Quantcast
Channel: Remote Desktop Services (Terminal Services) Forum
Viewing all 27656 articles
Browse latest View live

RDS Gateway not working for trusted domain users

May 29, 2020, 1:33 pm
$
0
0

So i will try my best to describe how my current setup is working. currently we have a local domain for our development team called dev.local and we have a oneway trust with our domain company.com which allows company.com users to log into dev.local machines. I have created an RDS server in dev.local but unable to have users to log into RDS as company.com users when not in the network. 

I have created a Group in Dev.local where i have all of the company.com users to be in and granted them access to the collections.

machines

rds.brk.dev.local has the gateway,broker, web, and license roles running windows server 2019

rds-01.dev.local is one of the remote app server (this belong to US collection) windows server 2019

rds-02.dev.local is the second remote app server (this belong to Canada collection) windows server 2019

we are using a certificate which is a wildcard from company.com so our public FQDN is devrds.company.com and all servers have the wildcard cert. 

If in the company.com network i am able to log in to remote apps with dev.local or company.com users without any issues. 

if i am outside the network i am able to login as dev.local users but not with company.com users as i get this error and users are able to browse the web url and see the apps in the portal from outside the network.


Can anyone help me as to why this isnt working correctly for company.com users outside the network?

Search

Microsoft Excel Cut Command Confusion

May 14, 2020, 2:46 am
$
0
0

Hey!

I hope you all are doing well.

Actually I was observing this issue for quite a long time. I use excel a lot and every time when I cut

or copy something, the feedback is same. Its always same and confusing and I just have to confirm whether I'm using the cut command or copy command.

Kindly fix this issue. When we use cut command, the text should just turn lite or something like that as it happens at other places. In excel, if you cut or copy something, the software feedback is just same.

Thanks


RDS 2019 RemoteApp AAD Joined Win10 credential issue

May 29, 2020, 2:13 pm
$
0
0

Greetings,

I'm looking to migrate an old RDS infrastructure to a more modern one. For this project we would like to dissociate notebook clients from the Internal AD and use Azure AD for them. I'm running in an issue with what seems to be the credential delegation part of the RDP connection. I am being prompted the user password when launching the application. If I type in type password the application launch just fine. 

I have followed these guidelines and defined "TERMSRV/*" in my delegation policy for diag purpose:

https://docs.microsoft.com/en-us/archive/blogs/mrsnrub/remote-desktop-services-websso 

My AAD Joined Windows 10 session is able to access protected Shares from my local AD without having to do anything.

The same RDS setup accessed with an AD Joined Win10 (same version, image from Azure) works properly, the credential delegation works on this setup, the password is not being requested. I have also forced the use of the RDS Gateway so that the AD client would use the same path as the AAD one.

This threads hints that it should have worked. Note that I'm not looking for the full SSO experience, just not having to enter the password when launching different applications.

https://social.technet.microsoft.com/Forums/en-US/710eca14-e2f3-45e4-a6c8-734915f83b7b/rdweb-sso-experience-with-azure-ad-join-clients?forum=winserverTS

I'm basically looking for pointers on where to look at, is there any traces that can be enabled that would give a reason to why the credential are not being pushed. Am I trying to do something that should not work?

Thanks for your input,
Dominic

Unable to connect to RDS 2012R2 farm after Windows 10 2004 upgrade

May 30, 2020, 12:53 pm
$
0
0

Hi,

some of our users after the upgrade from Windows 10 1906 to 2004, are unable to connect to a RDS Farm (2012R2, a number of sessions host, 2 broker and  2 gateway).

When the user try to use the rdp file for the connection, the remote desktop client asks for the credential then it shows:

- Initiating remote connection...

- Preparing the destination computer...

- Securing remote connection...

