Quantcast
Channel: Remote Desktop Services (Terminal Services) forum
Viewing all 27765 articles
Browse latest View live

Domain A (ADFS) Authentication to Domain B(RDS) with no domain trust

March 12, 2019, 7:21 am
$
0
0

Hi,

Hoping someone could answer my question. We have a customer on Domain A currently with a domain trust to our environment Domain B, we host an RDS collection and they authenticate with their Domain A credentials to be able to access their Remote Apps over a site-to-site VPN. They wish to remove the Two-Way domain trust now and suggested using ADFS for authentication.

Is this possible? Without a domain trust how can we authenticate their users to our environment without their users needing to log in multiple times?

Thanks

C

Search

RDP Terminal services license question.

March 10, 2019, 10:45 pm
$
0
0

Hi All,

Right now, here is my current situation. Whereby 1 server has 2 same CAL license with 10 Users. Supposedly we allow 10 users to rdp, but it turns out the RDP session shows 20 Users connected.

Any idea, why is it capable of more then 10 Users with a same CAL License?

Server 2012 refusing RDP admin connection (no licensing)

March 8, 2013, 4:49 am
$
0
0

Hello, I am trying to remote into Windows Server 2012, which I did for months, but am now getting this error:

"The remote session was disconnected because there are no Remote Desktop License Servers available to provide a license"

How can I fix this and why do I need a license server? I just want to log in to do administration, which doesn't require a CAL per below.

Do I have to acquire RDS CALs if I am only remotely administering Windows Server operating systems by using
Remote Desktop for Administration?

No. Up to two users may connect to the Windows Server operating system simultaneously to perform administrative
functions without needing any RDS CALs. Additional administrative users need the appropriate RDS CALs.

I am stuck right now. Any pointers please?

Thanks for any help.

Server 2012 RDS - User Profile Disks - Errors during Logoff

December 19, 2012, 8:01 am
$
0
0

I have set up a test Server 2012 RDS collection (Single Server for now) and implemented User Profile disks.

I have two problems.

First: My generic test user can connect and does successfully use the user profile disk as expected. However, atlogoff, the system event log contains these errors:


The error (NTFS 137) is: The default transaction resource manager on volume C:\Users\ts3.test encountered a non-retryable error and could not start.  The data contains the error code.

The warning (NTFS 50) that concerns me is:

It appears that the user profile disk is being "disabled" or "disconnected" before the profile data is completely written at logoff. What can I do to troubleshoot this?

Second:

Update: A post from Mike Connor on the following page: -LINK- solved the problem described below. 

My administrative user always logs on now with a temporary profile. At the beginning, the UPD was working and mounting. That stopped working. In attempting to troubleshoot, I logged the admin user off and deleted the UPD disk file from the share. I remember it working again after generating a new UPD disk file in the share. Soon, it quit working again. I deleted the UPD disk file again from the share and ever since, it has never regenerated a new UPD andalways logs on with a temporary profile.








Automatic logon RD Web Access

March 12, 2019, 9:58 am
$
0
0

Hi guys,
Currently I work in project to allow all users access que RD Web Access.
In this project I need allow the all users access the web page automatic, I don't know what's the paramenters I need to change in the web.config file.

Could you help me ?

Thank's!

Marcus

Problems with User Remote Desktop Home Folder not mapping

March 6, 2019, 4:52 pm
$
0
0

I have 2 forests with an External Trust configured between them.  Trust works perfectly for Authentication and DNS resolution.  Using a MS Internal CA for RDS certs (actually seems to be working).  The RDS Farm is 2 servers running 2016 w/ Gateway on RDS1.  I can login and launch the appropriate applications successfully.  All of that is working great.  Client Local Drives and Printers map successfully.

My Problem.

I need a Home Folder (H Drive) to map to a share in the hosting domain (trusting domain).  I have set Group Policy Computer config to map the H drive.  I have GPO Loopback Processing enabled as well as Apply Trusted Domain GPOs.

.

What am i missing?  It will NOT map the H drive.

Server 2016 RDS Farm Certificate

March 12, 2019, 2:09 pm
$
0
0

Getting to where I HATE certs.

2 node 2016 RDS farm.  Generated a SAN cert from my MS CA.  It contains common name *.xxx.xxx.  The SAN names are the Farm FQDN and the FQDN of both servers.

Imported this into the Server Manager RDS Deployment Properties successfully.

It WORKED properly after I imported those 2 certs that afternoon, several times.

Then, the next day, the 2nd server (not the first) decided it would use the Self-Signed RDS cert it has rather than the SAN cert assigned the previous day.

So, I have 1 server (which is a Gateway and session host) use the SAN cert, but the 2nd (session host only) uses a self-signed.

WHY?  Any suggestions on how to fix?

Cumulative Updates breaks RDP since November.

March 11, 2019, 5:04 am
$
0
0

We have an RDS server (2016).  Since November or October, every cumulative update (well until Jan, haven't applied latest yet), breaks RDP. We can connect to the gateway fine, but accessing the RD desktop just fails with a warning about not being able to connect.  If I uninstall the Cumulative update, then all works again.

