I have a Windows Server 2008R2 server that i installed Remote Desktop Services on many years ago.  It only has two role services installed.  

Remote Desktop Server.  It is as basic a configuration RDS can be.  It only has Remote Desktop Session Host and Remote Desktop Licensing Server installed.  Nothing else.  And all i do is create local users, put them in the Remote Desktop Users group and i let them remote to this server using "Remote Desktop Connection" in Windows 7/10.

How do i replicate this environment as closely as possible in Windows 2012R2/2016/2019?  I see that those versions introduced a bunch of new features and role services, all of which look like stuff I DONT NEED. :) I dont need a connection broker or a web server!  None of that. I just want what i already have today and nothing more.  Is that possible?

Has anyone written a guide for building a bare bones RDS server on the newer OS that doesnt have all this new stuff?

This is the opposite of the usual "tunnel xxxx service through SSH"

I'm looking for a way to tunnel THROUGH an RDS server, in order to make outbound SSH connections.

I've done some research and found some advice on creating a new collection in RDS, and a separate FQDN and port.

But this doesn't answer how to authenticate against the RDP service through SSH (I don't want an open proxy tunnel)

Hi Everyone,

We have one of are larger clients that was recently transitioned into a server farm using Broker with 10 hosts (approx. 75 users). Broker and hosts are all on Server 2019 Datacenter. The issue seems to crop up randomly, some users are effected after 10 minutes, some after 5 hours, regardless of host but either way their session hangs (completely unresponsive). 

They have 9 offices, all are point to point VPN'd to our Datacenter where the servers are and all of them work fully out of RDP. I've turned logging on the Broker but doesn't seem to be catching much, on the other hand I am getting the following error from the hosts when a user has the "freezing" issue:

EventID 1401: The server is using version 0xA0600 of the RDP graphics protocol (client mode: 0, AVC available: 1).

EventID 266: RDPClient_SSL: An error was encountered when transitioning from TsSslStateDisconnected to TsSslStateDisconnected in response to TsSslEventInvalidState (error code 0x8000FFFF).

Event ID 1105: The multi-transport connection has been disconnected.

They always seem to get this string of reports under Microsoft-Windows-TerminalServices-RDPClient/Operational when the hang happens. We've tried restarting all of the hosts and broker, all firewalls, etc but the issue continues and needless to say they are getting frustrated. The only two "fixes" seem to be booting their session, or waiting the 30+ minutes for the session to come back.

I've done a fair bit of research but most paths seem to lead to a dead end, any insight provided would be massively appreciated. I can upload all the logs I've collected if need be.

Thanks

I'm having an issue on a single RDS 2016 server at the moment where the start menu doesn't open.  

I've gone though lots of steps including sfc /scannow  (No errors)   DISM with all the options (No Errors)

I've cleared the Registry in firewall policy\restricted services\configurable\system.

I believe the issue is that I don't have any applications registered in the get-appxpackage at all, it just comes back blanks where as on working machines I get a list of about 15.

I've tried to install the packages by hand using variations of 

Add-AppxPackage -DisableDevelopmentMode -Register C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppxManifest.xml -Verbose 

This returns the following;

Add-AppxPackage : Deployment failed with HRESULT: 0x80073CF6, Package could not be registered.
An internal error occurred with error 0x800705AA. See http://go.microsoft.com/fwlink/?LinkId=235160 for help diagnosing app deployment issues.
NOTE: For additional information, look for [ActivityId] 5597e571-c93a-001c-e6eb-97553ac9d401 in the Event Log or use the command line Get-AppxLog -ActivityID
5597e571-c93a-001c-e6eb-97553ac9d401
At line:1 char:1
+ Add-AppxPackage -DisableDevelopmentMode -Register C:\Windows\SystemAp ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : WriteError: (C:\Windows\Syst...ppxManifest.xml:String) [Add-AppxPackage], IOException
    + FullyQualifiedErrorId : DeploymentError,Microsoft.Windows.Appx.PackageManager.Commands.AddAppxPackageCommand

