Quantcast
Channel: Remote Desktop Services (Terminal Services) Forum
Viewing all 27656 articles
Browse latest View live

Set-RDPublishedName Change published FQDN & now not connecting at all

March 9, 2020, 1:02 pm
$
0
0

Broker on Server 2019, domain (sadly) ending in .local

RDS Farm setup (PoC):

Server1=Broker

Server2=GW/Web

Server3=Session Host

Single SSL 443 port opened in external firewall (pointing to GW/Web server)

So with wildcard certificate I was getting certificate mismatch error

Used Set-RDPublishedName.ps1

I do have a DNS A record on the internal network pointing to the private IP address of my broker - RemoteResources.domain.com

Connecting to Web Access, download the .rdp file & then I get an error that client cannot connect to RemoteResources.domain.com

[Window Title]
Remote Desktop Connection

[Content]
Remote Desktop can’t connect to the remote computer "RemoteResources.domain.com" for one of these reasons:

1) Your user account is not listed in the RD Gateway’s permission list
2) You might have specified the remote computer in NetBIOS format (for example, computer1), but the RD Gateway is expecting an FQDN or IP address format (for example, computer1.fabrikam.com or 157.60.0.1).

Contact your network administrator for assistance.

[OK] [Help]

Seb


Search

Issue with adding to existing RDS

March 9, 2020, 10:07 am
$
0
0

Hello

We have a Server 2012R2 running as our Remote Desktop Services server.

It has these roles installed:


We need to expand this single server in to a farm, but when I look at the Server Manager Overview page I see just this:


Where as my understanding is it should look a little more like this image I found on the internet:


I believe that as a result of this I’m unable to either publish apps nor add extra Session Hosts. For instance, if I run the ‘Add Roles and Features Wizard’ then select ‘Remote Desktop Services Installation’, followed by ‘Standard Deployment’ I get this error:


Something isn't right, but I can't see exactly what.

UNLIMITED RDP AND FILE SHARING IN WINDOWS SERVER 2016 STANDERD EDITION

March 17, 2020, 2:47 am
$
0
0
UNLIMITED RDP AND FILE SHARING IN WINDOWS SERVER 2016 STANDERD EDITION , HOW DO I CONFIGUGRE MULTIPULE SHARING IN WINDOWS SERVER 2016 STANDERD VERSON.

Printing with autentication from RDS server

March 18, 2020, 10:53 am
$
0
0

Hello,

I have the following problem in this moment. I have a windows server 2019 with RDS role install and configurated, when i try to print to a printer that need windows autentication (my login session) that is in a other print server i get a windows that ask me to put my credencial (login and password), i put my credencial and do ok and i get windows warning with the message "Entered [Login User Name] or [Login Password] is different. Enter correct [login User Name] or [Login PAssword]."

And i dont pass from this step. If i do this test with a user session that have local administration permission in the RDS server i have no problem to print the document.

What is the problem with the users session that dont are local admin of the RDS server for printing? Can someone help me?

Thanks

Best Regards

How can I force a fixed group of Users to connect alwais to a certain Session Host and another group of Users alwais to another certain Session Host ?

March 21, 2020, 2:18 am
$
0
0

In a Windows Server 2016 RDS Session-based desktop deployment, until now I have one only RD Session Host named RD01.

All RDS roles are managed by this server:
- RD Connection Broker
- RD Session Host
- RD Licensing
- RD Web Access

All User's data are stored in the C:\Users folder located in the RD01 (RD Session Host). It is not a share folder.

Now I need to move some Users on a new RD Session Host named RD02.

My goal is to have some Users that still connect with RDS client to RD01 and some Users that connect to the new RD02.
I can manually move the Users's data from RD01 to RD02 for the migrating Users.

My problem is that I can't understand how can I force a fixed group of Users to connect always to RD01 Session Host only and the rest of Users alwais to RD02 Session Host only.

The old RD01 and the new RD02 Session Hosts have their C:\Users folder, not a share.

