I'm setting up a 2012R2 RDS farm that will include a Web Gateway, or possibly a Web Gateway cluster. In the end, I will end up having multiple RDS farms set up. Is it possible for a single RDS Web Gateway or Web Gateway cluster to be the web gateway for
multiple RDS farms and route users to the appropriate farm based on their group membership, rather than having a separate Web Gateway or Web Gateway Cluster for each farm?
↧
Remote Desktop Web Gateway and multiple RDS Farms
↧
malicious RDP logons
Hi all.
I have one PC with only one user account on it. This PC is configured to accept remote desktop connections. This PC is 150 km away and teamviewer hangs on login, hence the RDP connection.
Last night I logged onto the PC to find 3 drives had been bitlocked :( 2 out of the 3 recovery files are in the recycle bin on one of the bitlocked drives (I found this by the properties of the .lnk files in the app data roaming folder)
After trawling through the event viewer I have noticed that many people have logged into the PC over the past few days from multiple countries except the usernames they provided are all over the place. (curt, test, test123, chandler, colin, admin, etc etc)
As a test I tried to log in using one of the usernames and the correct password and was denied.
How are they able to log into the PC by using those usernames that are not the username of the primary user account???
↧
↧
Can you differentiate between logoff types?
Hi,
I have posted this in the Windows Server Remote Desktop Services forum but my query relates to any implementation of RDS with both desktop and server O/S instances acting as the remote desktop target - If this is the incorrect forum please direct me to a more appropriate location.
I am wondering if it is possible to differentiate, from event log details, in much the same way you can distinguish logon types (Interactive/network/Unlock etc. etc.), between a remote desktop session log off actively initiated by a user versus a log off initiated by RDS in response to a connected idle session time-out being reached and versus a log off initiated by RDS in response to a disconnected session time-out being reached?
Thanks in anticipation,
Jo
↧
Different HA Connection Brokers in the same network
Hello,
I have a questions surrounding Remote Desktop Services in Windows Server 2012 R2 that I hope can be answered.
I have already deployed Session Based Remote Desktop Service with HA Connection Brokers and Session Host Servers gathered in farm in my local subnet, may I deploy a second/third (with different deployment configuration) Session Based Remote Desktop Service with HA Connection Brokers with own SH servers farm within the same network.
Are there restrictions or recommendations regarding deployment a few RDS within one subnet?
I have a questions surrounding Remote Desktop Services in Windows Server 2012 R2 that I hope can be answered.
I have already deployed Session Based Remote Desktop Service with HA Connection Brokers and Session Host Servers gathered in farm in my local subnet, may I deploy a second/third (with different deployment configuration) Session Based Remote Desktop Service with HA Connection Brokers with own SH servers farm within the same network.
Are there restrictions or recommendations regarding deployment a few RDS within one subnet?
↧
Setting up a windows server with RDS, what licences do i need?
Hi Folks,
sorry if i will be asking stupid questions. I am pretty new to windows server operating systems, so far i have only used linux for servers, and windows 7 for the occasional game.
I have a program, that i need (want) to run on a terminal server, and have 6 clients accessing the program (via RemoteApp if possible). As far as i have understood, i will need the following Licenses for that: 1 Windows Server license (e.g. 2012 R2), 6 CALs for accessing the server, 6 RDS-CALs (really? i need an extra license to use the RDS?) and of course the os licenses for the clients (they have windows 7 & windows 8 installed, this should suffice right?).
My questions are:
1. Is this correct or do i need more/less/different licenses? Is it ok if i buy OEM-CALs? I find cheaper offers for them on the internet. Is there any drawback when using them?
2. I haven't gotten that far with my research yet, but it seems that i need some kind of an extra server (or virtual instance) as a Domain Controller. Do i really need that? Will i need an extra license for that?
3. Is there any way to test this whole setup before buying all those licenses? Or do i need all the CALs and so on from the beginning on? I have access to Server licenses (for the server os) from my university, but of course i would not be allowed to use them for use in a non-educational environment. I could use them to test the setup first though, but i can not find CALs in my university's microsoft store.