If I then use Get-AppxLog -ActivityID5597e571-c93a-001c-e6eb-97553ac9d401

Time                      ID           Message
----                      --           -------
20/02/2019 17:22:29       301          The calling process is powershell.exe
20/02/2019 17:22:29       603          Started deployment Register operation on a package with main parameter: AppxManifest.xml and Options: 0. See
                                       http://go.microsoft.com/fwlink/?LinkId=235160 for help diagnosing app deployment issues.
20/02/2019 17:22:29       10002        Creating Resiliency File
                                       C:\ProgramData\Microsoft\Windows\AppRepository\75f29027-c919-4974-89c9-f53bb4413b5f_S-1-5-21-1787921346-3847137862-2124306101-500_1.rslc for
                                       Register Operation on Package Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy.
20/02/2019 17:22:29       607          Deployment Register operation on package Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy has been de-queued and is running
                                       for user FISRDS1\Administrator.
20/02/2019 17:22:29       613          Adding uri to the list of Uris: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppxManifest.xml.
20/02/2019 17:22:29       447          GetFullyQualifiedReference from the String Resource Map for package full name:
                                       Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy and reference string: Microsoft Corporation failed.
20/02/2019 17:22:29       339          Registration will process the extensions in the following order: windows.visualElements windows.autoPlayContent windows.autoPlayDevice
                                       windows.activatableClass.inProcessServer windows.activatableClass.outOfProcessServer windows.activatableClass.proxyStub
                                       windows.activatableClass.downloadUpload windows.search windows.fileOpenPicker windows.fileSavePicker windows.cachedFileUpdater
                                       windows.appUriHandler windows.shareTarget windows.lockScreenCall windows.personalAssistantLaunch windows.fileTypeAssociation windows.protocol
                                       windows.appointmentsProvider windows.activatableClass.backgroundPlaybackClass windows.backgroundTasks windows.DefaultBackgroundTasks
                                       windows.webAccountProvider windows.userDataAccountsProvider windows.preInstalledConfigTask windows.updateTask windows.appService
                                       windows.appointmentDataProvider windows.contactDataProvider windows.emailDataProvider windows.internal.filePickerExperience
                                       windows.dialProtocol windows.restrictedLaunch windows.accountPictureProvider windows.cameraSettings windows.printTaskSettings
                                       windows.print3DWorkflow windows.activatableClass.collector .
20/02/2019 17:22:29       10000        About to service package Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy. Setting the package state to disabled returned
                                       with 0x80070490.
20/02/2019 17:22:29       339          Registration will process the extensions in the following order: windows.stateExtension windows.applyDataExtension windows.repositoryExtension
                                       windows.capability windows.MRT windows.visualElements windows.alarm windows.autoPlayContent windows.autoPlayDevice
                                       windows.activatableClass.inProcessServer windows.activatableClass.outOfProcessServer windows.activatableClass.proxyStub
                                       windows.activatableClass.downloadUpload windows.gameExplorer windows.search windows.fileOpenPicker windows.fileSavePicker
                                       windows.cachedFileUpdater windows.appUriHandler windows.shareTarget windows.lockScreenCall windows.personalAssistantLaunch
                                       windows.fileTypeAssociation windows.contentType windows.protocol windows.appointmentsProvider windows.defaultPrograms
                                       windows.activatableClass.backgroundPlaybackClass windows.backgroundTasks windows.DefaultBackgroundTasks windows.webAccountProvider
                                       windows.userDataAccountsProvider windows.preInstalledConfigTask windows.updateTask windows.appService windows.appointmentDataProvider
                                       windows.contactDataProvider windows.emailDataProvider windows.internal.filePickerExperience windows.dialProtocol windows.restrictedLaunch
                                       windows.integrityExtension windows.licensing windows.accountPictureProvider AppSync windows.cameraSettings windows.printTaskSettings
                                       windows.print3DWorkflow windows.DeviceSetupManager windows.activatableClass.collector windows.certificates windows.preCompilationExtension
                                       windows.ntServices windows.wmiProviders windows.iisModules windows.performanceProviders windows.eventProviders windows.runTime
                                       windows.DeviceAccess windows.indexedDB windows.MicrosoftAccountClient.SignOut windows.searchIndexer windows.geolocation windows.userDataAccess
                                       windows.repositoryExtension.remove windows.stateExtension.remove .
20/02/2019 17:22:29       827          Capability parsing started for the package Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy
20/02/2019 17:22:29       5252         An internal error occurred with error 0x800705AA. See http://go.microsoft.com/fwlink/?LinkId=235160 for help diagnosing app deployment issues.
20/02/2019 17:22:29       306          error 0x800705AA: While processing the request, the system failed to register the windows.stateExtension extension due to the following error:
                                       Insufficient system resources exist to complete the requested service.
