Quantcast
Channel: Remote Desktop Services (Terminal Services) forum
Viewing all 5613 articles
Browse latest View live

Remote desktop using Azure NPS extension

August 8, 2018, 7:31 am
$
0
0

Hi 

not sure if this is the correct area or if it needs to go to an azure forum

I have recently installed Azure NPS Extension onto our current remote desktop gateway setup. everything seems to work fine, I am able to enter my credentials and then approve the connection on the phone however after that the credentials prompt comes up again. it does go through after entering it again however it is an extra step which doesn't happen when using it without 2 factor.

I cannot find anyone having the same issue. please let me know if you have any ideas why the prompt would come up twice.

thank you.

Mahesh

Search

Antivirus Exclusion List?

August 9, 2018, 2:33 pm
$
0
0
Can someone please point me to an AV exclusion list for Server 2012 R2 Remote Desktop Services?

Unable to delete the Userclass.dat as it is open in SYSTEM

July 29, 2018, 9:18 am
$
0
0

I have tried to delete the Userclass.dat file precisely as it is annoying to get deleted throwing pop up as : the userclass.dat is used by SYSTEM.

Here are the troubleshooting that I did so far:

1. Tried to delete the user from the User Profiles in System Properties but cannot fine that profile precisely as there are so many Unknown account.

2.deleted the profile from Profile List in registry and rebooted the system.

3. tried to disable inheritance to the .dat file and removed the SYSTEM from the Security.

Let me know what needs to be done next.


Local printers are not redirected when connecting to Session Host on Server 2016

April 18, 2017, 3:35 pm
$
0
0

I've have an issue redirecting local printers in my WS2016 RDS farm.

When I connect to any of my Server 2016 Remote Desktop Session Host I am not able to see redirected printers. This happens with full desktop or with Remoteapp, for example, with Wordpad.

This issue happens when connecting from RDS Gateway or when connecting from the intranet. Despite that, I'm able to redirect local printers if I connect to the sesion host with the /admin console session (mstsc.exe /admin). I have EasyPrint enabled and configured with preference via GPO.

I have configured print management and installed several server printers. The users are able to see those printers, but they cannot see redirected ones. I believe it's a driver issue, as I am able to see the TS redirected ports (TSxxx PRNx) but no printer installed in any of those ports.

I do not have any clue why. Could you please help me? 

The farm is a standard RDS Farm, with 4 session host. The DCs are in another server, so no problem with that.

Thank You

RDS 2016 session host .local /wildcard certificate mismatch

August 10, 2018, 8:40 am
$
0
0

I have 3 2016 servers.

Server1.domain.local is the gateway/broker/rdweb  server

Server2.domain.local is a rd session host

Server3.domain.local is a rd session host.

The problem is I have a wildcard cert, in dns the clients connect to rds2016.domain.com (which points to server1.domain.local/the gateway) but when the gateway redirects the cilents to either server 2 or 3 the .local name shows up and prompts them with cert errors.

I found this post that allowed me to change the certificate on the session host servers to the wild card cert using wmi
https://social.technet.microsoft.com/Forums/windowsserver/en-US/cfa7d283-4b1b-4da6-8589-82059b31d258/local-fqdn-shown-when-connecting-to-session-host-through-rdgateway?forum=winserverTS#d2db4606-ee08-4e8d-ad1f-44ba16b0eceb

Get certificate thumbprint using powershell:Get-Childitem Cert:\LocalMachine\My

Set new thumbprint on server:wmic /namespace:\\root\CIMV2\TerminalServices PATH Win32_TSGeneralSetting Set SSLCertificateSHA1Hash="Thumbprint"


But the problem after running that the rdweb published apps show an error 0x607 and the .local servername again when trying to connect.  Since the wildcard cert does not match the .local name it won't let the client open the rdweb published app.  Basically running the wmi command fixed the cert errors for the full remote desktop session but broke rdweb.  

Anyway to change the name the session hosts are exposing to the clients from (ie from server2.domain.local to server2.domain.com)?


