Hi,
I want to create different AD groups and assign RDP with limited permissions e.g. for application team to run different application services etc. similarly to DBAs to to check DB related things. but they should not be able to install anything or restart servers.
please guide
Regards
Ali
After the server has been up for a number of days we can no longer login with Remote desktop.
Initially after entering the logon/password an RDP window would open with all of teh video region black. After about 20 seconds an error dialog box would open: "Failed to reconnect to your remote session. Please try to connect again."
Repeated attempts to connect all fail.
I am able to mount the servers C: drive and view files.
I tries restarting any service that looked related to RDP.
I no longer get the black screen and the logon fails silently.
I compared the Event Log messages from a working system and a failing system.
The 1st divergence is the 36th event (out of 106 in the working case).
The error event is ID-227
'Failed to create Input devices in CUMRDPConnection::NotifySessionId ' at 1976 err=[0x80070102]
This error in Visual Studio "Error Lookup" translates to "The wait operation timed out."
In the working case the 36th event is ID=66 "The connection RDP_Tcp#27 was assigned to session 2."
A reboot always recovers, butt hat is not acceptable. I see that many others have posted similar problems with RDP.
Please advise.
Hello, I've been searching high and low for an answer to this with no luck... it seems to me, that the only published and supported way to do this upgrade is via an in-place OS upgrade. That's not an option for us.
Short of completely rebuilding new Connection Brokers and re-creating all the Deployment related settings, is there any way to do the upgrade of my brokers using new servers, and not using in-place OS upgrade to get it done?
Thanks!
Mark
I am trying to enable user profile disks on a Remote Desktop Services collection (Windows Server 2016). I created a share on a cluster of two Windows 2016 servers as a Scaled Out File Server. (Both servers in the cluster are fully patched and the validation
report doesn't return any errors.)
The share is accessible from the RD broker, and all the relevant servers have permissions to write to the share. (I've even tried giving Everyone full control). But I get this error when I try to enable the user profile disks on that share:
I saw this thread, but as you can see, there are no dashes in the share name.
I've also tried adding the user profile disks in Powershell, but I get the same error.
Any ideas?
Thanks,
David
Hello,
Serer 2012 R2 used to allow remote connections through RDweb via internet. I am still able to login to the server on the internal network via RDP. I have been through and checked all the deployment options and SSL certs within server manager. I can access the web page fine, but its not letting me login with this error
The user name or password is incorrect. Verify that CAPS LOCK is off, and then retype your user name and password. If you continue to experience problems, contact the person who manages your server.
I have tried both logging in using both credential formats domain\user user@domain.xx.xx.
I have been through the event logs and cant see anything related.
I have no gateway server.
I have checked the firewall rules so RDP is allowed.
Has anyone got any suggestions on how I can track down the issue?
Thanks
Hello everybody,
A customer runs Windows Server 2019 terminal server farms. From the local network, everything is fine. Users get perfectly connected and load-balanced to the RD servers. However, if the log on to the domain through a VPN (TMG 2010) which does not block any traffic, they can only only sometimes connect to the farm. When they fail, their Windows 10 RDP client just yields an "internal error" without being more specific.
We checked already:
* TMG does not block anything coming from the VPN to the inner servers or vice-versa. We also tried temporary firewall rules allowing any traffic in both directions.
* DNS resolution and contact to the domain controllers is fine from the LAN and through the VPN. There are DNS A records for each RD server, and for each RD server there is a DNS A record with the farm name, pointing to each of the RD servers, for DNS round-robin.
* The RD broker (a separate server) load-balances the users just fine.
* The clients get a DHCP address for their VPN connection from VPN, also just fine.
* The clients CAN connect every time to the old 2008 R2 server farm which did not load balance. When they try to connect to a 2019 farm (with each farm consisting of 4 RD servers and its own broker and licensing server), the only connect sometimes, the other time failing with the "internal error".
* The clients connect (locally and through VPN) using the same .rdp file pointing to the farm name. The do not use RDWeb currently, nor a RD gateway.
We have the suspicion (although not proved 100% yet) that the users can connect when a RD redirection is not needed/requested by the RD server that they initially contact via DNS round-robin.
Is such a symptom known? Does anyone have a clue what is happening here?
Best Regards, Stefan Falk
Impact of Remote Desktop Services on Network Throughput
Environment:
VMware vSphere 6.7.0.40000
Windows Server 2016 v.1607 Build 14393.3504
VMXNET3
Ubuntu
VMXNET3
iperf3 3.1.3
16 streams
Test results:
Before RDS: 25.1 Gbits/sec send & receive
After RDS: 8.25 Gbits/sec send & receive
Is this reduction a function of RDS or the network. I have been unable to find any documentation that lays out the relationship between the two. What I have found "Performance Tuning Remote Desktop Session Hosts" is thin on details. This is a "session-based" implementation to alow large data sets (~4TB) to duplicated and distributed to targed file servers. The number of clients would never exceed 8. Is it possible to effect the throughput?
Hi folks,
Apologies if this has been asked before, I've been looking for a while and had no luck.
As the title states i'm looking for a way to activate the 'refresh' button in Remote Desktop services via command line for any given collection of ours, ideally with PowerShell. Is there a way to refresh it without having to open Server Manager and manually clicking this button?
