Quantcast
Channel: ฟอรัม Remote Desktop Services (Terminal Services)
Viewing all 25135 articles
Browse latest View live

Remote Desktop License Manager - Configuration issue (not a member of TSLS Group)

February 11, 2020, 12:16 pm
$
0
0

Hello,

I am trying to install the RD License manager on a member of computer in AD. The AD Schema is Windows Server 2016 and this member computer is Windows Server 2019.

I have successfully installed the role and activated the server, added the member computer in the BUILTIN "Terminal Services License Server" group but in the configuration page I get the message "the system cannot determine if the license server is member of tsls group".

All the required ports are also open as specified by : https://support.microsoft.com/en-us/help/832017/service-overview-and-network-port-requirements-for-windows#method53

Does anyone have a similar issue or know how to solve this? I dont want to install any CaLs if the service has any errors.

Regards,

Tony

antonis michael

Search

Mapping SharePoint on Windows Server 2016

February 11, 2020, 4:58 pm
$
0
0

Ran into a couple of issues getting SharePoint mapped for our users but was able to get those resolved once I installed the WebDAV svc on the server. I was able to the map the drive for each user and verified it was working properly. 

Fast forward a few days, and I had a handful of users reach out to me saying that they couldn't access the mapped SharePoint drive. I checked each of their profiles, and all of them were getting the error that access was denied and they needed to reach out to their network admin. I remapped the drive for each user, and they were able to access it fine. The last user I decided to dig a little further on. I disconnected and remapped the drive, verified that it was working properly, logged off and back on to see if the drive would hold. If you are familiar with SharePoint and mapping it as a local drive, you are aware that every restart/shutdown/log off event will force you to reauthenticate to SP on the drive. However, this did not occur. The drive icon was still green as if the session never closed properly and when you went to launch the drive the document library was empty. No force to reauthenticate and no docs. Close File Explorer and attempt to get back on the drive, "access is denied, contact network admin" error.

Very odd behavior, even for SharePoint. I'm curious if anybody else has ran into this? We previously used a Citrix platform and never ran into this issue. To summarize the issue again; User can access mapped drive to SharePoint, ends session, begins another session, can't access the drive.

Any help would be awesome!

roaming remote desktop profiles

February 12, 2020, 2:42 am
$
0
0
tell the users and computers in the active directory in the rest, I indicate the user the path to the roaming profile of the remote desktop, but this does not work, the profile was local and remains when connected to the terminal server. terminal server 2008. found an article that this path does not work since Windows 2012 and younger and you need to edit the registry and specify the key fQueryUserConfigFromDC. but I have a terminal server 2008, why doesn’t this path work?

Users fail mostly connecting to load-balancing farm, but only when going through a VPN

February 6, 2020, 8:50 am
$
0
0

Hello everybody,

A customer runs Windows Server 2019 terminal server farms. From the local network, everything is fine. Users get perfectly connected and load-balanced to the RD servers. However, if the log on to the domain through a VPN (TMG 2010) which does not block any traffic, they can only only sometimes connect to the farm. When they fail, their Windows 10 RDP client just yields an "internal error" without being more specific.

We checked already:

* TMG does not block anything coming from the VPN to the inner servers or vice-versa. We also tried temporary firewall rules allowing any traffic in both directions.

* DNS resolution and contact to the domain controllers is fine from the LAN and through the VPN. There are DNS A records for each RD server, and for each RD server there is a DNS A record with the farm name, pointing to each of the RD servers, for DNS round-robin.

* The RD broker (a separate server) load-balances the users just fine.

* The clients get a DHCP address for their VPN connection from VPN, also just fine.

* The clients CAN connect every time to the old 2008 R2 server farm which did not load balance. When they try to connect to a 2019 farm (with each farm consisting of 4 RD servers and its own broker and licensing server), the only connect sometimes, the other time failing with the "internal error".

* The clients connect (locally and through VPN) using the same .rdp file pointing to the farm name. The do not use RDWeb currently, nor a RD gateway.

We have the suspicion (although not proved 100% yet) that the users can connect when a RD redirection is not needed/requested by the RD server that they initially contact via DNS round-robin.

Is such a symptom known? Does anyone have a clue what is happening here?

Best Regards, Stefan Falk

Force pdfs to open in Acrobat and not IE?

January 23, 2020, 4:55 pm
$
0
0

Hi,

I have a 2012 R2 RDS and Acrobat 2017 is installed on it. When a user clicks a link in IE to a pdf it always opens in IE. I want every pdf on this server to open in Acrobat. I have already disabled the Acrobat reader add on in IE. I have checked this setting this on several user profiles. The add on shows as disabled but pdfs still open in IE when in a webpage. 