                                       .
20/02/2019 17:22:29       316          error 0x800705AA: Cannot register the request because the following error was encountered during the registration of the windows.stateExtension
                                       extension: Insufficient system resources exist to complete the requested service.
                                       .
20/02/2019 17:22:29       5252         An internal error occurred with error 0x80070002. See http://go.microsoft.com/fwlink/?LinkId=235160 for help diagnosing app deployment issues.
20/02/2019 17:22:29       331          error 0x80070002: While reverting the request, the system failed to de-register the windows.stateExtension extension due to the following
                                       error: The system cannot find the file specified.
                                       .
20/02/2019 17:22:29       300          error 0x80073CF6: Cannot register the Microsoft.Windows.Cortana_cw5n1h2txyewy package due to the following error: Package could not be
                                       registered.
                                       .
20/02/2019 17:22:29       605          The last successful state reached was ResolvedDeferredRegistrations. Failure occurred before reaching the next state RegistrationChanged. hr:
                                       0x80073CF6
20/02/2019 17:22:29       339          Registration will process the extensions in the following order: windows.stateExtension windows.applyDataExtension windows.repositoryExtension
                                       windows.capability windows.MRT windows.visualElements windows.alarm windows.autoPlayContent windows.autoPlayDevice
                                       windows.activatableClass.inProcessServer windows.activatableClass.outOfProcessServer windows.activatableClass.proxyStub
                                       windows.activatableClass.downloadUpload windows.gameExplorer windows.search windows.fileOpenPicker windows.fileSavePicker
                                       windows.cachedFileUpdater windows.appUriHandler windows.shareTarget windows.lockScreenCall windows.personalAssistantLaunch
                                       windows.fileTypeAssociation windows.contentType windows.protocol windows.appointmentsProvider windows.defaultPrograms
                                       windows.activatableClass.backgroundPlaybackClass windows.backgroundTasks windows.DefaultBackgroundTasks windows.webAccountProvider
                                       windows.userDataAccountsProvider windows.preInstalledConfigTask windows.updateTask windows.appService windows.appointmentDataProvider
                                       windows.contactDataProvider windows.emailDataProvider windows.internal.filePickerExperience windows.dialProtocol windows.restrictedLaunch
                                       windows.integrityExtension windows.licensing windows.accountPictureProvider AppSync windows.cameraSettings windows.printTaskSettings
                                       windows.print3DWorkflow windows.DeviceSetupManager windows.activatableClass.collector windows.certificates windows.preCompilationExtension
                                       windows.ntServices windows.wmiProviders windows.iisModules windows.performanceProviders windows.eventProviders windows.runTime
                                       windows.DeviceAccess windows.indexedDB windows.MicrosoftAccountClient.SignOut windows.searchIndexer windows.geolocation windows.userDataAccess
                                       windows.repositoryExtension.remove windows.stateExtension.remove .
20/02/2019 17:22:29       339          Registration will process the extensions in the following order: windows.visualElements windows.autoPlayContent windows.autoPlayDevice
                                       windows.activatableClass.inProcessServer windows.activatableClass.outOfProcessServer windows.activatableClass.proxyStub
                                       windows.activatableClass.downloadUpload windows.search windows.fileOpenPicker windows.fileSavePicker windows.cachedFileUpdater
                                       windows.appUriHandler windows.shareTarget windows.lockScreenCall windows.personalAssistantLaunch windows.fileTypeAssociation windows.protocol
                                       windows.appointmentsProvider windows.activatableClass.backgroundPlaybackClass windows.backgroundTasks windows.DefaultBackgroundTasks
                                       windows.webAccountProvider windows.userDataAccountsProvider windows.preInstalledConfigTask windows.updateTask windows.appService
                                       windows.appointmentDataProvider windows.contactDataProvider windows.emailDataProvider windows.internal.filePickerExperience
                                       windows.dialProtocol windows.restrictedLaunch windows.accountPictureProvider windows.cameraSettings windows.printTaskSettings
                                       windows.print3DWorkflow windows.activatableClass.collector .
20/02/2019 17:22:29       10001        Finished servicing package Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy. Setting the package state to enabled returned
                                       with 0x0.
20/02/2019 17:22:29       401          Deployment Register operation with target volume C: on Package Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy from:
                                       (AppxManifest.xml)  failed with error 0x80073CF6. See http://go.microsoft.com/fwlink/?LinkId=235160 for help diagnosing app deployment issues.
20/02/2019 17:22:29       404          AppX Deployment operation failed for package Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy with error 0x80073CF6. The
                                       specific error text for this failure is: An internal error occurred with error 0x800705AA. See http://go.microsoft.com/fwlink/?LinkId=235160
                                       for help diagnosing app deployment issues.

