Quantcast
Channel: Remote Desktop Services (Terminal Services) Forumu
Viewing all 27533 articles
Browse latest View live

Error 0x607 when setup SSLCertificateSHA1Hash to change default certificate on RDSH

November 26, 2018, 2:59 am
$
0
0

Hello world,

I have an issue that I haven't at the beginning of 2012 / 2012 R2.
This issue affect both 2012 R2 & 2016 deployment now.

In a common RDS deployment, you should use RDWeb to connect users, this is everytime working like a charm.
However, when using thin client, you sometimes need to connect direct RDP client to RDS collection.

For this, let's describe what I Always do by the past :
- Configure a RR with fqdn name pointing to all RDSH servers
- Change the default RDSH Certificate by a certificate covering the FQDN (SAN or Wildcard, no matter). For this I usually use a gallery script powered by TP which will configure the SSLCertificateSHA1Hash regkey with the thumprint of the desired certificate. More explanation of this regkey here :  https://support.microsoft.com/en-us/help/3042780/remote-desktop-listener-certificate-configurations-in-windows-server-2

One other method is to configure this regkey with a GPO for RDSH.

It's always works perfelctly.

The issue that I got from a couple of month, is from RD Gateway.

When connecting external users to RD Gateway, I get an 0X607 error.
By searching on the web, I find this issue is caused by the replacement of the RDSH certificate. An exemple here https://serverfault.com/questions/591572/rds-2012-r2-an-authentication-error-has-occurred-code-0x607

If I disable the regkey, of if I delete the certificate from the personnal store of local computer (which finally do the same thing), RD Gateway works fine.
But in this case, I got the RDSH non-trusted warning certificate message for all my RDP Client which are connecting directly to the RDSH RR. This is "normal", because of the deletion of the certificate / regkey.

Is someone have any solution to make working BOTH RD Gateway AND direct RDP connexion to the farm ?
I'll really appreciate any help.

I'm asking myself if the issue was not linked by the deletion of SHA1 support, last year.

Regards,

Seb

Search

W10 1709 RemoteApp - Pop-ups hidden behind main window

November 16, 2017, 1:28 pm
$
0
0

Hi, I've this issue after migration of RDS server from 2012 R2 to 2016 and client have Windows 10 1709 but with Windows 10 1703 no issue.

Any suggestions?

Windows Servr 2016 RDSH - Firewall rules created at every login.

June 26, 2017, 2:03 am
$
0
0

Hi,

I have a setup with the following servers running Windows Server 2016

1x RDGW, RDCB, RDWA, RDLicensing.

5x RDSH

Im using UPD on the collection.

I have noticed very long login times, after policys etc are shown on screen it sits at a black screen for between 20sec and sometimes up to 5min.

I have also noticed that the svchost.exe that controls the Windows Firewall is using 25% to 50% when a user logs in and using around 1200Mb memory.

After I found this I checked the Windows Firewall with Advanced Security and found thousands of Cortana, Work or school account, Your account, Contact Support rules. 

I found a script in this thread that could delete the rules https://social.technet.microsoft.com/Forums/windows/en-US/9aad7675-d1ba-4900-9d85-0cd117f5514f/new-firewall-rules-created-for-each-user?forum=win10itprosetup

This made the CPU usage and memory usage go down to normal levels, but after every login a user does it builds up the list of rules again. With many users logging in to the system the rules build up very fast and the login times gets high and every server gets slow.

Example on our RDSH01 server that have been running in production since 2017-04-13 the script found and deleted 66153 rules that it found with "$Rules = Get-NetFirewallRule -All | Where-Object {$profiles.sid -notcontains $_.owner -and $_.owner }"

The script also tryed to get rules with this command "$rules2 = Get-NetFirewallRule -All -PolicyStore ConfigurableServiceStore | Where-Object { $profiles.sid -notcontains $_.owner -and $_.owner }" but fails with an "not enough space error"

The script removes the rules from here with the content of $rules "HKLM:\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules"

and $rules2 was meant to clean up at "HKLM:\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System"

but doesnt do anything because of the error on the Get-command. If I try to access it with regedit it stops to respond, guessing there are too many items in that container for it to handle.