Thanks for any help on this.


RDS 2016 - Will not accept password for some users but does accept them on RDWeb and over standard RDP

August 11, 2017, 9:39 am
$
0
0

Hello,

Pulling my hair out a little bit at this one.

For a few of our user accounts they are unable to connect to any of the published apps.

It has worked previously for these users but then it just suddenly stops.

The user can successfully log in to the RD Web site but the apps won't accept the users password; however it is being entered correctly as it works for RD Web and standard RDP.

The deployment is two RD GWs, two RD CBs and 5 Session hosts with 3 different collections.
All the servers are Server 2016.

It doesn't appear to matter which GW, CB or Host the session uses/attempts to use none of them are accepted.

Audit logs for the GW are turned on and for the session that fails their are logs present on the GW to say that the client has met the authorization policy, authorized to connect to the DNS name we are using for the Connection Broker and then displays the event for when a session disconnects. In effect it seems the user seems to have a 0 second connection:

The user "USERNAME", on client computer "IPADDRESS", disconnected from the following network resource: "CB DNS NAME". Before the user disconnected, the client transferred 229 bytes and received 156 bytes. The client session duration was 0 seconds. Connection protocol used: "HTTP".

The connection seems to hit the Connection Broker too but disconnect immediately. For example working connections create two event logs in the Microsoft-Windows-TerminalServices-RemoteConnectionManager/Operationalevent log one that reads Listener RDP-Tcp received a connection and then there is supposed be another to say that User Authentication was successful. The users that don't get authenticated don't create this entry of course.

Why would the password not get accepted?

Where else can I look to try and troubleshoot this issue?

Remote Desktop Services - Server Authentication Certificate problem

February 12, 2020, 3:20 am
$
0
0

Hello

We have got a server, call it S1, running Windows Server 2012, and workstations running Windows 10 Enterprise 1909. People regularly need to access this server using the workstations. When people on workstations try to access this server, it initially works (i.e. they enter their credentials and then the "The identity of the remote computer cannot be verified ..." windowappears), but then the "remote desktop can't connect to the remote computer for one of these reasons" error comes up. It goes away when connecting again, but instead shows the following error (without the "The identity of the remote computer cannot be verified ..." screen):

The connection has been terminated because an unexpected server authentication certificate was received from the remote computer. Try connecting again. If the problem continues, contact the owner of the remote computer or your network administrator.

This has been occurring sporadically ever since the server was built, however in the past few days it has appeared on all of the workstations. A few workstations used by sysadmins can still access the server by remotely connecting to another server that is on the same network, then remoting to S1 on the other server, however this is not the case for the rest of the workstations in the room. I've tried pinging S1 and it's replying fine.

I have also checked out the following other solutions to this problem from similar forum posts :

  • Replacing mstsc.exe and mstscax.dll - no computers on the network are running W10 build 1511, so can't get the files
  • Registry - the only registry options in HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client are (Default) and PinConnectionBar - no RDGClientTransport
  • "Connect and don't warn me" - option is greyed out, stuck on "warn me"
  • Services - both the Remote Desktop Services and Remote Desktop Services UserMode Port Redirector are up and running.

I can't seem to figure out anything else about why this is happening.


Server 2019 RDS administrative session shadowing works, but shows a black shadow window

February 12, 2020, 12:38 pm
$
0
0
Hi there !

On a Server 2019 properly set up as a domain member with activated RDP services ("quick access" method), the "collection" is displayed correctly in the server manager; including the registered non-administrators or the normal remote desktop users.

The server is currently in the evaluation phase and only runs for 7 days. Neither CAL's nor product keys are entered, but that shouldn't matter at the moment, right?

Click right Mouse click on a user provides the option "shadow". When triggered, the correct small dialog comes and the window also opens. But it is white and when you enlarge the window you see a black picture with a white square in the middle. => the shadwing works, but shows nothing reasonable.

There is an RDS tool from Lizard, which delivers the desired monitoring result perfectly on another server 2019, which is single, i.e. not a domain member. Of course, I also installed this on the domain member server and expected success. But this tool also led to the absolutely identical result as the session monitoring via collection: black screen with white square in the middle.

The domain has the 2008R2 level.

The additional test carried out on both servers with the installed RDS Manager 2008 (tsadmin, that's fine!) Led to the result that everything works perfectly except for the session seal: there it also works perfectly up to the short dialog window and then it says " Access denied! ".

Can someone - best of all from Microsoft perhaps? - tell me what's going on?

It makes no sense to start up a new terminal server whose sessions the administrator cannot monitor.