Remote Desktop session host role

August 15, 2018, 10:06 pm
$
0
0

Greetings,

    I have a valid, configured license server with 100 per user CALS - Lets call it serverL.

  I want to RDP to ServerX and I want ServerX to get a license from serverL.

   Do I do this by targeting a group policy to serverX specifying the serverL as the license server and specifying the license mode?

  Do I also need to install the Remote Desktop Session Host role on ServerX?

  What about the broker role?

Thanks

David Z

Will Deploying new RDS in a domain with existing RDS Licensing servers support evaluation period?

August 16, 2018, 5:09 am
$
0
0

Hello Everyone,

If we deploy new RDS server in a domain contoso.com which already has existing RDS configuration with Licensing servers, will I be able to use evaluation licenses for the new RDS instead of choosing from existing Licensing servers to provide the licenses.

Regards,
Pramod


Start Menu Not Working Frequently for Users (RDS 2016)

July 24, 2018, 10:58 am
$
0
0
Windows Server 2016 RDS setup with one DC and 3 session host servers, all running as VMs under Citrix XenServer. This is a session-based deployment for RDP sessions.

On 2 of these servers, the Start menu does not work most of the time. Users logged in to RDS cannot use it. You click and nothing happens, not even after many minutes. Search function does not seem to work either at this time, so it might be a general UWP app problem.

Seems that it does work for a short time after a session host server has been rebooted but latest the next day it doesn't work.

I find lots of posts, mostly years old, on Windows 10 start menu not working but cannot necessarily apply the "fixes" in a RDS scenario. And most of them seem to say (years ago) that the latest Windows Updates fixed the issue. But it isn't fixed as of right now, July 2018.

What is the reason for this and is there any fix or handling for it?

Atradius

Search

RemoteAPP after windows 10 update 1803 are slow and right mouse button is not responding (it reacts only sometimes)

May 2, 2018, 7:30 am
$
0
0

Hi,

our workstations with Windows 10 pro are in this weekend updated to version 1803. For main system we use RemoteAPP aplications on Windows server 2012R2 (Windows server 2012R2 is full updated). After update on client station are RemoteAPP slower, and  right mouse button is unresponsive, or react verly long time... 

It is a big problem for us.

PS: after replace mstsc.exe and mstscax.dll from older version Windows 10 is all OK. but this is not a solution.

Thanks.


RDP randomly disconnects and you can not reconnect

August 9, 2018, 11:26 pm
$
0
0

Hello, I have this problem and I have no idea how to solve it. Windows server 2016 has been installed for several months. Now for about a month there is a problem that for no reason during work it disconnects the remote desktopsand you can initially connect again until the end of the day but the next day, you can no longer connect through the remote desktop and the only thing that will help is the server restart. What can be done with it, had someone such a problem that after disconnect and after some time you can not reconnected?

All users connect from outside to this server. It has license for 4 users (and exactly 4 users are connecting to this server). And all four users has the same problem. 

Ejecución RemoteApp falla al ejecutar dos instancias con el mismo usuario

August 13, 2018, 10:20 am
$
0
0

Hola, tengo la siguiente situación:

 

1. Tengo instalada una aplicación en mi servidor de aplicaciones.

 

2. Esta aplicación la tengo publicada en mi Collection del servidor y desde un espacio de trabajo accedo por RemoteApp a dicha aplicación.

 

3. En esta aplicación debo configurar una conexión que apunta a un servidor el cual me permite traer la información requerida que se mostrará en la aplicación.

 

4. Según el punto anterior, tengo configuradas en la aplicación dos conexiones diferentes hacia el mismo servidor.

 

(Aquí inicia mi consulta como tal)

 

5. Requiero tener dos instancias de la aplicación ejecutándose en simultáneo. Una instancia de la aplicación se conecta a una de las configuraciones internas según el punto 4, y la otra instancia de la aplicación apunta a la segunda conexión configurada.

