Was doing some routine maintenance on my RDSH farm and noticed that one server has much less free space than the others. I looked at which folders were the culprit and found this one:
C:\Windows\ServiceProfiles\LocalService\AppData\Local
It was full of files like the following:
FontCache-S-1-5-21-30371924-1664817342-1491421105-149182.dat
These files take up 50+GB of space. My guess they're associated with user profiles.
Are they safe to delete? I don't want to delete an actively used file.
We have a Windows 2008 R2 RDS in a Windows 2012R2 Domain. We want to lockdown the 2008 RDS for Domain users that we have added to a new security Group--named "Data Collection Users". These users are "Domain Users" and login to the 2008 RDS using Windows XP SP3 machines to run a specific application -they do not use their local desktops for anything. WE added this group to the local RDU group on the RDS. We do not have any other users that login to the RDS through terminal, including any Domain Admins.
So far we have done these steps:
Here are images from the Security Filtering:
Hi All
My understanding is that licensing mode is selected per Collection.
1. Can a single RDS license server manage both User and Device licenses?
2. I think MS Office products are licensed per device, therefore I assume I group all Office products within a single container and set its licensing mode to Device?
We also support W2K3/8-32bit desktops via creating a published RDP file which effectively RDCs into W2K3/8 servers running Terminal Services (for backward compatibility of certain 16-bit apps).
Will two client licenses will be consumed per user, one for RDS 2012R2 and one for the target W2k3 or W2K8 32-bit server?
Any pointers more than welcome.
Cheers
Lea
I've set up an RDS 2012 R2 host farm, but have problems.
When I try to log on from an outside client, then I get this error...
"An authentication error has occurred (Code: 0x607)"
I've tried google it, but without any result.
Any idea how to fix this?
I am using latest version of RDP Client 6.1 from my local Windows 7 Enterprise system, as well as RDP Client 6.1 from a Windows 2008 R2 server.
When I connect to other Windows 2008 R2 servers, I am unable to increase the DPI settings. In Control Panel > Ease of Access > Optimize Visual Display > Change the size of text and icons, I get a screen which says “The display settings can’t be changed from a remote session”.
This is unacceptable. I am able to change this setting on any Windows 2008 (pre-R2) server in multiple environments. When is MSFT going to fix this issue in R2?
I have seen other posts on this issue
such as this one -- one person suggests exporting the registry settings under
[HKEY_CURRENT_USER\Control Panel\Desktop\WindowMetrics and then to set them on my R2 server.
Can I export those registry keys from a 2008 (non-R2) server where I have set the DPI to 125%, and then import them onto the R2 server?
Thank you.
Hi,
I have terminal server based on Windows Server 2012 and recently when I login as administrator getting message “The Recycle Bin on C:\Users\users_profiles\ is corrupted. Do you want to empty Recycle Bin for this drive?” This pop up for each of user’s profile so when I empty one, another came. Of course empting bin doesn’t help. I found it as quite common problem which supposed be resolved by running as administrator command:
RD /S /Q C:\$Recycle.bin
But this doesn’t work for me. The recycle bin after deleting came back and the message pop up again. I’ve also tried:
Nothing has worked for me. Could you advise how to fix the problem please?
We upgraded our license server to 2012 R2 several months ago. We only use Per Device CALS. The server is fully patched as of today. The license server is running on a Domain Controller and the License server is in the Terminal Server License Servers group as is the Network Service.
Licensing overall seems to be working fine IE; issuing CALS, upgrading CALS, etc.
The issue(s) we have are this:
1) It issues temporary 2003 Per device CALS (as it should) and in several months, it has only upgraded 19 CALS to permanent out of 1300. Most all of these devices connect daily. Plenty of licenses available. Expired 2003 licensesare not being removed from the console and it is not issuing multiple CALS to a device as is happening with our 2008 and 2012 licenses (see below).
2) When a temporary 2008 or 2012 device license is issued, it issues multiple licenses to the same device. When the licenses are upgraded it is the same thing. Multiple licenses for the same device are upgraded to permanent. We have several users who have multiple temporary licenses and permanent licenses for the same device. Although we have plenty of available licenses, this is not right.
In our efforts to try and resolve this problem, we have deactivated and activated new license servers a few times. We have activated them all different ways with the same result.
We have 2 separate forest where we have the exact same behavior.
Aside from event ID 42 (An error occurred in policy module "Policy Module for company Microsoft Corporation product A02 has denied new license request with error code 14.)
We have no other errors in the event viewer.
Any help with this issue would be greatly appreciated.
Russ
Good day All
Server Setup (server hosted externally)
1x Hyper V Host (static)
1x VM DC - DNS/(integrated with AD) (static)
1x VM RDS - Domain Joined (with all roles for a RDS server) (static)
--------------
mydomain.com (registered public domain name)
DNS name servers of hosting provider : dns1, dns2 & dns3
---------------
I am having difficulty in configuring my public domain name (first time registering a public domain name, had to implement SSL) to resolve to remote.mydomain.com so that users can access Remoteapps externally via Rdweb . I am able to successfully access remote apps internally on RDS & DC servers via Rdweb with certificates successfully configured but I am not getting anything right externally.
I am 99% sure that this is a DNS issue between my server and the hosting provider. What should my DNS settings be on my internal server (DC) and what configurations should I make/request regarding the hosting provider?