After a while the client shows the following error:

Looking in the event viewer, the following warning / error are displayed in Microsoft-Windows-TerminalServices-ClientActiveXCore EventLog:

ProviderName: Microsoft-Windows-TerminalServices-ClientActiveXCore

TimeCreated                      Id LevelDisplayName Message
-----------                      -- ---------------- -------
5/30/2020 8:49:59 PM           1033 Error            Component name:CheckInternetConnectionTask, :: 'Connection-to-server is alive. Server checked: https://xxx.yyy.it' in CheckInternetConnectionTask::ExecuteTask at 3707 err=[0x0], Error code:0x0
5/30/2020 8:49:59 PM           1033 Error            Component name:CheckInternetConnectionTask, :: 'Internet-connection is alive. Server checked: http://www.microsoft.com' in CheckInternetConnectionTask::ExecuteTask at 3693 err=[0x0], Error code:0x0
5/30/2020 8:49:59 PM           1026 Information      RDP ClientActiveX has been disconnected (Reason= 50331656)
5/30/2020 8:49:59 PM           1033 Error            Component name:CAATunnel, :: 'Cleaning up CAATunnel' in CAATunnel::~CAATunnel at 121 err=[0x80004005], Error code:0x80004005
5/30/2020 8:49:59 PM           1033 Error            Component name:CAAHttpClientTunnel, :: 'm_pChannel->OnReadComplete failed' in CAAHttpClientTunnel::HandleReceiveDataComplete at 2942 err=[0x800759d8], Error code:0x800759D8

Other windows / mac / linux client works without problem.

Any help is really appreciated.

Thanks in advance.

RDP Error

May 30, 2020, 11:26 pm
$
0
0
Windows Server 2012 R2 RDP users recieving error " An internal error has occured" repeatedly before they are allowed to get connected. This happens every time and is quite frustrating. Does anyone have fix to this issue ?

Periodic long response times with 300+ processes running

May 19, 2020, 7:25 am
$
0
0

Hi

We manage a few virtualized windows systems running a mix of windows server 2012R2 and windows server 2019

These are rather small deployments with 2-12 users.

All servers are deployed equally and have the following software installed

 - Active Directory Domain Services (The server acts as a domain controller for the users on the server)

 - Remote Desktop Services Connection Broker

 - Remote Desktop Services Session Host

 - Microsoft SQL server

 - Microsoft Office 2019 (SPLA)

 - Microsoft OneDrive for Business (Server 2019 VMs only)

Each customer has their own virtual server running the above software and the server runs AD for that specific customer only

I do know that this kind of setup is not officially supported by Microsoft, but it worked fine for Windows SBS solutions previously.

The installed versions of SQL server is 2012 SP4, except for one of the server 2019 instances where we have SQL server 2017 installed. The SQL server 2017 is a standard edition, while the others are express editions.

What we are experiencing, especially on the VM with server 2019 and SQL 2017 is that when windows has more that 300 active processes, it starts to give periodic slow downs where basic tasks like sending email, saving excel sheets or invoicing from their accounting software becomes unresponsive. A couple of minutes later, everything is back to normal for 5-10 minutes after which it all starts over again.

As the issue is most easy to reproduce on the server 2019 with SQL 2017, we have focused our current troubleshooting to here. In Microsoft terms this is still a rather small deployment with only 12 active users on the same server at once.

Until now we have tried to increase the resources given to the VM, which normally runs absolutely fine with 4 CPU cores and 24GB of RAM. As we saw a lot of processes sitting and waiting for response for either Exchange Online or Sharepoint Online, we recently increased this to 6 CPU cores to have additional resources available to handle these processes. With either 4 or 6 CPU cores, the users had these slow downs for about 15-25 minutes, but as of yesterday we increased to 12 CPU cores and are now at the cases experienced earlier with contious slow downs over a couple of minutes each.

We have already ruled out a disk performance problem as all virtual machines are running on mirrored nVME setup. From monitoring the storage we can see that there is no queue and no delays on the disks when the slow downs occur.

My theory at the moment is that Windows has a hard time dealing with the 300+ processes and throwing more CPU resources at the problem would not solve anything. But at the same time it seems a bit overkill to split a 12 user system into more servers

Does anyone have similar issues or experience with comparable strange slow downs?