Anyone know a solution for this problem? 

Regards Fredrik

Black Screen on all new Connections, SessionHost has to be rebooted

June 21, 2017, 2:31 am
$
0
0

hi,

we're suffering from session hosts that produce black screen errors in a RDS 2016 farm.

already connected users can mostly work, all new connections end up with a black screen.

to resolve the error the server has to be restarted.

i can say that

- this error appears after error 1534 (Fehler bei der Profilbenachrichtigung des Ereignisses Delete für Komponente {709E2729-F883-441e-A877-ED3CEFC975E6}. Fehlercode: Das System kann die angegebene Datei nicht finden.) starts appearing in the eventviewer.

- upon checking the registry for this SID i end up at "ProfileNotifyHandler Class app id {E10F6C3A-F1AE-4adc-AA9D-2FE65525666E} inprocserver32, C:\Windows\System32\gameux.dll".

- starting explorer.exe per taskmgr does not open an actual explorer window although the process appears in taskmgr

- tskmgr, eventvwr, cmd can be started without problems

- affected users appear as active in RDS management

- no third party security software is installed

- farm is fully patched

- HKLM\Software\Microsoft\WindowsNT\CurrentVersion\ProfileGUID and ProfileList are ok (no old or .bak entries)

looking forward on how to resolve this without  rebooting the server or a permanent fix

thank you

best regards


Create an ODBC for all TS users on logon

March 29, 2012, 1:23 am
$
0
0

Hi all,

i have a little problem, we use an application who need an ODBC connection.

We are working on a Terminal Server 2008 R2, i logged on as Administrator of the domain, i create the new ODBC connection under "System DSN", after that i logged on with a user account example : "Maria", but if go to the ODBC settings, i don't see my new ODBC connection under User DSN... that mean i can not launch my application cause it says that the ODBC connection is missing....

Someone has an idea about how to create one ODBC connection for ALL users on TS... thank you.

Slow typing in MS Access through Remote Desktop

November 14, 2018, 3:10 am
$
0
0

We have a remote office that has about 5 users that use a remote desktop connection back to our main office to access an Access database. There are normally two or three in here at all times and normally there are no issues. We have a 100Mbps connection between offices and the server is 2008R2 running the Terminal Services.

I have one computer that types extremely slow but only when using Access on the Terminal Server. Word/Excel work fine as does notepad and any other program. For some reason it is only Access through Terminal Server. I can have this user go to another computer and it works fine. I can have this same user log on as someone else at her computer and it still runs slow. It is just the remote desktop connection from this one computer and only when using Access.

Has anyone seen anything like this?


What is boost_interprocess folder

April 4, 2013, 4:19 pm
$
0
0

Hi,

Our Windows 2008 R2 Remote Desktop Service server has a "boost_interprocess" under the "programdata" folder on C drive.  Does anyone one know what is used for and why?  The folder inside contain long random folder name.  The server is not infected with any malware or spyware or virus of any kind as we already check.  Any info will be greatly appreciated.  Thanks.

Willy

Local account credentials and licensing

June 2, 2014, 1:58 pm
$
0
0

Hello, we have a Windows 2008 R2 server used for terminal services.

The server is configured and is working fine.

All domain users can login without issues.

If we login with a domain administrator account, this server successfully contacts the license server and validates.

However, we have the server locked with a local administrator account, as there is an application that runs in the background.

Because of this, we are encountering the error: "The Remote Desktop Session Host Server Configuration tool is running with local account credentials. In Licensing Diagnosis, the Total Number of licenses Available value may be inaccurate." It gives the warning that we have a number of days before the remote services is disabled.

Obviously we don't want this to happen.