Please can someone help me?

Thank you in advance,
Ivano C.

Ivano Carrara

RDP with SSL Certificate Issues

March 2, 2020, 7:05 am
$
0
0

Our server is configured with Secure RDP certificate from an Internal CA.

When we connect to the servers it works flawlessly from the old Remote Desktop application (mstc.exe), but when trying with the New Remote Desktop App (Windows Store) and iOS devices (even though the CA and Subordinate CA were successfully imported as a Profile and granted full trust on the devices, it reports certificate issues before connecting!

from the computers it says: "It might not be safe to connect to this PC: certificate revocation unknown"

from the iOS devices it says: Not Verified"

Both shows the proper certificate (with the correct thumbprint)

Any help would be greatly appreciated!

Windows Server 2019 RDS Deploy in Workgroup without AD

March 23, 2020, 11:25 am
$
0
0

Hi,

I have Win Server 2019 Standard standalone (No Domain or No Active Directory). i am planning to deploy Remote Desktop Service on it to connect multiple RDP concurrent connection from clients. 

1) Is license is must to have done this for around 20 users ?

2) if yes what type of license do i need to order ?

3) can i get an evaluation period to test this with 20 users until i get licensed ?

4) step to implement this ?

Thanks

Microsoft RDP Store App and RDS Remote Desktop Connectivity

March 20, 2020, 2:18 pm
$
0
0

Hello,

We have a RDS environment with very few published apps.  Most of the use case is for someone to use their home PC to connect back to their work desktop to do work remotely.  It's simple, it works, and we've been doing it for years.  See the screenshot below.



With recent events, wee're having a lot of staff working for home, with more and more staff are needing to do this.  Up to this point, only Windows-based laptops/computers have been supported.  We're having more and more requests to use Chromebooks or MacBooks as that is what some staff use for personal devices.  It could even be iOS or Android devices as well.

Can the Microsoft Remote Desktop App from each respective app store allow staff to connect back to their work desktop PC?  Maybe there is a better way to allow Chromebooks or MacBooks to reach the office PC?  Please advise if so.  Because we are not using a split-tunnel config, no VPN client is used by the staff working from home on personal devices...Only staff with agency issued devices have the VPN client installed.

Below is the app I am referring to...

Microsoft Store:  https://www.microsoft.com/en-us/p/microsoft-remote-desktop/9wzdncrfj3ps?activetab=pivot:overviewtab

Google Chrome Store/Android:  https://play.google.com/store/apps/details?id=com.microsoft.rdc.android&hl=en_US

Mac App Store:   https://apps.apple.com/us/app/microsoft-remote-desktop-10/id1295203466?mt=12

Rory Schmitz

Search

RD Gateway Firewall Setup Question

March 23, 2020, 1:29 pm
$
0
0

Hello,

   I was reviewing this Technet forum thread in addition to other articles, and from what I understand, I do not need to set up the firewall rules on my external firewall for my RD Gateway server as a terminal server(TCP port 3389), but only as a web server(TCP port 443 and possibly UDP port 3391).

"Firewall rules for the path between the external network and the perimeter network (Ports that need to be opened on the external firewall):

·         Port TCP:443 should be opened for allowing HTTPS traffic from the client sitting on the Internet to the RD Gateway server in the perimeter network.

"

https://social.technet.microsoft.com/Forums/windows/en-US/a241a5be-e39d-4dfc-a513-e4f83c4dc906/rd-gateway-ports-and-certificates?forum=winserverTS

________________________________________

This article adds UDP port 3391 in addition to port 443:

https://blog.alschneiter.com/2015/10/28/rds-rd-gateway-ports/

_____________________________________________________

Please clarify. thank you,

Brian

Redirected printers not showing in Devices and Printer - unable to change defaults

September 13, 2016, 6:00 pm
$
0
0
We have a Windows Server 2012 Remote Desktop Server and are having problems with redirected printers on it. The problem occurs for users running the RDP client from Windows 7, 8 and 10.