With regards
Chris
Search

Screen flickers, screen elements move around, user gets logged out.

February 6, 2020, 4:29 am
$
0
0

We're running an old but still important business app that is built on Silverlight. Yes, it was really stupid to build it on Silverlight, but hindsight is 20-20; there are steps in play to replace it. But for now we must run it.

We also use RDS for the majority of our workers, and on RDS 2016 it has become quite unstable, especially from Windows 10 clients but possibly also older thin clients that still run an Embedded OS.

The only browser remaining that runs the Silverlight plugin is "good" old Internet Explorer, and it has generally worked, but lately especially after some of the newer patches (I presume) users have begun experiencing screen flicker, UI elements just appearing to move around and after a while just a straight-up logoff off the system. This is massively disrupting of course.

Running the same things on a Windows 10 local client (without RDP) works the way it has until now.

Grateful for any ideas on what may be causing this and how I could mitigate it.

user profile disk rds 2016

February 4, 2020, 12:33 am
$
0
0

hello

i try to enable user disk profile on my collection (rds 2016)

i create a share folder with the permission they need on file server windows 2012 r2

i put the location that is acseesible from the session host and the i get the error message:

could not create the template VHD,error message: unable to connect to WMI on server xxxxxx (file server 2012) ,error no such interface supported

what could be the problem?

thanks!

Remote app smart card redirection - how can I get it to work

January 28, 2020, 7:28 am
$
0
0

Hi,

my machine is win 7 professional which support 8.0 rdp protocol.

my jump server is win 2012 r2

on the server end , I have enabled smart card redirection for a  remoteapp on iIis 8 thru Remote Desktop services - remote apps - session collection - client settings - configure client settings - ticked smart cars option.

on my machine I have allowed USB access for the specific device guid on sep(Symantec end point)

however, when I remotapp into the jump server I am unable to see the smart card but when I allowed the plug and play or printer, I can see them though.

the jump server has an web based app that will need to read the smart card info on my client and I will have to enter the password to login.

i have also tried with a win 10 pc but still the same results.

appreciate any advise

maxz77

Server 2019 Standard Terminal Server, some older users need "larger" text and icons

February 12, 2020, 7:08 am
$
0
0

Just put in a brand new Windows Server 2019 Standard Terminal Server at a client. Some of the partners in the firm are of an advanced age and their eyesight is no good. However other's are in their 20's and can see very well.

I tried searching for and and it seems microsoft had a solution for 2008 R2 and then nothing after.

Any way to get that on Windows Server 2019?

Excel license terminal server - collection users vs app users

February 12, 2020, 8:32 am
$
0
0

Hi all,

We are deploying two apps in terminal server Windows Server 2019 (app1 and app2). Both apps are in the same farm and collection.

The users from the collection use a user group, the same user group that the app1. Nevertheless, the app2 use another user group to limit who can use it.

the problem is that the app2 need to use Excel, only in this app. We want to use excel but we just want to pay only the app2 user group license (5 or 6 users), not the user group used in collection (more than 100 users). Is possible to pay only for the app2 group or need to pay to all connection group?

thanks and regards,

Gerardo,

Clients gets disconnected from sessionhost

February 12, 2020, 5:55 am
$
0
0
Clients get's randomly disconnected from the Session hosts. in the eventlog "applications and services logs/windows/TerminalServices-LocalSessonManager i get a lot of event id 40 with the following description:
Session XXX has been disconnected, reason code 3489660929. I have not been able to find a description for reason code 3489660929.
Can you please help me with this reason code ?

RDS Host third party app listening port redirection

February 12, 2020, 7:33 am
$
0
0

This is the scenario:

I have a 3rd party application that brings up a listening TCP port for communications purposes. 

This applications has a preconfigured listening port, lets say 49000, but the fact is the port is not available. 

Testing this issue with iperf has brougth some info to light: Windows somehow redirects the listening port to a random TCP port, starting at 20000 and assigning it "randomly". Here are some pictures:

iperf acting as server (netstat shows the port 42500 is not listening):

Client failing to connect:

processexplorer to check the listening port:

Succesful connection with the redirected port:

Nestat with redirected port:

This behaviour seems reasonable, otherwise only the first user to turn on the applicacion would be able to actually use it but I haven't been able to find some information that explains how this process work and why does it do.

I can't find any information about it and I would like to know if I am right or there is another cause for this beaviour as well as know if there is a workaround for this app to run. 

Jordi.