Window Search issues - Windows 2012 R2 RDS session host

August 21, 2014, 6:04 am
$
0
0

Hi

I have a problem with a Windows 2012 R2 U1 RDS host session server.
Server is updated with latest updates.
Office 2013 32bit is installed per best practice.
Several other softwares are installed as well.
Installations was made using "change user /install"
Several GPOs are in place to restrict user from doing things like se drives start, Not run any exe files that are not allowed etc.
It is only one server and all userprofiles are local.
Outlook is used with cached exchange mode.

To the actual problem. Intermittently and with no pattern something happens that are related to "Windows Search" service.
The symptoms are one, or more, of the following.
1. Some or all icons on desktop become white.
2. Open My Computer freezes for about a minute up to a couple of minutes showing nothing.
3. Search doesn't work.
4. Tiles on the start screen becomes unresponsive and I cannot search here either. I have to logon into another session and either kill explorer.exe
   for the frozen user or restart Windows Search service.

When this happens it is like this for everyone and restarting Windows Search service clears it every time.
I also get Event ID 10023 and 10024 with Source Search.
I have tried to rebuild the index to no avail.
I get the notion that it has something to do with .OST files but I'm not sure of this.
The only thing that can be confirmed is that the error happens a lot more when there are more users logged on.

There are no other addins in Outlook other than standard.

Anyone have any ideas how I can continue troubleshooting this?

Problems with search service on Server 2012 R2 RDS.

July 12, 2017, 2:15 am
$
0
0

The issue described:
Intermittently and with no pattern something happens that are related to "Windows Search" service.
The symptoms are one, or more, of the following.
1. Some or all icons on desktop become white.
2. Open My Computer freezes for about a minute up to a couple of minutes showing nothing.
3. Search doesn't work.
4. Tiles on the start screen becomes unresponsive and I cannot search here either. I have to logon in another session and either kill explorer.exe for the frozen user or restart Windows Search service.

Office 2010 32bit is installed per best practice. Several other softwares are installed as well. Several GPOs are in place to restrict user from doing things like se drives start. It is only one server so all profiles are local. Outlook is used with online mode (not cached mode).

I get the following warning's in event log:

RD0110023 WarningMicrosoft-Windows-SearchApplication12-07-2017 09:52:51
The protocol host process 10716 did not respond and is being forcibly terminated {filter host process 4636}. 
RD0110024 WarningMicrosoft-Windows-SearchApplication12-07-2017 09:53:21
The filter host process 4636 did not respond and is being forcibly terminated. 


Search

The remote session was disconnected because there are no Remote Desktop License Servers available to provide a license

February 28, 2016, 6:24 pm
$
0
0

Hi, 

I'm facing this error "The remote session was disconnected because there are no Remote Desktop License Servers available to provide a license." while connecting remote desktop to the server (Windows Server 2012 R2).

Licensing mode was already configured, licenses were already installed and License Server was activated. But I still got errors in Licensing Diagnoser - Err 1. The licensing mode for remote desktop session host server is not configured, Err 2. The grace period for the remote desktop session host server has expired....

Any of my installed licenses are not issued to anyone. I have both Device and User CALs installed. I tried both and none is working.

Please advise how to solve this issue. As per advices from several forumns, I tried to delete "GracePeriod" registry Key but I cannot delete as Access was Denied! Please help. I've been struggling this for several weeks and none of the online tutorials seems to help me in this case. I followed following articles for Installation and configuration.

https://msfreaks.wordpress.com/2013/12/09/windows-2012-r2-remote-desktop-services-part-1/

http://www.wackytechtips.com/installing-and-configuring-remote-desktop-services-rds-on-windows-server-2012/

Thanks in advanced.