Thank you very much for taking the time to answer my (beginner) questions!
Lasse
↧
↧
RDS license server not able to recognise itself
Hi All,
I have a bit of a strange issue related to licensing RDS clients.
I have a new farm setup on 2012R2 - 3 servers:
Server 1 is the connection broker, gateway, license etc.
Server 2 and 3 are app servers.
On to the issue, server 2 and 3 are configured to look at server 1 for licensing, which appears to work perfectly, it states that there are 80 licenses available and users can log in. However on Server 1 i look at the licensing diagnoser and it states that
there are no licenses available and it appears that it is not configured with license server.
Licensing is configured through server manager, i have the server added and i'm using the per user mode.
Initially i assumed it would be fine as no one but admins log into the server so it doesnt really need licenses, that is until the grace period expired. It stopped all access to the servers, i was able to modify registry to get another 120 days, but this is
just a work around.
So in summary has anyone come across this error and if so how did they get past it.
Thanks in advance for any help.
↧
2008 RDP CAL LICENSE CAN I USE IT IN 2012 R2 SERVER
WE ARE GOING COMPLETE REMOVE 2008R2 SERVER AND FRESH INSTALL 2012R2.
WE HAVE 2008 RDP CALS LICENSES CAN I USE THOSE RDP CALS IN 2012R2.
↧
RDS on Azure network coonected to on premise network
Hi
I want to know if it s possible to make a RDS server into Microsoft Azure network and join this server to a On premise domain ?
I have work Apps in my on premise domain and i need to build a remote desktop for my nomad user.
Someone can explain how can i do that , do i need Gateway for secure access ? do i need to build DMZ
Thanks
↧
RDWeb Stopped Working
Hi,
Usually we just need to enter https://ttksrv211.kdm.org/rdweb and it would go to RDWeb page where we can use RemoteApp and Remote Desktop. Now we have enterhttps://ttksrv211.kdm.org/rdweb/pages/
what is the reason? IIS service is restarted.
Thank you
Tuan
↧
↧
Server 2012 RDS Apps slow to launch first time
When users login to RDS by clicking on an app in the published portal it takes 2 - 3 minutes for the app to launch.
After the initial app launching any other app will launch immediately when you click on it.
Does anyone have any ideas?
↧
RDS Gateway - Could not connect to resource
My RDS GW is in DMZ (192.168.255.x) and my RDS Hosts are in internal network (172.23.1.x)
Sometimes, the Gw try to connect with the RDS Hosts by name and other times by their internal IP address.
When the GW try to connect with internal IP address, obsviously, it gets an error to connect.
The user "ad\username1", on client computer "x.x.x.4",
met connection authorization policy and resource authorization policy requirements,
but could not connect to resource "172.23.1.x". The following error occurred: "23005".
When teh GW try to connect by the name, it WORKS!!
The user "ad\username2", on client computer "x.x.x.4",
met resource authorization policy requirements and was therefore authorized to
connect to resource "rds.xpto.com".
I dont know how it gets the internal RDS host IP!!!
My RDP file is setup with rdsgw.xpto.com for the gateway and rds.xpto.com to the RDS Host.
There is no IP configured in the RDP file!
nslookup rds.xpto.com -> ip: 192.168.255.x (there is a NAT to internal RDS Host)
Why does the GW sometimes try to connect by name and other times by IP????
Any help is welcome!!
↧
RDS 2012 remoteapp sessions, HKCU/Control Panel/Colors
I am in a test environment with a 2012r2 session host and with a 2012R2 gateway. We published an application that currently requires us to modify the registry, specifically the 'InactiveTitleText' value in HKCU\control panel\colors. In a remote
desktop session, the registry change works fine, and the app displays as expected. However, once we are in a remoteapp session directly to the app, it will overwrite our registry value('InactiveTitleText') back to the default value of ' 0 0 0'.
Is there a different location for this value in the registry for a remoteapp session? How can I get this value set to a specific value within a remoteapp session besides the default value of '0 0 0'? Or is there no workaround for this? Settings in RDS I'm missing maybe?