Search

Network Stability and Remote Desktop Blamed For Intermittent Database Error

February 12, 2020, 10:31 am
$
0
0

My company is using a software package which is installed on RDS. All users access this program via Remote Desktop. The program is a business application which directly executes CRUD operations on a Pervasive database (no middle tier!). Our RDS server and database server reside in the same room (actually on the same vm host). Some of our users are remote over a VPN tunnel. These were the main reasons I wanted to install on RDS, because software updates and stability would be a nightmare if the application was installed on individual PCs, most notably with some running remotely. This setup would promote more stable execution because the servers are local to each other.

On occasion, the software produces database errors.

Certain errors are reoccurring, and the software company blames the issue on dropped packets. They claim desktops using a wireless connection can cause issues. They claim that this corrupts cache files and causes the database corruption.

I'm under the impression that RDP should generally negate any network issues because the application is executing on the server, not the PC. If a connection is interrupted, the application should continue to gracefully execute in the background until the session is reestablished.

On a setup like this, is it at all possible (or even heard of) to introduce database errors via RDP? Any thoughts?

Thank You.

RDSH certificate

February 13, 2020, 1:43 am
$
0
0

I have setup a RDS 2019 environment with the following roles.

- RDS Gateway and Web Access on one server

- Connection Broker

- 2 Remote Desktop session host servers

- RD licensing server on DC

Within the deployment properties i have configured a wildcard certificate on all roles and they are trusted and OK.

Within DNS in the remote zone i have created records for the RDSH , RCB , Gateway and Round Robin for the RDSH farm.

In the firewall i have opened port 443 tcp and 3389 udp to the gateway server.

In the rdp configuration on the client i connect to farmname.domain.nl and the gateway remote.domain.nl

When i connect through rdp to the farm name i get the message "Certificate can't be verified" because the name in the certificate from the remote pc is *.domain.local.

When i connect to the Connection Broker i don't get this messages because the wildcard certificate is configured in the deployment properties for the connection broker.

What should i do to stop receiving the certificate notification ? How do i ensure that the RDSH servers use the wildcard certificate ?


netlogon issue

January 24, 2020, 12:25 am
$
0
0

Hi,

We have 3 Rdgateway servers ( server 2012 R2 en 2008 R2) in our domain and each has its own URL for accessing the internal servers from internet.

Yesterday I wan checking the netlogon logs and find out that each time we connect to RDgateway to access an internal server these events get logged. nts72 is Rdgateway server and nts80 is the internal server that we access. We dont see any issue with login, but I would like to know why netlogon says " The specified account not exist"

SamLogon: Transitive Network logon of mydomain\NTS72$ from NTS72 (via NTS80) Entered
01/24 06:52:36 [LOGON] mydomain: SamLogon: Transitive Network logon of mydomain\NTS72$ from NTS72 (via NTS80) Returns 0x0
01/24 06:52:36 [LOGON] mydomain: SamLogon: Transitive Network logon of mydomain\a.franceschini from 10.0.10.232 (via NTS80) Entered
01/24 06:52:36 [LOGON] mydomain: SamLogon: Transitive Network logon of mydomain\a.franceschini from 10.0.10.232 (via NTS80) Returns 0x0
01/24 06:52:36 [LOGON] mydomain: SamLogon: Transitive Network logon of mydomain\NTS80 from NTS80 (via NTS80) Entered
01/24 06:52:36 [LOGON] mydomain: SamLogon: Transitive Network logon of mydomain\NTS80 from NTS80 (via NTS80) Returns 0xC0000064
01/24 06:52:36 [LOGON] mydomain: SamLogon: Transitive Network logon of mydomain\NTS80 from NTS80 (via NTS80) Entered
01/24 06:52:36 [LOGON] mydomain: SamLogon: Transitive Network logon of mydomain\NTS80 from NTS80 (via NTS80) Returns 0xC0000064
01/24 06:52:36 [LOGON] mydomain: SamLogon: Transitive Network logon of mydomain\NTS80 from NTS80 (via NTS80) Entered
01/24 06:52:36 [LOGON] mydomain: SamLogon: Transitive Network logon of mydomain\NTS80 from NTS80 (via NTS80) Returns 0xC0000064
01/24 06:52:36 [LOGON] mydomain: SamLogon: Transitive Network logon of mydomain\NTS80 from NTS80 (via NTS80) Entered
01/24 06:52:36 [LOGON] mydomain: SamLogon: Transitive Network logon of mydomain\NTS80 from NTS80 (via NTS80) Returns 0xC0000064
01/24 06:52:36 [LOGON] mydomain: SamLogon: Transitive Network logon of mydomain\NTS80 from NTS80 (via NTS80) Entered
01/24 06:52:36 [LOGON] mydomain: SamLogon: Transitive Network logon of mydomain\NTS80 from NTS80 (via NTS80) Returns 0xC0000064
01/24 06:52:36 [LOGON] mydomain: SamLogon: Transitive Network logon of mydomain\NTS80 from NTS80 (via NTS80) Entered
01/24 06:52:36 [LOGON] mydomain: SamLogon: Transitive Network logon of mydomain\NTS80 from NTS80 (via NTS80) Returns 0xC0000064
01/24 06:52:36 [LOGON] mydomain: SamLogon: Transitive Network logon of mydomain\NTS80 from NTS80 (via NTS80) Entered
01/24 06:52:36 [LOGON] mydomain: SamLogon: Transitive Network logon of mydomain\NTS80 from NTS80 (via NTS80) Returns 0xC0000064
01/24 06:52:36 [LOGON] mydomain: SamLogon: Transitive Network logon of mydomain\NTS80 from NTS80 (via NTS80) Entered