Event log shows hundreds of Schannel events (A fatal error occurred while creating a TLS client credential. The internal error state is 10013.)  The remote desktop management service fails to start and the server manager shows this issue:

the server pool does not match the rd connection broker that are in it. errors

Any ideas on how to fix?

 

Search

2012 Server RDSWEB - Certificate mismatch error

March 12, 2019, 11:13 pm
$
0
0

I've seen this error discussed, but need little more detail. I want to understand how to create RDS Farms with correct initial settings to avoid this.

When clicking on a Remote Desktop Icon for a remote collection (Sage_Sales). I enter my credentials and see this dialog.

Then I see this warning about the certificate mismatch.

Then I see this error if I click [Yes]

Can someone explain why each dialog/error is displayed?

I want to be able to look back at this thread, and correct my configurations.

Regards

Terminal services licensing in workgroup server 2016

March 11, 2019, 12:35 am
$
0
0
Which license should i purchase for terminal access in server 2016 with workgroup setup. All our users are in workgroup and there is no  domain setup in our company. its a small office and we are accessing the server(around 12 users) via remote desktop(with LAN only). Earlier it was  server 2003(workgroup only) and have 15 userCAL licenses  in it, it was working fine.
recently we purchase this new server with server 2016 and also purchased 10 userCAL licenses. new server is up and running and enabled remote desktop services also, its working fine now(without RDS license. should be in free grace period). Is that my userCal licenses will work with this or do i need to purchase devCAL for this setup?

Error applying wildcard cert to RDS Web Access Role Service, event ID 20480 Failed to enumerate SSL certificate information

March 2, 2019, 10:33 am
$
0
0

I am trying to apply a third-party wildcard cert to a RDS server farm.  The .pfx is imported successfully for the RD Connection Broker roles, but gives an error "Could not configure the certificate on one or more servers..." when I apply it to RD Web Access.  In the Event log, this generates event ID 20480 "Property page: Manage certificates update failed: due to Exception Failed to enumerate server SSL certificate information."

This is an internal farm, with no RD Gateway server, 1 Connection broker/Licensing/Web Access server, and three additional session hosts.

RDS Users disconnect after a few minutes from a single subnet. session 14 has been disconnected, reason code 0 and code 5

March 4, 2019, 10:15 am
$
0
0

Hello,

Users from a single location are experiencing major issues connecting to our RDS server. There are 3 locations, one main site where the server is location on the same subnet, another site south, and another site to the east. The south and east sites are connected with a VPN connection. Only users at the east site are not able to connect well to the server. I can check event viewer logs and I once saw something with winlogon stopping but I always see the error "session 14 has been disconnected, reason code 0" and "session 14 has been disconnected, reason code 5" from the east site subnet. I did a netstat to see that users are connecting with TCP 3389. An RD Gateway is not configured. I can connect to the RDS server for hours and have no problems. Error code 0 means No additional info is available and 5 means client's connection was replaced by another connection. I am not sure what would be doing this.

I was thinking like some kind of time but I sent all of the timeout settings on the server to never. I thought maybe it was a UDP socket timeout that was acting weird over that single connection but with netstat -a | findstr ":3389" I only see TCP ESTABLISHED sessions and only listening on UDP 3389. 

Update KB3000850 is installed which replaced KB2984006 update for windows server 2012 R2 that fixes RDS issues like this. Clients are Windows 10.

Any help would be appreciated. 

RDS Windows 2019 CALS are not getting issued to the users

March 5, 2019, 3:59 am
$
0
0

Hello Expertiz,

I am experiencing a weird problem on my windows 2016 server.

I have only one server ( win 2016 datacenter) deployed on azure where in I have configured RDSH, RDCB, license and webaccess role. Till now I was running on 120 days trial period of license. Now I have purchased 15  win server 2019 CALS and installed the same. The problem here is, even though I have installed the CALS the server is not allowing me to connect more than 2 users and it throws an error " there are too many users signed in. Select a user to disconnect".

Licensing diagnoser displays no error. I can see green tick mark which says " RD Licensing diagnoser did not identify anylicensing problem for Remote desktop session host server".

RD licensing manager says "Total licenses =15 ", " Available licenses =15". " Issued = 0" . Here no licenses are not getting issued even though it has enough to distribute to the users. 

I have tried all possible ways to fix this but no luck. Below are the few troubleshooting steps performed.

  • Applied group policy settings - Computer configuration - Administrative templates - windows components - remotes desktop services - remote desktop session host - licensing - use specified licensing server ( updated the FQDN name of the licensing server )
  •  Computer configuration - Administrative templates - windows components - remotes desktop services - remote desktop session host - licensing - set the remote desktop licensing mode ( set per user license)
  • Computer configuration - Administrative templates - windows components - remotes desktop services - remote desktop session host - connections - Limit number of connections ( set to 99999)
  • Gpupdate /force
  • But no luck. Hence I uninstalled the licensing role and re-configured from the scratch. But still the same issue.

Any suggestions to resolve my issue would be much appreciated.