Users are connecting over a WAN connection and are needing to print to their local network printers. The printers are connected successfully to their local workstations, and the option to redirect printers is selected in the RDP client. When users remote connect to the server the local printers show as available from within an application, such as Word, and they can print successfully using them, however they don't show in the Devices and Printers in the remote desktop session.

The problem is they want to change the default settings on the printer to be single-sided B&W and the default is Auto-color, double-sided. This can be changed manually from within the application but it doesn't stick once they log off and back on again.

Following the recommendation from this link:  https://support.microsoft.com/en-us/kb/243942  I was able to change the defaults by going to the redirected printer in Devices and Printers and making the change under both Printing Preferences and Printing Defaults on the printers, then waiting for at least a minute before logging off and the settings are persistent for that user through a logoff and back on again.

We had major printing issues with this server and printers when using the Windows Easy Print driver as they constantly randomly never printed jobs, and Microsoft Support concluded we needed to disable using Windows Easy Print drivers first and load matching drivers on both the local workstation and the server. This resolved the problems they had re the non-printing, but it meant changes to the default settings had to be made on the redirected printer as above, as changing them on the local printer doesn't carry through the redirection.

I was able to configure the redirected printers at the time as they showed up in the Devices and Printers, but for some reason they don't any more. The changed defaults have stayed persistent for users that the change was made on, but they now want it made for new users. Also checking for existing users they no longer have the redirected printers showing up in Devices and Printers either.

There have been no changes to the server that I am aware of that would cause the printers to no longer show up. Directly attached printers show up OK, just not the redirected printer. Checking the device manager does show the print queue for the redirected printer, and as mentioned earlier, it's available to print to.

I thought perhaps copying the registry configuration of a working configured printer and loading that each time a user logs on to the Remote Desktop Server might be an option, but the redirected printers change the redirection number each time so they wouldn't match.

Any thoughts or suggestions about how to either get the redirected printers showing up again, or configure them for persistent defaults would be greatly appreciated.


Failed to connect via RD Gateway Server - CredSSP authentication

March 22, 2020, 11:16 pm
$
0
0

Hi,

We get a number of users complaining that they are not able to connect to their work workstation via RD Gateway Server (Running on Windows 2008R2).

From Event Log, I get the following error message

A CredSSP authentication to TERMSRV/XXXX failed to negotiate a common protocol version.  The remote host offered version 2 which is not permitted by Encryption Oracle Remediation.

I have looked up the web and it appears that they failed as they haven't applied the latest Windows Update patch on their home machine.  Is it correct ?

Cheers

Need Liscence Guide RDP Services with New Server.

March 18, 2020, 9:28 pm
$
0
0

Dear Team,

Currently I have configured One Server with All RDS Services roles on one Server.

Server-1

RD-WEBACCESS

RD-GATEWAY  (siterds1.sukkur.com)

RD-LISENCING

RD-CONNECTION BROKER

RD-SESSION HOST.

Note: I have RDP CALs Lisencne .

All are working fine with Internal & External users that they working perfectly fine..

Now I want to configure new Server with for publishing new RD-WebAccess for (siterds2.sukkur.com)

Please guide me which things should i need to consider regarding ...

Should I configured with existing RDS ?

Should I need Extra Liscen for RD-Gateway?

I have SSL Certificate installed @ (siterds1.sukkur.com) so should i used that on second server?

Please guide me about whole things.. so that manage it easily ..

Thanks in Advance 


Updating Expired Passwords on Wyse 3040 ThinOS 8.6_206

March 23, 2020, 4:43 pm
$
0
0
We have a number of Wyse 3040's running ThinOS 8.6_206.

The users of these devices are reporting that once their password has expired, they are then not able to update the password without resorting to calling the helpdesk for help.

Researching this I found a number of threads that suggested disabling NLA.
Is this my only option? If at all possible I would rather not disable security features to enable this.

