Hi Folks,

I have a small program which pings a remote API to obtain football stats.

The App works fine on my W10 laptops, but as it runs 24/7 I decided to put it on a dedicated VPS server.

However, it isn't able to access the API remotely. Windows appears to be blocking any API calls.

I can access the API without a problem from the server using Firefox, so it doesn't appear to be an issue with the API, although IE doesn't work properly.

I checked the Event Log it shows the following:

An account failed to log on.
Subject:
    Security ID:        NULL SID
    Account Name:        -
    Account Domain:        -
    Logon ID:        0x0

Logon Type:            3

Account For Which Logon Failed:
    Security ID:        NULL SID
    Account Name:        ADMIN
    Account Domain:        

Failure Information:
    Failure Reason:        Unknown user name or bad password.
    Status:            0xC000006D
    Sub Status:        0xC0000064

I am guessing that the problem is with WIndows as my program has the API username/password hard-coded.

I've tried adding the program to the list of "safe aps", but it is still failing.

Any gurus out there have any ideas?

Many thanks,

Pete

Hello,

recently I've got inherited an Windows Server 2008 R2 Terminal Server. Now that support for Windows Server 2008 R2 ends, i've installed a new Windows Server 2016. Everyhing is working fine except the user profile settings.

On the old server, there was an additional hard drive with drive letter D: which contained the user profiles.

Every new user gets a local profile (as we only use one terminal server) created at d:\profiles\ 

Now I want this behaviour on the new server too but it seems that Windows Server 2016 behaves different from 2008 RDS. They have both the same GPO applied as they are in the same OU. But the new server keeps creating the user profiles in the default location under c:\users\

Curiously that there is no setting activated in the GPO which let the profile path point to a different location so I thought its a local setting on the old terminal server. Unfortunately the prior admin is no longer in the company nor can I contact him.

Any hints where to find out which causes the server to redirect user profiles to the different drive?

Best regards

We built two RDS servers in two different locations, How do we configure the High Availability for both servers.

We Purchased 50 Per-User licenses.

Server1- New York (Production)

Server2- New Jersey (DR)

Actually i tried to install the same licenses(Per-user) in both servers and it got installed also both servers are activated, but my concern is how can both servers are accepted the same licenses(same license agreement number)?

and i can see there are total 100 Licenses all together, anytime it stops accepting the user connections if we cross 50 User licenses? or any compliances?

Please let me know if we have any Load Balancing or High Availability setup exists. 

I am getting the following error when publishing a remote app.

PS C:\Users\Administrator.SPS> new-rdremoteapp -Alias impro -DisplayName "Immigrant Pro 6.9" -FilePath "C:\Impro69\impro.exe" -ShowInWebAccess 1 -collectionname Office -ConnectionBroker terminal.sps.local

Unable to update the properties for session collection Office on the RD Connection Broker server.
    + CategoryInfo          : NotSpecified: (:) [Write-Error], RDManagementException
    + FullyQualifiedErrorId : PublishRemoteApps,Microsoft.PowerShell.Commands.WriteErrorCommand
    + PSComputerName        : localhost

Could not create a published application instance on the server terminal.sps.local.
    + CategoryInfo          : InvalidResult: (:) [], WorkflowTerminatedException
    + FullyQualifiedErrorId : JobStateFailed
    + PSComputerName        : localhost


CollectionName Alias          DisplayName              FilePath                         ShowIn CommandLin RequiredC Use
                                                                                       WebAcc eSetting   ommandLin rGr
                                                                                       ess               e         <g class="gr_ gr_13 gr-alert gr_spell gr_inline_cards gr_run_anim ContextualSpelling ins-del multiReplace" data-gr-id="13" id="13">oup</g>
                                                                                                                   s
-------------- -----          -----------              --------                         ------ ---------- --------- ---
Office         impro          Immigrant Pro 6.9        C:\Impro69\impro.exe             True   DoNotAllow

Your help would be greatly appreciated.

I'm having an issue on a single RDS 2016 server at the moment where the start menu doesn't open.  

I've gone though lots of steps including sfc /scannow  (No errors)   DISM with all the options (No Errors)

I've cleared the Registry in firewall policy\restricted services\configurable\system.

I believe the issue is that I don't have any applications registered in the get-appxpackage at all, it just comes back blanks where as on working machines I get a list of about 15.