My questions is if this will actually be disabled, even though we have validated with the license server before with a domain account?

Do we have to have server locked with a domain account to get rid of this error?

Many Thanks,

Ravi


Search

Old RDP Connections to Windows 2016

November 29, 2018, 5:54 am
$
0
0

I have an issue with old Windows CE devices connecting to an new Windows 2016 terminal server. The old CE devices use the older login where you get connected to the server and then authenticate, as opposed to RDP 6, where is prompts you for credentials.

The CE devices are only 240x320 touchscreens (Old Motorola MC9090 RF guns), so what happens on the display is the username and password field are cut off, and users have a difficult time selecting these fields.

Previous Windows 2008, the login screen had a different orientation, so it was more user friendly for those devices. Any one have any ideas if its possible to rearrange the screen or change resolution on just this screen? 

I have tried just about everything and would really be disappointed to have to revert back to 2008 R2, just because of a login screen. Updating or getting new devices are not possible at this time. 

I have also tried:

  • to auto login the account - i know not secure, but could not get it to work
  • remove user profile picture - was not able to get the image removed.

This is a picture of what is displayed:

Thanks for any help on this.

Upgrd of Win2K2 R2 RDGW - Configuration of Authorization and connection policies - Will they be kept after upgrd?

November 28, 2018, 2:42 am
$
0
0

Hi, new question related to my previous thread.

(Previous - https://social.msdn.microsoft.com/Forums/en-US/3a10d485-38ad-4f57-ba59-516681038d04/upgrade-win2008-r2-rdgw-server-to-windows2016?forum=winserverTS)

Q:

Upgrd of Win2K2 R2 RDGW - Configuration of Authorization and connection policies - Will they be kept after upgrd?

Or do I have to take additional steps to preserv configuiartions for my 2K8R2 session host server with its RD GW Manager?

I OS upgrade enough to have all roles and configurations preserved and "Ready to Go" after upgrd?

Regards "Trulp" (Henrik) MCP, MCTS, MSCA, MSCE, SBS Specialist

Thin Client Setup & Licensing

November 27, 2018, 3:17 am
$
0
0

Hello everyone 

I want to use Microsoft VDI solution with hyber-V, we are looking to visualize 10 VMs in hyber-V environment, and access these Virtual desktops from thin Client, by using Microsoft RDS 

we are planning to use two physical servers, first one for the hyber-V that will host 10 VMs, and the second to host RDS and hybe-v manger, is it possible.

also i want to know the minimum licenses required to implement this solution, as i did some search and i found that we need Windows server license, RDS License, and RDS Client access license, is there any one is missing 

Thanks for you feedback    

Remote desktop RDS 2016 gives back screen on logon and prevents progression to desktop. audiodg.exe halting logon process

July 4, 2018, 7:16 pm
$
0
0
Remote desktop RDS 2016 gives back screen on logon and prevents progression to desktop. audiodg.exe halting logon process

Window 2008r2 Terminal Server Printing issue

November 22, 2018, 5:51 pm
$
0
0

Devices and Printers control panel does not list the printers. Users cannot print. When go to Devices and Printers, no printer list and taking sometimes to load but when it finished there is no printers anyway. 

remote app manager

November 24, 2018, 10:20 am
$
0
0

Hi 

I have only the user name and password for the client.

How can I access to his terminal through remoteApp manager?

Regards

Remote Desktop into Server 2016 gives black screen. Same issue as bug recently found/fixed in 2012 R2

January 10, 2017, 5:35 pm
$
0
0

Is anyone aware of a fix to this issue?

See the post from Sasha (Microsoft): here

Here is a post to the MS KB acknowledging and providing a resolution for 2012 R2:here 

To resolve the issue when it happens, i need to kill the TermService service (it won't stop normally as it is in a deadlock state). I can then start the service again and it's business as usual until it happens again.

I can't see any info about this in RDS 2016... Anyone else? MS?