I also noted some references to using RD WebAccess to redirect to the password reset website. Though my understanding of this is that it would only work whilst connecting from a full OS with a proper web browser. Am I understanding this correctly?

I will certainly be trying to manage this from the user side as well... But at the same time would like a technical fix if at all possible.

Any insight into this would be greatly appreciated.

What Ports for RDS Gateway in DMZ?

March 3, 2020, 7:14 am
$
0
0

Hi Everyone,

I'm really struggling with this one.  I have moved my RDS gateway and Azure MFA/NPS servers from the LAN into the DMZ.  I now have firewall rules issues, as when the firewall is open everything works great, but I need to lock it down to only the required ports.  Does anyone know which ones to open.  I've tried 443/3389/RPC and a bunch of others but unless I open everything it fails.  In fact, I don't even get the MFA call from Microsoft so it's failing at the first step.

Servers in DMZ

GW1

GW2

NPS1 (Azure MFA plugin installed)

NPS2 (Azure MFA plugin installed)

RODC

Thanks!!!!

How can I force a RemoteApp file to request credentials when launched (Windows 10)?

March 20, 2020, 8:40 am
$
0
0

How can I force a RemoteApp file to request credentials when launched?

I have an .rdp file that I use to launch a remote app.  I entered credentials for one account and launched it.  Then closed it.  Now I need to launch it with a different account.  But when I dble-cick the file, it launches with the prior credentials and doesn't ask me for any.  How can I force it to ask me for credentials?  I went to Control Panel\User Accounts\Credential Manager and don't see an entry in there for my RemoteApp, so I can't delete them there.

Thoughts?

Search

Upgrading RD Services to 2019

March 23, 2020, 6:59 am
$
0
0

I am getting the following error when I try to upgrade an RD Virtualization Host from 2016 to 2019.  this is from the Scanresults.xml

Id="RdsUpgCheck.dll_RdsUpgradeComplianceCheck"><CompatibilityInfo BlockingType="Hard"/><Message Text="You have the Remote Desktop Virtualization Host (RDVH) role installed on this server. After you upgrade, you won’t be able to add the RemoteFX 3D video adapter to virtual machines."/><Action Name="Dismiss"

Google does not return much on this error.  I am doing it this way because it will not allow us to add a 2019 RD Virtualiztion Host to our deployment and I can find to useful errors in the event logs. 

We are trying to upgrade our RD Services from 2012 R2  to 2019. Specifically we are migrating our of RD Virtualization hosts to new hardware on Windows 2019. We have already upgrade the RD Broker to 2019, the RD Web and Gateway are on 2016. 

The upgrade procedure was falling so I loaded Windows 2016 on the RD Virtualization hosts and was able to successfully add the host to our current RD Broker. I then thought I would in-place-upgrade the RD Virtualization host to 2019 but if fails the checks with the error above. 

Todd



How to disable TLS 1.0 and 1.1 in Terminal Server ?

March 19, 2020, 9:24 pm
$
0
0

Hi,

Just get a request from auditor to disable TLS 1.0 and 1.1 for Terminal Server running Windows 2008R2.

May I seek your advice how to disable it ?

Thanks

Additional License for RD Gateway Server (Windows 2008 R2)

March 16, 2020, 8:52 pm
$
0
0

Hi,

We are currently running Terminal Server on Windows 2008 R2 Server. 

Management would like to add another 200 licenses (In addition to current 15 one).

Just would like to seek your advice that can the latest license of RD Gateway Server be applied to Windows 2008 R2 Server ?

Thanks


Black Screen After Logout

March 19, 2020, 5:18 am
$
0
0

Hi,

Is it a bug in Win 2019 RDP Services that shows black screen for a few seconds after users log out? Is there any solution?

Thanks.

Remote desktop users groups members unable to authorized for domain users

March 19, 2020, 5:08 am
$
0
0
The connection was denied because the user account is not  authorized for remote login.  error when accessing the remote desktop form domain users.
Viewing all 27656 articles
Browse latest View live
Search