Thanks,

Mulge


Remote Web Apps keeps asking for password even after logging into remote gateway.

March 5, 2019, 6:08 pm
$
0
0

The apps that I had published on my remote desktop gateway is still asking for a password when i try to access it even though i have successfully authenticated on the remote gateway.

My setup is that the everything is installed on server1 while the session host is on server2 (app that is published is also on this server2)

I have tried to setup "Always prompt for a password upon connection" to disabled on both server1 and server2, however it is still the same. 

reducing farm logon time

March 6, 2019, 5:28 am
$
0
0

hi all,

       Win server 2016 connection brokers, 2012 R2 session hosts (due to application requirements), currently 154 session hosts in farm.

if i logon to specific session host, using mstsc.exe /admin, first logon time is approx 8 seconds. Subsequent logons are approx 3 seconds.

if i logon via the farm ()via rdweb, or an rdp file downloaded via RDWweb), the logon times are 18 seconds and 13 seconds respectively.

It seems to me as if the farm negotiation and deciding where to place the client is taking a full 10 seconds - which just ruins the user experience.

i havent been able to find anything by googling this - has anyone got some suggestions as to what to check or what tools i can use to troubleshoot this ?

Search

Handle Remote Desktop Idle timeout

March 7, 2019, 9:24 pm
$
0
0

Hi, 

We want to use RDP for connecting to remote machine, execute Desktop Application Automation there. The challenge that we face is that on the customer end there are restrictions on idle timeout in RDP session. Once we start executing the automated desktop application and if execution takes longer that than the idle timeout to execute, the remote desktop session ends, and the Desktop Automation fails. Is there a way to handle this?

1. I have tried TSCON, but TSCON unlocks the console session, so it may not be acceptable to customers.

2. I have also tried Java's Robot classes to do some mouse action(https://stackoverflow.com/questions/52874/how-do-you-keep-the-machine-awake) This also works with limited scope. In case the RDP session loses focus, it does not work.

Is it possible to keep the RDP session from disconnecting on Idle Timeout?

Thanks in Advance.

Best,

Sumit

SERVER 2012 - RDS Web access - Icon starts rdp client

March 9, 2019, 5:19 pm
$
0
0

When I log onto our rds gateway, I see the Remote Dektop Icon from the collection object I created.

But when I click on the icon, the local RDP client starts. It should just give me a login dialog.

Anyone seen/solved this before?

RD Gateway is temporarily unavailable

March 10, 2019, 12:33 am
$
0
0

++ 2008R2  Environment.

++ Installed Session host role, RDGW role and RD WEB access role on one server 

++ Customer is accessing third part application via RD Gateway.

++ Customer has public certificate XYZ.COM but the internal domain is different i.e. XYZ.local

++ RD Gateway is configured on the SSL certificate name.(XYZ.COM)

++ Customer created the Forward lookup zone within DNS with the name XYZ.COM and created the host records.

++ Customer has published third party applications to access them via RD Gateway instead from RDweb.

++ I checked from DC customer is able to ping the Gateway server and able to access the third party application.

++ But from client machine which are in same Network unable to ping RD Gateway and unable to access third party application along with mstsc.

Error Message:

Your computer can't connect to the remote computer because the Remote Desktop Gateway server is temporarily unavailable. Contact your network administrator for assistance.

Could any one please suggest on the above issue...

RemoteApps - is there such a thing as an "approved list" of apps that can leverage this technology?

March 11, 2019, 9:32 am
$
0
0

Hello and thanks for the help.

I'm trying to find a solution for allowing external users on a different domain to securely access TFS from their copy of Visual Studio to check-in/check-out code. 

I'm using a Privileged Access appliance that has a technology that allows folks to start applications remotely like this, but the rep told me they do not think I could use Visual Studio in this kind of manner because it is not on the "approved list" of RemoteApps.

I've been looking for a little while and can't find any sort of list of approved Microsoft RemoteApps.

It's difficult to search for this because it always brings back error-related threads.

Does an approved list of software for RemoteApps exist and if so, where can I find it?


2012 RDS Collections and Domain Groups

March 13, 2019, 12:21 am
$
0
0

I have an rds farm with three rds_host servers. I have defined three domain user groups for sage_sales, sage_admin and sage_outside.

I have three collections pointing to the three rds host servers; sage_sales, sage_admin and sage_outside.

In my tests:

When I setup a user Joe in the Domain user manager, and make him a member of the sage_admin group, he can log into the RDWEB portal by entering his domain.user/password and clicking sign in. He is presented with the collection icon as shown below.

Clicking on the Sage_Admin icon takes the user to a successful remote session on the correct rds host configured for sage_admin users.

When my test user Joe is a member of two groups (sales_group and admin_group), he is presented with two collection icons after signing into the rdweb portal as shown below:

However Joe can only connect using the Sage_Admin icon. When clicking the Sage_Sales icon, the following error dialog is displayed.

What is happening here? I can't find any difference in the group rights.

Does the Set Primary Group in the Domain User settings effect which icons are available in an rdweb session?

Comments on these configuration options would help. What a battle!!

Viewing all 27765 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>