↧
Remote Desktop Apps Not Working externally. Beyond Frustrated
I have a server setup as a DC with AD and RDServices installed.
I have a second server with the GW and CB and IIS and licensing and whatever else it installed.
I am using no-ip.biz to provide the external name / DNS for RDWeb.
I am using DSL and have the ports 443; 3389; and 3391 open.
_______________________
Internally, I can open RDWeb, click on an app and VOILA! It opens just fine.
Externally, I can open RDWeb, login with my credentials, click on an app . . . . then wait for it... wait for it andBOOM! The really helpful "...gateway unavailable..." message appears. At this point, it might as well be theBlue Screen of Death.
I am not an ordinary dummy but I am extraordinarily challenged. LOL.
DNS is my biggest weakness - but I am almost at wits end, thinking there has to be something I need to do in DNS to make this work. Many of you say (in other posts) create an A record for external and internal and etc etc etc. I am supposed to be a professional and "get it"...... but I don't. That's my weakness. I am a DNS Flunky.
But alas, I hope my brothers and sisters who are great at quantum physics and algebraic triginometric pi-alpha equations can help me out here.
Embarrassed? Sure... but at least I am asking for some help.
Hell, I'd even open up a rescue session so I could watch what the hell you do to fix this damn thing.
_________________
In all seriousness, guys, I am really stuck and need some guidance and help. Anything someone will do to resolve this would be more than appreciated.
Chris
↧
↧
Web Access with one to one certificate authentication
Hi
Using 2012R2 with all RDS roles on one xox (test purpose).
I have configured the RD web access and gateway, so its possible from the internet to access the server through https.https://server.domain/RDWeb I have a thrusted 3.part wildcard certificate on the domain and it works fine.
What I want is to protect the https://server.domain/RDWeb to require a client SSL certificate (selfsigned). I tried to add this to the website and are asked for certificate, but get a runtime error in the browser and from the eventlog on the server:
Event code: 3005
Event message: An unhandled exception has occurred.
Process information:
Process ID: 1272
Process name: w3wp.exe
Account name: IIS APPPOOL\RDWebAccess
Exception information:
Exception type: NullReferenceException
Exception message: Object reference not set to an instance of an object.
at Microsoft.TerminalServices.Publishing.Portal.RWSCPubAndTsAccessor.GetApplications(String strSid, Boolean onlyShowAvailableByDefaultResources, AppInfo[]& apps, AppInfo[]& desktops)
at Microsoft.TerminalServices.Publishing.Portal.RapWebService.GetRemoteApps(String strUserIdentity, Boolean onlyShowAvailableByDefaultResources)
at Microsoft.TerminalServices.Publishing.Portal.WebFeed.GetDataForFeed(String userIdentity, String folderName, Dictionary`2& resource_list, Dictionary`2& ts_list, List`1& folders, Boolean& supportsReconnect)
at Microsoft.TerminalServices.Publishing.Portal.WebFeed.GenerateFeed(String userIdentity, FeedXmlVersion xmlVersion, String folderPath, Boolean writeXmlDecl)
at ASP.en_us_default_aspx.Page_PreInit(Object sender, EventArgs e)
at System.Web.UI.Page.OnPreInit(EventArgs e)
at System.Web.UI.Page.PerformPreInit()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
Thread information:
Thread ID: 25
Thread account name: IIS APPPOOL\RDWebAccess
Is impersonating: False
Stack trace: at Microsoft.TerminalServices.Publishing.Portal.RWSCPubAndTsAccessor.GetApplications(String strSid, Boolean onlyShowAvailableByDefaultResources, AppInfo[]& apps, AppInfo[]& desktops)
at Microsoft.TerminalServices.Publishing.Portal.RapWebService.GetRemoteApps(String strUserIdentity, Boolean onlyShowAvailableByDefaultResources)
at Microsoft.TerminalServices.Publishing.Portal.WebFeed.GetDataForFeed(String userIdentity, String folderName, Dictionary`2& resource_list, Dictionary`2& ts_list, List`1& folders, Boolean& supportsReconnect)
at Microsoft.TerminalServices.Publishing.Portal.WebFeed.GenerateFeed(String userIdentity, FeedXmlVersion xmlVersion, String folderPath, Boolean writeXmlDecl)
at ASP.en_us_default_aspx.Page_PreInit(Object sender, EventArgs e)
at System.Web.UI.Page.OnPreInit(EventArgs e)
at System.Web.UI.Page.PerformPreInit()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)If I change the APPpool from Integrated to Classic pipeline I'm able to get to the web form where I can enter username/password but I just get "The user name or password that you entered is not valid. Try typing it again."