What is this 'refresh' button actually doing behind the scenes?
Ran into a couple of issues getting SharePoint mapped for our users but was able to get those resolved once I installed the WebDAV svc on the server. I was able to the map the drive for each user and verified it was working
properly.
Fast forward a few days, and I had a handful of users reach out to me saying that they couldn't access the mapped SharePoint drive. I checked each of their profiles, and all of them were getting the error that access was denied and they needed to reach out to their network admin. I remapped the drive for each user, and they were able to access it fine. The last user I decided to dig a little further on. I disconnected and remapped the drive, verified that it was working properly, logged off and back on to see if the drive would hold. If you are familiar with SharePoint and mapping it as a local drive, you are aware that every restart/shutdown/log off event will force you to reauthenticate to SP on the drive. However, this did not occur. The drive icon was still green as if the session never closed properly and when you went to launch the drive the document library was empty. No force to reauthenticate and no docs. Close File Explorer and attempt to get back on the drive, "access is denied, contact network admin" error.
Very odd behavior, even for SharePoint. I'm curious if anybody else has ran into this? We previously used a Citrix platform and never ran into this issue. To summarize the issue again; User can access mapped drive to SharePoint,
ends session, begins another session, can't access the drive.
Any help would be awesome!
Hi,
All our win 10 1903 clients, immediately after been updated from 1803 to 1903 start repeating keystrokes in remote apps. Servers are 2012 R2. RemoteFX cannot be disabled on session hosts servers since that solution causes problems to some of the apps running. Any one facing the same problem ? Any solution?
We have Server 2019 running RDS
How do I get Sticky Notes installed ?
Thanks,
Steve
We had an existing Windows Server 2019 with Remote Desktop Services connected to a Windows Small Business Server 2011 that was acting as a domain controller. Everything worked fine.
The SBS 2011 was recently replaced by a new Windows Server 2019 domain controller. The new domain controller has the same name an IP address, so the old domain controller (SBS 2011) was removed, and the new one put in its place (Windows Server 2019) We rebuilt the trust relationship between the existing RDS server and the new domain controller by running the PowerShell command on the new RDS server
Reset-ComputerMachinePassword -Server {server name} -Credential {domain\Administrator}
That worked fine for connecting the RDS to the new domain server. However, when users try to login to the RDS Server using Remote Desktop, they get the error:
"The requested session access is denied".
The server manager on the RDS Server reports the following errors when a user tries to login to the RDS Server using Remote Desktop.
I researched these error codes but did not get too far. Any help would be appreciated.
Michael
Hi there,
In my environment we run 4 virtual windows server 2012 R2 plus a host on the same. Occasionally on the Main domain controller I will receive and RDP error from one of our sensors on our monitoring software (PRTG), when trying to remote in it will pop up saying, unable to connect and internal error has occured. It is very random, some days it wont happen sometimes it may happen once, it could happen 3 or 4 times at random intervals in a 20 minute period, the sensor also monitors the response time for RDP and it just seems to timeout. We have a sonicwall firewall in between the server and the outside world. I have tried changing the connection properties on windows firewall as well and other suggestions don seem to apply to my environment. Would anyone have any suggestions.
Kind Regards
Ben
We have Remote Desktop published through Web Application Proxy, both running on Server 2012 R2.
The RDS application in WAP is configured for pass-through authentication so users can connect from both Windows and non-Windows ("rich apps" on Android/iOS/Mac) devices. This has been working for the past few years without issue.
After installing recent update KB4534309 (or the rollup that contains it, KB4534297), the non-Windows clients are unable to connect. They show error 0x3000008 during the "initiating remote connection" phase:
We couldn't connect to the gateway because of an error. If this keeps happening, ask your admin or tech support for help.
Has anyone experienced this or figured out a way to fix it?
Hello.
I heard that phrase before "There is no stupid questions, only stupid answers". I am going to challenge it.
Here is a stupid question that I came up with and I do not remember seeing it asked or answered!
Our techops need to have simultaneous access to administer certain application servers. Until now, they used direct RD connections that limited them to 2 simultaneous sessions. I have deployed server 2016 RDS infrastructure, installed RD Session host roles
on those applications servers, that they managed, placed them in one collection, installed User CALs and voila. The techops add RDS gateway in the RD properties and happily connect to the servers.
Have I achieved the requested goal?
What did I just give them - an environment which they can now use as remote users (aka VDI) or the way to have more than 2 simultaneous connections or the combination of the 2 ? Which option for a session type would be better: pooled desktop session
or personal desktop session?
Thank you.
Hi
I have a 2008 R2 TS that I need to stay around for a few more weeks. Trouble is that is was pointing to a 2008 TS license server that was decommissioned recently. I have the license agreement info and I would like to point this TS server to itself for CALs.
No users are getting denied right now, but I want to be sure that won't happen.
TYIA
I'm not sure why remote desktop services role services fails to install. Failed message says. "Unable to install role services. ArugmentNotValid. The role, role service or feature name is not valid. 'rds-connection-broker' The name was not found."
Remaining installs for remote desktop services were cancelled. Retried a number of fixes...all failed. Any help is greatly appreciated.