 

6. Cuando accedo remotamente a mi servidor de aplicaciones, puedo ejecutar las dos instancias de mi aplicación cada una conectándose a las configuraciones del punto 4.

 

7. Sin embargo, al intentar hacer esto ejecutando la aplicación desde el entorno de trabajo vía RemoteApp, ésta no me permite tener dos sesiones en simultáneo ya que dice que otro usuario está conectado.

 

Según mi análisis, cuando ejecuto la aplicación vía RemoteApp aparecen dos árboles de procesos y en cada uno aparece el .exe de mi aplicación, mientras que cuando ejecuto la aplicación en el servidor directamente solo hay un árbol de procesos donde aparecen las dos instancias .exe de la aplicación ejecutada.


¿Es posible que cuando ejecuto la aplicación vía RemoteApp los dos procesos .exe queden bajo el mismo árbol de procesos como cuando lo hago directamente en el servidor?

 

Espero haberme hecho entender.

 

Gracias.

Windows Server 2008 and Windows 2008 R2 CALs Issuance to Windows 2016 RDSH Servers

August 13, 2018, 5:22 pm
$
0
0

Hi Guys

Seeking clarity if it's possible and anyone has come across this scenario.

We have a Windows 2008 R2 based RDS License Server that has free CALs. The installed CALs (CAL Version) read as "Windows Server 2008 or Windows Server 2008 R2 : Installed TS or RDS per User CALs".

My Windows 2008 / Windows 2008 R2 and even Windows 2012 R2 server RDSH servers are able to contact the license server and get license issued. However, I recently enabled RDSH role on Windows 2016 servers (the only other difference is that these new RDSH servers re in Azure and my license server is on-premises). The new Windows 2016 RDSH servers are not getting the license even after pointing them to the on-premises license server using Server Manager.

I've followed the article https://social.technet.microsoft.com/wiki/contents/articles/16164.rds-2012-which-ports-are-used-during-deployment.aspx to allow port communication through Network Security Groups (NSG) in Azure.

This is the error I see on the RDSH severs:

Is it even possible that the existing Windows 2008 / R2 CALs can be consumed by Windows 2016 RDSH servers?

If yes, what else could be the cause of the issue and possible fix.

Thanks

Taranjeet Singh

zamn


Licence server not working anymore after updating windows

August 3, 2018, 5:02 am
$
0
0

Hi,

We have a server 2016 With remote Desktop services. The server is live and everybody can login.

After installing the roles for terminal server everything was great till i update the server.

We get a message that the licence server is given and we have a grace period of 118 days left.

The licence server is activated with client cals.

When we add a collection and add the hostserver we get the error:

Property page: Update RD licensing failed: due to exception The licensing settings can not be set: "Invalid operation"


Has anyone a idea how to solve this ?

Thanks in advanced,

John

Remote Desktop Connection

August 14, 2018, 11:46 am
$
0
0

Remote Desktop Connection

I am having trouble logging into my remote desktop. The system says my credentials and password are incorrect yet I have never changed them. I fail to understand how this happened and why.

TS: firewall failed due to missing firewall credentials

August 14, 2018, 5:41 am
$
0
0

So out cert expired on our ADFS and we did not change it in time. this is now fixed but after this we cant connect to TS servers from outside company. Internal access is working fine.

Error from outside: Your computer can’t connect to the remote computer because authentication to the firewall failed due to missing firewall credentials. To resolve the issue, go to the firewall website that your network administrator recommends, and then try the connection again, or contact your network administrator for assistance.

Anyone have an idea? i get only a few hits on google

Search

Migrate license server from 2008r2 to 2016

August 12, 2018, 2:45 pm
$
0
0

Hello, at the moment we are running a terminal Server farm connecting to a 2008r2 licensing server. We have Software assurance for our rds licenses. But now we are intalling 2016 ts server and therefore need to migrate to a 2016 licensing server.

Now we need to migrate the existing licenses to a new 2016 server.

I would firstly install a new 2016 server and then configure the rds liscensing role. But what are the further steps?