So how is it possible to get it all combined so we require a client certificate to be able see the RD webaccess and preferable get SSO as well? I'm able to get it work on seperate sites, but not combined.
Thanks
Kim
↧
Remote computer was reached is not one you specified
Hello
3 sites - 6 Server 2 DC+ 2 DC + 2 DC
1 DC has a failure (called the server), I remove from AD, reset the system and enter to AD + install DNS + global catalog.
All replication from server go to the other DC is good.
From one site can not connect on the RDP - error the connection can not be completed because remote computer was reached is not one you specified
What could be the problem?
I do ipconfig/flushdns - don't help
↧
RDS and SID error with two-way trust
Hey there.. weird one here.. I am testing RemoteApps with Server 2012. All is fine except for when I try and grant access to user in another forest where we have a two-way\forest transitive trust. The error is below.. What is interesting is the trust works fine otherwise. For example, if I try and add a user to the local admin group on the server it works great.. I can even authenticate via RDweb portal from a user in the trusted domain.. any ideas?
↧
The user profile Service failed the logon
Dear all ,
my RDS server 2008 R2 I receive this error "The user profile Service failed the logon" . I use 10 of 16 GB RAM on server.
I see in perfmon the the registry quota is 40 % when I have no users connected on the server. I have a other server RDS a same configuration software and hardware and we have 40 % or 50 % in the registry quota when I have 40 users are connected.
Do you have an idea?
Thanks.
↧
↧
Reconnect dialog on successful logoff in Remote Desktop Connection Manager, Windows 2008
need assistance with a very annoying problem. recently, I have had issues with this little gem cropping up on the occasional logoff. Now it is consistent, and I cannot find any way to get rid of the issue. It essentially negates the benefits of logging off of a group of servers simultaneously because I have to go back and touch each cancel to finally disconnect. And as a bonus, sometimes... just sometimes... I will click cancel and the dialog box will not go away and the session will not completely close from the client, leaving it greyed out and hung...
I have looked at all sorts of solutions but none have been pertinent to this situation and have focused on the server being connected to, and not on the client doing the connecting, and I am certain it is the client... I have 2 hopper servers I use to connect to other servers in the environment, and the other server does not exhibit this behavior.
Any assistance would be greatly appreciated.
↧
Icon on user's desktop not in redirected desktop folder and can not be deleted.
Windows 2008 R2 Hyper-V VM
The icons on the user's session desktop are neutral. Under Properties -> General one can see the UNC path of the redirected folder.
No such items appear in the actual folder as viewed with Explorer or using the dir command.
Any help would be greatly appreciated
↧
Strange values for Idle and Disconnect Time in Server Manager - Session Collection
Vote
Hello,
I see strange behaviour for Idle Time and Disconnect Time in Server Manager Session Collections.
When a user connects to a Session Collection then there is no value for Disconnect Time and Idle Time. Thats ok.
But when disconnection it i get some that look like the first (top) blue box, which is normal behavior, however i also get
several users on different servers that get the secon blue box (bottom) - how can they have an active session state, be disconnected and idle????
I have 19 RDSH in the collection and the issue is on every server, i have tried building new RDSH and using it - sam result,
i've disabled alle GPO settings regarind Remote desktop, handeling all setting in the collection properties.
I have 2 RG GW, with Web access and HA RDCB on RDG's. All servers are Windows Server 2012 R2 VMs in Hyper-V.
↧