Shahin

Diagnoser shows Host Server Version Server 2016 When Running 2019

March 19, 2019, 12:30 pm
$
0
0

When I originally Activated the server licensing via Licenses Wizard using our schools Enrollment ID I may have used an older Enrollment ID number.

I think maybe that was the issue. All I know is when I when into the RD licensing Diagnoser it showed that the Remote Desktop Version Host Server Version is:  Windows Server 2016.

... AND I AM RUNNING WINDOWS 2019 ...

After trying everything i know DE-activating, then re-activating with a more current Enrollment ID for our high school. Did not change anything.

So, removed ALL the remote desktop services and then reinstalled and reactivated. Still did nothing to change the information in the Diagnoser.

The information still shows in the Diagnoser:  Windows Server 2016

HOW CAN I GET RID OF THIS PROBLEM? 

Thanks,

Dave


Second broker not functionning

February 12, 2020, 4:48 am
$
0
0
Hello,

I need your help.

I have a RDS FARM with 

8 host session (named RDS01, RDS02...)

2 Brokers (BRK01 and BRK03)

1 Management (MGM01) where we deployed the farm and see the collection, and with the SQL server for broker HA

DC is on another server

Everything is in 2016 version, windows server 2016, SQL server 2016

My connection chain : Driver={ODBC Driver 13 for SQL Server};Server=MYENTERPRISE-MGM01,1433;UID=sa;Pwd={password_replaced};Database=RDFarm

DNS name for the mstsc connection : RDS.MYENTERPRISE.LOCAL

collection name : RDS-MYENTERPRISE

name of the DB : RDFarm

Round robin on the dns between the 8 host (RDS01,...)

Problem : The second broker for the HA is not working. 

We had BRK02 but with many problems, so we created a new server : BRK03. 

But BRK03 is not working too

When a RDS Host is going through BRK01, everything is ok, we see users in the connection of the collection on the MGM.

But when RDS Host is going through BRK03, we don't see the users in the collection, and users got temp session when disconnect/connect.

In the events on BRK03 : 


Microsoft-Windows-TerminalServices-SessionBroker/Admin    ID 802

Server farm specified for connection is not present



- <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System>
  <Provider Name="Microsoft-Windows-TerminalServices-SessionBroker" Guid="{D1737620-6A25-4BEF-B07B-AAC3DF44EFC9}" />
  <EventID>802</EventID>
  <Version>0</Version>
  <Level>2</Level>
  <Task>101</Task>
  <Opcode>11</Opcode>
  <Keywords>0x4000000000000000</Keywords>
  <TimeCreated SystemTime="2020-02-12T09:28:07.054322400Z" />
  <EventRecordID>86</EventRecordID>
  <Correlation ActivityID="{8FE15758-B0A3-48C0-A516-4C98547234BF}" />
  <Execution ProcessID="3536" ThreadID="1864" />
  <Channel>Microsoft-Windows-TerminalServices-SessionBroker/Admin</Channel>
  <Computer>MYENTERPRISE-BRK03.MYENTERPRISE.local</Computer>
  <Security UserID="S-1-5-20" />
  </System>
- <UserData>
- <EventXML xmlns="Event_NS">
  <param1>MYENTERPRISE\MY.USER</param1>
  <param2>La batterie de serveurs spécifiée pour la connexion n’est pas présente.</param2>
  <param3>2</param3>
  </EventXML>
  </UserData>
 </Event>



And in Microsoft-Windows-TerminalServices-SessionBroker/Operational

ID 787 : The name farm is empty

We don't have the event ID 801 compared to a connection on BRK01





Anyone have an idea ? 

Thanks

Viewing all 25135 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>