I can't seem to get the system to re-register those applications!

Open to any suggestions?  (Please no, have you restarted the server!)

This happens on all users including local admin and new accounts.  Happens in Safe and Clean Boot.

Thanks.

Hello,

I have password change enabled on RDWeb running on Server 2016.  Internally on the LAN I expire a user's AD password and on RDWeb get prompted and successfully change the password.

If I move this server to the DMZ with an AD RODC then the password change attempt ends in an error message "Your password cannot be changed.  Please contact your system administrator"      From the same server that is running RDWeb in the DMZ I can successfully change that user's password at login to the console.  So this is only an issue from the RDWeb change password mechanism.

I have taken a wireshark trace and I see the communication coming back from the RWDC to the RODC saying the user's password has expired and the RODC acknowledging it but I don't see any other error.

Does anyone have any ideas?

Hi,

our workstations with Windows 10 pro are in this weekend updated to version 1803. For main system we use RemoteAPP aplications on Windows server 2012R2 (Windows server 2012R2 is full updated). After update on client station are RemoteAPP slower, and  right mouse button is unresponsive, or react verly long time... 

It is a big problem for us.

PS: after replace mstsc.exe and mstscax.dll from older version Windows 10 is all OK. but this is not a solution.

Thanks.

Hello,

A couple of my users want to use RDP to do their work, but recently they have been getting this error. 

This is simply trying to get onto a workstation. So in my use case the user is just trying to RDP onto a Windows 10 Enterprise Edition (they are trying to log onto their computer from home), not a Windows Server or anything like that.

https://support.microsoft.com/en-us/help/4295591/credssp-encryption-oracle-remediation-error-when-to-rdp-to-azure-vm

In my research I've found that I can get around this by going into the the group policy editor and going toComputer Configuration > Administrative Templates > System > Credentials Delegation,and then trying to change the Encryption Oracle Remediation policyto Enabled and then change the Protection level to Vulnerable. 

But when I go into the group policy editor the Encryption Oracle Remediation policyis not there. 

So I am not sure what I can do to fix this, all I want is the ability to remote into a Windows 10 machine, I have tried from multiple computers that reside on my network (and on a VPN as well) can RDP into other computers, except for my user's one workstation. Is there something I can reinstall on my user's workstation or repair to let computers RDP connect to it? 

-Thanks

Hello

I´ve installed Windows 2019 Server to our RDS environment, and for some time it worked well. We´re using 6 RDS servers and every day one of that freeze and needs to be restarted. Users who is logged to server works normally, but user who need to login just got black screen and freeze on that. In event viewer i found error 4005 The Windows logon process has unexpectedly terminated.

If im trying to connect to server via console (on dell servers) as server admin i cant do anything because login screen is freezed too. Only way is to restart server. Remote powershell looks like working, but cant log off user. There wasnt installed any updates when it start freezing :(

Any idea how to fix it ?

Hello

Can a Windows Server 2012 (R2) sessionhost be added to a Windows Server 2019 Gateway, and is this supported?

The Microsoft documentation has not yet been updated for Server 2019.
(https://docs.microsoft.com/en-us/windows-server/remote/remote-desktop-services/rds-supported-config)

I would like to migrate existing SH's to a newer Gateway to make use of a broader set of security ciphers.