RDS 2016 - UWP, iOS, Android and Mac OS X Microsoft Remote Desktop Manager cannot connect to URL

January 28, 2020, 3:05 am
$
0
0

About two weeks ago, the UWP, iOS, Mac OS and Android versions of Microsoft Remote Desktop Manager all stopped working for our RDS environment externally; previously, users were able to use this application externally and internally without fault.  If the users access our RDWeb/Pages/en-US/default.aspx and use classic MSTSC to open RemoteApps then this works externally.

When plumbing in the correct feed details to the apps we get (iOS, Mac OS) 'no workspace is associated with this URL site'.

We are using Windows Server Datacenter 2016 across the board with 2 servers acting as Gateways, Licensing, Broker and Web Access with a further 6 acting as session hosts.  All have been updated including the most recent crypto hotfix (approximately when the whole thing stopped working).

The route external users take would be:

External DNS entry - ADFSWAP - Gateway - Broker - Session Host

The following error can be found in the logs on our gateway servers:

- <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System><Provider Name="ASP.NET 4.0.30319.0" /> <EventID Qualifiers="32768">1309</EventID> <Level>3</Level> <Task>3</Task> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2020-01-28T09:09:11.513985500Z" /> <EventRecordID>135104</EventRecordID> <Channel>Application</Channel> <Computer>##gateway computer##</Computer> <Security /> </System>
- <EventData><Data>3005</Data> <Data>An unhandled exception has occurred.</Data> <Data>28/01/2020 09:09:11</Data> <Data>28/01/2020 09:09:11</Data> <Data>b06bd32f8e5749749acc0c7da21c3816</Data> <Data>78</Data> <Data>13</Data> <Data>0</Data> <Data>/LM/W3SVC/1/ROOT-1-132246739255801381</Data> <Data>Full</Data> <Data>/</Data> <Data>C:\inetpub\wwwroot\</Data> <Data>##gateway computer##</Data> <Data /> <Data>7564</Data> <Data>w3wp.exe</Data> <Data>IIS APPPOOL\DefaultAppPool</Data> <Data>HttpException</Data> <Data>A potentially dangerous Request.Path value was detected from the client (:). at System.Web.HttpRequest.ValidateInputIfRequiredByConfig() at System.Web.HttpApplication.PipelineStepManager.ValidateHelper(HttpContext context)</Data> <Data>https://fqdn:443/https:fqdn/api/feeddiscovery/webfeeddiscovery.aspx</Data> <Data>/https:/fqdn/api/feeddiscovery/webfeeddiscovery.aspx</Data> <Data>##Internal IP##</Data> <Data /> <Data>False</Data> <Data /> <Data>IIS APPPOOL\DefaultAppPool</Data> <Data>26</Data> <Data>IIS APPPOOL\DefaultAppPool</Data> <Data>False</Data> <Data>at System.Web.HttpRequest.ValidateInputIfRequiredByConfig() at System.Web.HttpApplication.PipelineStepManager.ValidateHelper(HttpContext context)</Data> </EventData></Event>

Anyone got any ideas?  The above has had some data annonymised for security.


Print Redirection - Single User Failure

May 14, 2020, 6:18 am
$
0
0
We have a single user who is unable to print locally to network connected printers from the TS. The uer's RDC settings have print redirection enabled. There are no error messages on either printer; the printers wake but don't print. The print service log shows no errors either, however once I started digging the default printer is cycling through all the network printer almost every minute from approximately ^6am to 8pm daily for as far back as I can see. (Evernt ID 823) I'm honestly not sure if that's normal but I would imagine its not. If anyone could offer a suggestion of what to try next, or if I should look further into the 823 event, I'd appreciate it.

Can't connect to RDS farm from Server, from Win10 ok

May 14, 2020, 8:36 am
$
0
0

Can't connect to different 2019 RDS farms from the RD Web Site launched from a server OS. The connection hangs on starting for minutes, before getting a general error that the connection can not be established.

Have this problem from several server OS (2012 R2, 2019), and have tried different browsers. Have not this problem when connecting from a Windows 10 client, so it must be something with the Remote Desktop Connection App on all server OS.

Thank you in advance for any hint or advice.