Can I then immediatly enter the MPSA Account Number to the new server and install the licenses, having the 2008r2 server at the same time running with the same MPSA contract number? And then only after successfully installing the licensenses on thte new server, remove the role from the old 2008r2 licsensing server?

Can the 2008r2 ts servers then connect without problems to the 2016 licensing server after editing the gpo?

Hope someone can give me advice, as I want to prevent running into any problems during our short maintenance time.

Best regards

Oliver

How to force RDS to use TLS1.1 or 1.2 for Windows server 2008 SP2

August 7, 2018, 8:11 pm
$
0
0

Hi All

Is there any way to force the RDS of Windows server 2008 SP2 to use TLS1.1 or 1.2?

Microsoft has released an update to add TLS1.1&1.2 support for RDS of Windows server 2008 SP2, we can safely disable TLS1.0 without breaking RDP connection after installed this update. However, since many other applications on server still need to use TLS1.0, we have to remain TLS1.0 for other applications and force RDS to use TLS1.2 to meet PCI DSSv3.2 policy.

As checked RDP-TCP property with "tsconfig", there is only 3 options for security layer(RDP security layer/Negotiate/SSL/TLS1.0) and cannot set TLS1.1 or 1.2 here.

Is there any way to set it in registry, group policy or other places?

https://support.microsoft.com/en-us/help/4074621/add-rds-support-for-tls-1-1-and-tls-1-2-in-windows-server-2008-sp2.

RDP security these days?

August 16, 2018, 7:39 am
$
0
0

Hi all.  I'm seeing a lot of security articles this past year or more about how RDP is being attacked so much.  From a risk assessment standpoint I'm trying to understand what is 'reallY' happening, and then had some questions.  

So first, all the articles talk about RDP hosts being hacked into via brute force attempts.  Also, not one article that I've seen yet, makes ny mention of what people are doing to improve the situation.  

My scenario is I manage the occasional server, low-level small business stuff so there are no multi-server environemnt, no budget for RDS licensing, etc.  It's all RDP for me, the server admin, to get on there and do single-server tasks in non-AD environments.  

That said, here's my questions: 

  • How the heck can anyone brute force an RDP host - has MS not yet implemented any kind of lock-out time-delay mechanism?  
  • I typically have a port forward on the site Internet gateway to listen on a different port than 3389, then forward to the internal server.  Assuming port scans are not being done thru the whole TCP range, I imagine this is ok?  Granted I realize you can port scan from a botnet so your router would have to be able to detect anomalies and not just repeated attempts from the same IP, but let's assume there is no port scan mitigation in place.  
  • Under WS2016 Standard host, from a Win 10 Pro client, is the session encryption good? 
  • Lastly are there any recommended configuration options or white papers I should review to set RDP up so that it is secure enough to satisfy real world security needs?  I don't mean is it hack-proof as nothing ever is, but "good enough".  

And maybe one last question: if the answer is "dump RDP man", well, are there any recommendations for a stand-alone solution for remote access to client machines, but that also does servers? TeamViewer does not do servers it seems.  

Thanks!  

Terminal Services RDP in Server 2016

August 14, 2018, 7:38 pm
$
0
0

Hello,

I need to allow four users to work remotely by connecting from outside the organization to Server 2016.

Which role is needed to accomplish this, is it Remote Desktop Services or Remote access?

Thanks in Advance.

Can't create self signed certificate for RD Gateway

April 21, 2016, 12:05 pm
$
0
0

I'm trying to set up an RD Connection Broker for RemoteApp, but I'm getting an error when I try to create a self signed cert for the RD Gateway:

The self-signed certificate has been successfully created, but RD Gateway cannot store the certificate in the directory C:\Users\myuserid\Documents. Please specify a different directory, and try again."

I tried other directories, all of which I have full rights to, but still no dice. I can't find anything with this error. Any idea how I can get past it?

FWIW, I have no problem logging into this server through RDP.

Thanks.

Viewing all 5613 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>