Kind Regards

D.

In a very simple windows 2012 r2 RDS server there are two setting which seem almost the same. If someone could explain the difference that would be helpful.

Both are accessible from the RDS Overview panel.

#1 is found in the Deployment Overview panel where there is a RD Licensing icon. If one adds a RD License Server via that icon, the server will appear in the adjacent Deployment Servers list.

#2 is exposed via Tasks list when you choose Edit Deployment Properties. The four deployment properties that are exposed there include an entry for RD Licensing, which allows you to again specify the FQDN for a RD License Server and to choose between licensing per device or per user.

Hello!

We have two Connection Broker servers using DNS round robin. Yesterday i saw that our RD host servers have alot of Audit Failure events (4625) in the Security log.

It looks like our CB servers are trying to logon with it's computer account to the RD Host. This happend multiple times per day and when it does it's looks like it's spamming login attempts, up to 10 times per second. Please take a look at the following look example:

Any suggestions?

Kind Regards,

Anthon

Hey

Is it possible to publish a cutom rdp on the rdweb? (for another company/connection broker)

Mike

Single RDS gateway 2016.  Both RDweb and RDC point to same Gateway. We have NPS extention configured. 

When we login on to RDweb we get the MFA prompt from Ms Auth

When we log on to the same GW via RDC the logon never gets to NPS for MFA. 

I am trying to ID the issue. RDweb is aware and looks to the NPS CAP store. But RDC seem oblivious. How do these two authenticate differently? Any ideas on how to troubleshoot to ID and resolve? 

I have even remove NPS completely and rebuilt but same issue. So I am convinced the issue is w. RDC/RDGW and not the NPS/MFA side of things. 

Thanks,

SJMP

Platform

• Server 2016 Session Host
• Office 365 Pro Plus 2016

Hello

We successfully installed Office 2016 Prop Plus on to the session host some months ago. We have a random problem that has occurred twice now, where a user is prompted toactivate the product when they open a document first thing in the morning. The user can successfully activate the product by signing in. But if they close all products, they are promoted to  activate again when opening any of the products. The only way I could fix this for the first user a few months ago was to delete the profile  including the UPD.  The issue has begun again for anther user, and I'm trying to find a solution. There are other people having this issue out there in tech land, but with no firm answers that I can find. 

Many Thanks 

MIS5000

Hey everyone,

I have a Remote Desktop 2016 Farm running published apps

The Windows 10 Clients inherit the dpi settings from the local computer to the published app that they execute, but that function does not work with Windows 7.

I know it is possible to change the default dpi and resolution settings from “rdweb\pages\Application Settings” for all published applications.

Does anyone know if it is possible to change screen or dpi resolution for a single published app?

Best regards
Carsten

Hello RDS experts,

We have an application installed on server that works only with local administrator credentials. We want users also to use the application but we are not willing to provide either admin rights or admin credentials to users.

Question is, is there any option where this application is published through RemoteApp and when users on Windows-10 open it automatically opens with admin credentials ?

Any help much appreciated...

Best Regards, CSR

Hi,

i have a farm of win2016 rds with rdsh connection broker.

sometimes users get 

Remote Desktop Services are currently busy

 i need to know to server the cb redirect them.

is there any log for this messege?  because if i will catch it i will know i can disable the server or restart him.

Thanks, 

Aviv

Hi guys i was wondering if you could help me out with a reboot issue.

I have a windows Server 2016 terminal server installed in my test environment with an activated license but the server keeps getting rebooted and i did not configure it.  Any idea what this could be?

I already checked if it was a Windows update issues but it does not seem to be.

I get the following error message:

The process C:\Windows\System32\svchost.exe (C6) has initiated the restart of computer C6 on behalf of user NT AUTHORITY\SYSTEM for the following reason: Other (Unplanned)
 Reason Code: 0x0
 Shutdown Type: restart
 Comment: A remote client is trying to shutdown this machine through Remote Desktop Services

Event id: 1074

User: System

Dear Microsoft,

We are getting error on rdp services and in task bar users there are User4 Disconnected cant log off.

The task you are trying to do can't be completed because remote desktop services is currently busy. Please try again in a few minutes. Other users should still be able to log on.

Please help on this support.