Franz

Remote Desktop client doesn't exit

May 14, 2020, 9:06 am
$
0
0

We have a remote desktop infrastructure with multiple Brokers and Gateways that redirect connections to a pool of servers. All of the servers are Windows Server 2019. After a user logs off of their session that was connected through the gateway, the rdp client never exits and stays at a black screen.

Is there a solution to this issue?

Thanks

A couple of my servers will not save at the end of day

June 1, 2020, 4:17 am
$
0
0

Hello all,

I have some remote desktop services servers that enable me to access workers computers for repairs. Inside of server manager every day I have to re-add my three RDS servers, they never save from day to day. Does anyone know a solution to this?

RemoteApp GPO is not applying for users without local admin access

January 30, 2017, 4:53 am
$
0
0
My organization is planning on deploying AX 2012 R3 Client via RemoteApp for all our users. I am currently testing this out with RDS installed on a single Windows 2012 R2 Server, but in the future I will set up a new Server 2016 RDS environment for this.

I am having issues publishing the RemoteApp URL via GPO to my users. It will only work if the user has local administrator access on their PC. This cant be how it's supposed to work? I am planning on deploying this to hundreds of users! If the user manually adds it into the Control Panel Item it works. They are asked to log on once, and they just use their own credentials and it works fine.

The event log tells me this. "Windows failed to apply the {4D2F9B6F-1E52-4711-A382-6A8B1A003DE6} settings. {4D2F9B6F-1E52-4711-A382-6A8B1A003DE6} settings might have its own log file. Please click on the "More information" link."

Notes:
- I have figured out that the GUID the RemoteApp settings.
- The GPO shows up as an applied GPO in gpresult /h.
- I am sure I have seen the error "access denied" somewhere but I cant remember where now.

Reference to this thread where another admin had similar issue: https://social.technet.microsoft.com/Forums/windowsserver/en-US/21362dc1-24be-48ff-8447-2ca80d068d8c/rds-remoteapp-url-gpo?forum=winserverGP#21362dc1-24be-48ff-8447-2ca80d068d8c

Anyone have a clue of what may cause this? Why does this only work for users with local administrator access? Is there maybe some other GPO that blocks it?
Search

Microsoft Remote Desktop for Apple MAC by passing session host?

June 1, 2020, 5:15 am
$
0
0

I have RDS farm deployed on server 2019. We have published remote desktop app so that the users can remote on to their work PCs from home. This works fine for windows and mac users from home. 

For windows users I can see the session on one of the session host servers, but for Mac users using the "Microsoft Remote Desktop" app i can't see the session.

Also we have applied the setting so that users cannot copy and paste to and from the remote PC but this doesn't get applied to the Mac users. Is there a way to disable copy paste?



RDS Connection Broker for a Physical Machine Pool (Computer Lab)

May 15, 2020, 5:20 am
$
0
0

Hello,

We have a potentially unique use of RDS to broker/load balance the connection to a 30+ physical (not vms) windows 10 machines pool (educational computer lab). The intent is to have individuals interface with the RDS broker, which will connect them to an available Windows 10 machine. What we'd like to avoid, is publishing IP/HOSTNAME of all available computers in the lab and have individuals manual cycle through each until they find availability, or to assign groups to a single machine, as this seems to be an administration nightmare.

Is this possible with RDS, as I've unfortunately not been able to find anybody asking a similar question? Is it as simple as using the redirection function to a VM pool, but pointing it towards a physical machine pool?

Any resources are appreciated, as well as any other methods of achieving the intend connection brokering to available machines.

Thank you,

J

Slow Remote App Launch due to CRL Checking - Fix?

May 29, 2020, 1:25 am
$
0
0 
Server 2012 RDS Deployment.
Users have been facing slow remote app launches for months, so when they first log-in to RD Web and launch a remote app for the first time, it will take around 2-4 minutes for the app to open.