Thanks,

Stephen

Search

update KB4467697 breaks remote desktop

November 19, 2018, 9:50 am
$
0
0

On a 2012 R2 remote desktop server, update KB4467697 breaks some remote desktop services.  I had the exact same problem with the preview KB4462921.   Removing either update makes the problem disappear.

Passthrough RDP connections through the gateway work just fine so there is no problems there.  The problem seems to be related to RDP on the remote server itself.  These two updates break direct RDP logins, we have to use TeamViewer or visit the physical console in order to gain access to the desktop.  Clients can login to the RDP website and see published apps, they just won't open.

With either of these updates installed, thousands of these errors appear in the event log:
A fatal error occurred while creating an SSL client credential. The internal error state is 10013.

Does anyone have information as to why the latest November 13 cumulative update for Windows Server 2012 R2 breaks RDP and Remote Desktop published apps with 10013 errors in the event log?


defense from remote desktop attacks

December 3, 2018, 6:41 am
$
0
0

Dear all!

We are using commonly used accounts like scanner, security, hr and sometimes they gets locked. Out of nothing. My guess is that someone trying from outside via rdp. We using lockout, so the accounts gets blocked, which is nice, no more attack, but when people trying to use the account, they cant, because it is locked. When i look the eventviewer at the dc, when i find the lock out event, the caller computer (hope transleted correctly, meaning where is the lock originated), is empty. If i look the TermialServices-RemoteConnectionManager \operational events i only see that the TCP listerer got a connection (no more info) and after 40 seconds the account is locked.

There is an option to rename these accounts, but, i am not 100% sure it is comming from outside, and some other method to prevent this would be nice.

Any ideas are welcome

Thank you

Peter

Outlook unable to search after update

December 3, 2018, 6:51 am
$
0
0

After installing 2018-11 Cumulative Update for Windows Server 2016 (1709) for x64-based Systems (KB4467681) on our RDS servers the outlook 2013 search bar does not work, clicking on the magnifying glass does nothing.

Going to advanced find and searching there works.

Search works again after uninstalling update.

Applications that create files on the desktop - files do not show until manual refresh

April 19, 2018, 1:06 am
$
0
0

The environment is this : Windows Remote Desktop Server running Server 2016 User desktops are redirected offline files are disabled

The symptoms are :

a) this affects all users

b) if a user manually creates or copies a file to the desktop - all is fine

c) if any applications (e.g. pdf printer, save a page from firefox) create a file on the desktop the file is written to the redirected desktop folder but does not show until a manual refresh (f5)

No apparent errors in the event log and this does not happen if the user logs on to windows server 2012 rds servers.

Remote Desktop can't connect to VM

January 28, 2013, 11:47 am
$
0
0

We started using Hyper-V a few months ago. Until a few days ago, everything is working great. We have 2 physical hosts running Windows Server 2012. Each physical host has been running one VM (Windows Server 2008 R2) which is replicating to the other host.

We have added another virtual machine. It works great except Remote Desktop Connection cannot connect to it. When I try, I get the standard message:

Remote Desktop can't connect to the remote computer for one of these reasons:
1) Remote access to the server is not enabled
2) The remote computer is turned off
3) The remote computer is not available on the network

I've checked everything I can think of including:

  • VM is allowing remote access. To be sure, I even turned it off and back on.
  • There is no firewall blocking anything. To be sure, Windows firewall is turned off.
  • Remote Desktop CAN connect to the other VMs including the one running on the same physical host.
  • Everything else on the VM seems to be working. IIS is running there and web pages come up nicely. File access is good too.

There are 2 differences between this new VM and the other ones:

  • This OS is Windows Server 2008 (not R2). The other VMs are R2.
  • This VM was not created from scratch. I used Sysinternals Disk2vhd to generate a VHD from an existing physical machine and then configured a new VM to use that VHD.

I'd be very grateful for advice on how to get RDC working.

Cam

Viewing all 27533 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>