

The server is currently in the evaluation phase and only runs for 7 days. Neither CAL's nor product keys are entered, but that shouldn't matter at the moment, right?

Click right Mouse click on a user provides the option "shadow". When triggered, the correct small dialog comes and the window also opens. But it is white and when you enlarge the window you see a black picture with a white square in the middle. => the shadwing works, but shows nothing reasonable.

There is an RDS tool from Lizard, which delivers the desired monitoring result perfectly on another server 2019, which is single, i.e. not a domain member. Of course, I also installed this on the domain member server and expected success. But this tool also led to the absolutely identical result as the session monitoring via collection: black screen with white square in the middle.

The domain has the 2008R2 level.

The additional test carried out on both servers with the installed RDS Manager 2008 (tsadmin, that's fine!) Led to the result that everything works perfectly except for the session seal: there it also works perfectly up to the short dialog window and then it says " Access denied! ".

Can someone - best of all from Microsoft perhaps? - tell me what's going on?

It makes no sense to start up a new terminal server whose sessions the administrator cannot monitor.

With regards
Chris
Search

Remote Desktop Services - Server Authentication Certificate problem

February 12, 2020, 3:20 am
$
0
0

Hello

We have got a server, call it S1, running Windows Server 2012, and workstations running Windows 10 Enterprise 1909. People regularly need to access this server using the workstations. When people on workstations try to access this server, it initially works (i.e. they enter their credentials and then the "The identity of the remote computer cannot be verified ..." windowappears), but then the "remote desktop can't connect to the remote computer for one of these reasons" error comes up. It goes away when connecting again, but instead shows the following error (without the "The identity of the remote computer cannot be verified ..." screen):

The connection has been terminated because an unexpected server authentication certificate was received from the remote computer. Try connecting again. If the problem continues, contact the owner of the remote computer or your network administrator.

This has been occurring sporadically ever since the server was built, however in the past few days it has appeared on all of the workstations. A few workstations used by sysadmins can still access the server by remotely connecting to another server that is on the same network, then remoting to S1 on the other server, however this is not the case for the rest of the workstations in the room. I've tried pinging S1 and it's replying fine.

I have also checked out the following other solutions to this problem from similar forum posts :

  • Replacing mstsc.exe and mstscax.dll - no computers on the network are running W10 build 1511, so can't get the files
  • Registry - the only registry options in HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client are (Default) and PinConnectionBar - no RDGClientTransport
  • "Connect and don't warn me" - option is greyed out, stuck on "warn me"
  • Services - both the Remote Desktop Services and Remote Desktop Services UserMode Port Redirector are up and running.

I can't seem to figure out anything else about why this is happening.


Standard users can block all incoming connections

February 17, 2020, 12:09 am
$
0
0

I installed a Windows server 2019 with RDS role.

When I start a RDS session using a simple user with no administrator right, I can change firewall configuration in order to force the server to reject the incoming connections using the new Application (Windows security). This behavior is a regression. It have been introduced in Windows server 2019, Windows server 2016 does not have this issue.

For the moment, we have found some configuration/workaround but not something perfect:

* There is the GPO Hide the Firewall and network protection area but it also remove the right to Administrator
* Remove the users group right on the executable file from C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy but it is more a hack than a customization.

Is there another way to fix this issue per user (registry tuning, user GPO)

The main thing is that non administrator user can break the Windows server 2019 using this new menu.

Thank you for your help

RDS problem

September 12, 2018, 10:26 am
$
0
0

Hi,

Everything was working well but we had to restart our servers because me moved them physically ( 1 meter further ) . So we restarted our 2 servers ( DC & RDS ) and after the restart , users could login on the RDS but all the mapping to the DC are lots ( user has to give each time their login adn password to map )

When looking in the RD licensing manager we saw 2 red buttons

What could be the oriin of this problem and how could we solve it ?

Thanks in advance

Best regards

Dirk

The system cannot determine if the license server is member of TSLS group on Active Directory Domain Services (AD DS) because the AD DS cannot be contacted.

February 17, 2020, 2:52 am
$
0
0

OS: Windows Server 2016

How do I resolve this issue? I have installed the RDS CALs in my license servers, but it appears that there are some issues preventing my license servers from communicating with the AD DS in my DC? I tested connectivity between both my license servers and the DC servers,seems to be working fine. Require assistance urgently! Thanks!



Server RDS agruments missing in rdp file

November 4, 2019, 5:29 am
$
0
0

Hi everyone,

This is my first post in this website ! :)

I try to deploy an RDS solution with 3 RDS Server (Windows Server 2016) and 1 RDS Broker (Windows Server 2016).

All servers are in VMWARE Environment 

My RDS servers have RemoteApp (1 per server) and I have an issue with one.

First I deploy my RemoteApp, no problems, no errors messages.

Next, I connect to my Web RemoteApp Work Ressources and I download the RemoteApp file (.rdp file)

Now Impossible to open it because the application can't find the remote computer. When I edit the rdp file I have some missing arguments :

  • videoplaybackmode:i:1
  • audiocapturemode:i:1
  • gatewayprofileusagemethod:i:1
  • full address:s:MYBROKER.mydomain
  • gatewayhostname:s:mygateway.mydomain

I try to remove my RDS server VM and create new one with the same name, but same problem.

In this example I tried to deploy calc32 in RemoteApp.

When I go in regedit I see that arguments are missing but I don't know why.

If y ou have ideas to repair, Thanks for your future answers!

Sincerely, :)



Viewing all 27656 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>