After spending hours on this , I have found that when logging in for the first time of the day or first time in a while, the Remote Desktop Gateway and RD Broker are trying to access the internet to check Certificate Revocation status using port 80. We do not allow outbound connections to the internet on port 80, so there are around 5/6 processes each time we log-on for the first time trying to reach the internet via HTTP, we then need to wait for these to time out one by one before the app launches.

I have seen this first hand, right after the processes timeout, the app launches.

I have found this document on MS, which seem to suggest to disable CRL checking, but this did not work.

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd883258(v%3dws.10)

I guess my question is, how do I turn this off when using Remote Desktop Services as it is causing a major delay in log-on times, we do not want to open up outbound access on port 80.
I have yet to see a sold resolution to this question asked on technet either. 

Remoteapp slow on RDS Server 2019

May 28, 2020, 7:05 am
$
0
0

Ok so after battling a few config options I finally have a new RDS environment running. Its on Server 2019 hosted in Azure, sitting behind an Azure WAF v2, with MFA authentication on the Gateway (using NPS extension). 

So evrything is working now, users can connect and all is behaving as it should, except for a small few users who are experiencing performance issues with slow performance, but only with published Remoteapp's. 

Just to confirm, the RDS servers are all very high spec and none of them are remotely approaching resource limits (none even going above 40%). Also one of the test machines experiencing performance is my own Desktop, an AMD Ryzen 9 3900X CPU with 64gb ram, 11gb RAM video card. Im pretty certain the local resources on this desktop are not a problem. However if I try to connect to a published remoteapp the redraw rate is very bad and it appears as if the connection is very laggy. Yet, it I connect to a remote desktop session (same environment, same servers, same everything) the performance is lightning quick. This lag only occurs with remoteapp.

Also to confirm its not a connection speed issue. I have 3 other Windows 10 devices here and performance on remote app and remote desktop session is fine, so theres no bandwidth issues from where Im connecting from.

If it helps, the clients experiencing issues are all Windows 10, fully patched and latest W10 build. However there are many other devices also W10 same build, same patch level that are fine. 

Has anyone experienced this before with Remoteapp's? Any suggestions?

RDWeb - HTML client works for only 2/3 session hosts in the farm!?

June 2, 2020, 1:12 am
$
0
0

Hi All,

My RDS Farm setup is setup as follows...All servers are Windows Server 2019 STD.

Office Subnet...

  • RDSCBLS - Connection Broker, Licensing Server roles installed.
  • RDSWEBGW - RDS Gateway, RDWeb Server roles installed.
  • RDSSH01 - RDSSession Host role installed - RDP server for users to RDP into the office network.
  • RDSSH02 - RDSSession Host role installed -  RemoteApp host server hosting 2 remote apps

DMZ Subnet...

  • RDSSH03 - RDSession Host role installed - RDP server for users to RDP into the DMZ network.

The "legacy" RDWeb portal works a treat, everything connects and my users can work 100%.

Yesterday I decided to install the new HTML Client. I successfully installed version 1.0.21.0

I can successfully connect to the RDSSH01 & RDSH02 resources but not the RDSSH03 resource. I get a certificate error...

The Connection Broker certificate is trusted and successfully imported, RDSH01 launches a full RDS desktop 100%, RDSH02 launches it's RemoteApps 100%, but RDSH03 persists on giving me this error!?

What have I tried?

  • Entirely cleared browser cache, history and cookies - no dice!
  • Tried an entirely new never before installed browser - no dice!
  • Change the HTML Client settings from "Open resources in the browser" to "Download the RDP file" - this works!

The certificate in the error is not the connection broker certificate, it is the local self signed "Remote Desktop" certificate on the RDSH03 session host server underCert:\LocalMachine\My\Remote Desktop certificate store.

Additionally and this may be a bug - the cert is NOT an SHA1 certificate it is SHA2.

Any ideas how I can fix this as the neatly web page packaged RDS resources in the HTML client are exactly what my users are wanting...nice neat single pane of glass overview of ALL their RDS resources.




Viewing all 27656 articles
Browse latest View live
Search