Do I have to setup my own nameservers and ask the hosting provider to update the name servers for the domain at the registrar in their root? Or can I not make use of their DNS servers (dns1,dns2&dns3) to handle the DNS service for the domain? My attempts so far to resolve the matter has just confused me and I am not sure any more as to the details of setting this up.
Any feedback and instructions much appreciated...
Hello Team,
I am running RDS services and I want to monitor the RD Sessions, to see when my Users were connected and when they logged off!! Do we have some kind of tool or shell command to get the output ? Also Is there an Even ID that gets created when User Logs in and Logs Off?
Regards,
Binu Kumar - MCP, MCITP, MCTS , MBA - IT , Director Aarbin Technology Pvt Ltd - Please remember to mark the replies as answers if they help and unmark them if they provide no help.
I have verified that everything is good for enabling NLA on the server. My client shows "Network level Authentication Supported".
If I enable NLA on a server I can connect via RDP from one of the other servers on that same subnet just fine, but not from my remote machine. I connect via a VPN to the network, the servers are on a different subnet as the VPN entry point. All servers can be reached just fine via RDP without NLA enabled.
The client computer is part of a different domain than the remote servers, I am logged in to the client computers domain, authenticating to the remote servers via logon once I connect.
I read a lot of articles and discussions about similar issues, but none of the fixes apply.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa TSPKG and
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders credssp.dll are already in the registry.
I am at a loss. Everything I can see says it should work, but does not. Error given from the remote client is:
"The remote computer requires Network Level Authentication, which your computer does not support."
Repost from
https://social.technet.microsoft.com/Forums/windowsserver/en-US/3d3fdfe5-2904-407a-86f9-3ad452c4e64e/group-policy-error-0x80070bc4-for-users-connecting-to-multiple-terminal-servers?forum=winserverGP#3d3fdfe5-2904-407a-86f9-3ad452c4e64e
As was informed this was a more related forum.
Hi,
I have a customer who has multiple users who connect up to 4 terminal servers, all running server 2012 r2. A user can connect to any of the 4 servers when they first initially sign in on a morning.
Since users have been signing in around 2 or 3 a day are experiencing issues with not been able to connect to printers within office. And when you try to go to printer properties it shows that the drivers may not have installed properly.
for the majority of users this isn't an issue however but it seems to be a different set of users experiencing this issue everyday.
Upon checking the event logs I can see:
The user 'Reservations' preference item in the 'Printers {01ACF555-98F9-48E1-B071-EA021762E4EB}' Group Policy Object did not apply because it failed with error code '0x80070bc4 No printers were found.' This error was suppressed.
So far we have found that a possible fix is to go to add printer and manually add the printer again, but we don't really want to be doing this daily for just a couple of users and ideally would like the GP to be working for everyone.
Anyone have any ideas as to what could be the cause of this issue?
Good Day,
Our Windows 2012 R2 RDS configuration is working but when users connect remotely via the RDS Gateway and then launch their program they are warned about a cert. We are using a wild card cert and the same cert is applied in all places. When I run the power shell command Get-Rdcertificate is shows everything is good. Yet the RDS Console shows a cert error on the RDS Gateway (we have two). The RD Gateway manager shows everything is good.
Steve J.
Hi all. I installed Windows 2012 R2 on a HyperV and installed RDS. We tested it for a while and I uninstalled because of some reason ....
After a while I received another request to implement it so I used the same machine, same procedure - RemoteDesktop Services installation -> Session based installation .
This time, like the first time everything was installed successfully, so I added licensing server, applications, self signed certificate and then I've noticed some issues.
When I go to server management and open RDS, in deployment overview I can see plus sign to add RD Gateway. So I thought that this role was not installed by default so I performed this action (once again). But still even after adding RD Gateway I can still see plus sign. In some tutorials this sign is supposed to change or disappear.
But RD Gateway is installed and functional, I can open RD Gateway Manager and browse its options. Also external clients are able to connect and work.
Another thing is when I edit deployment settings and want to add certificate, RD Gateway is grayed. I cannot add certificate via this tool, but nevertheless after I added certificate for Broker .... I can see that correct certificate is installed on RD Gateway.
Is this normal behavior? How to tell Server that RDGateway is installed?
Also SSO is not working - I read that I need public certificate so I bought one, but still I am being asked several times . Once to log in and second time to open application - all with the same credentials. Can you also provide some tips here? SSO is enabled (Use RD Gateway Credential for remote computers - is checked).
Thanks
First a little background. Using RDS in Windows Server 2012R2, I have published applications from a collection of pooled desktops (to avoid confusion, I’m not using RD session hosts). When a user opens any of the published applications, their connection status shows as "Active" under Server Manager, Remote Desktop, Collections. In Hyper-V manager, you can see their user profile disk mounted. All appears well at this point.
After closing published applications or if their client PC enters a power save state, their connection status changes to "Disconnected". In this disconnected state, a problem occurs when launching a published application again. Instead of reconnecting them to their previous disconnected virtual desktop, a connection to a new virtual desktop is created, leading to all sorts of user profile related issues. I’m assuming this is not intended behaviour and I have missed a setting or have a fault somewhere so any advice would be very welcome.
Thanks in advance.
Bob