I've tried to install the packages by hand using variations of 

Add-AppxPackage -DisableDevelopmentMode -Register C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppxManifest.xml -Verbose 

This returns the following;

Add-AppxPackage : Deployment failed with HRESULT: 0x80073CF6, Package could not be registered.
An internal error occurred with error 0x800705AA. See http://go.microsoft.com/fwlink/?LinkId=235160 for help diagnosing app deployment issues.
NOTE: For additional information, look for [ActivityId] 5597e571-c93a-001c-e6eb-97553ac9d401 in the Event Log or use the command line Get-AppxLog -ActivityID
5597e571-c93a-001c-e6eb-97553ac9d401
At line:1 char:1
+ Add-AppxPackage -DisableDevelopmentMode -Register C:\Windows\SystemAp ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : WriteError: (C:\Windows\Syst...ppxManifest.xml:String) [Add-AppxPackage], IOException
    + FullyQualifiedErrorId : DeploymentError,Microsoft.Windows.Appx.PackageManager.Commands.AddAppxPackageCommand

If I then use Get-AppxLog -ActivityID5597e571-c93a-001c-e6eb-97553ac9d401

Time                      ID           Message
----                      --           -------
20/02/2019 17:22:29       301          The calling process is powershell.exe
20/02/2019 17:22:29       603          Started deployment Register operation on a package with main parameter: AppxManifest.xml and Options: 0. See
                                       http://go.microsoft.com/fwlink/?LinkId=235160 for help diagnosing app deployment issues.
20/02/2019 17:22:29       10002        Creating Resiliency File
                                       C:\ProgramData\Microsoft\Windows\AppRepository\75f29027-c919-4974-89c9-f53bb4413b5f_S-1-5-21-1787921346-3847137862-2124306101-500_1.rslc for
                                       Register Operation on Package Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy.
20/02/2019 17:22:29       607          Deployment Register operation on package Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy has been de-queued and is running
                                       for user FISRDS1\Administrator.
20/02/2019 17:22:29       613          Adding uri to the list of Uris: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppxManifest.xml.
20/02/2019 17:22:29       447          GetFullyQualifiedReference from the String Resource Map for package full name:
                                       Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy and reference string: Microsoft Corporation failed.
20/02/2019 17:22:29       339          Registration will process the extensions in the following order: windows.visualElements windows.autoPlayContent windows.autoPlayDevice
                                       windows.activatableClass.inProcessServer windows.activatableClass.outOfProcessServer windows.activatableClass.proxyStub
                                       windows.activatableClass.downloadUpload windows.search windows.fileOpenPicker windows.fileSavePicker windows.cachedFileUpdater
                                       windows.appUriHandler windows.shareTarget windows.lockScreenCall windows.personalAssistantLaunch windows.fileTypeAssociation windows.protocol
                                       windows.appointmentsProvider windows.activatableClass.backgroundPlaybackClass windows.backgroundTasks windows.DefaultBackgroundTasks
                                       windows.webAccountProvider windows.userDataAccountsProvider windows.preInstalledConfigTask windows.updateTask windows.appService
                                       windows.appointmentDataProvider windows.contactDataProvider windows.emailDataProvider windows.internal.filePickerExperience
                                       windows.dialProtocol windows.restrictedLaunch windows.accountPictureProvider windows.cameraSettings windows.printTaskSettings
                                       windows.print3DWorkflow windows.activatableClass.collector .
20/02/2019 17:22:29       10000        About to service package Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy. Setting the package state to disabled returned
                                       with 0x80070490.
20/02/2019 17:22:29       339          Registration will process the extensions in the following order: windows.stateExtension windows.applyDataExtension windows.repositoryExtension
                                       windows.capability windows.MRT windows.visualElements windows.alarm windows.autoPlayContent windows.autoPlayDevice
                                       windows.activatableClass.inProcessServer windows.activatableClass.outOfProcessServer windows.activatableClass.proxyStub
                                       windows.activatableClass.downloadUpload windows.gameExplorer windows.search windows.fileOpenPicker windows.fileSavePicker
                                       windows.cachedFileUpdater windows.appUriHandler windows.shareTarget windows.lockScreenCall windows.personalAssistantLaunch
                                       windows.fileTypeAssociation windows.contentType windows.protocol windows.appointmentsProvider windows.defaultPrograms
                                       windows.activatableClass.backgroundPlaybackClass windows.backgroundTasks windows.DefaultBackgroundTasks windows.webAccountProvider
                                       windows.userDataAccountsProvider windows.preInstalledConfigTask windows.updateTask windows.appService windows.appointmentDataProvider
                                       windows.contactDataProvider windows.emailDataProvider windows.internal.filePickerExperience windows.dialProtocol windows.restrictedLaunch
                                       windows.integrityExtension windows.licensing windows.accountPictureProvider AppSync windows.cameraSettings windows.printTaskSettings
                                       windows.print3DWorkflow windows.DeviceSetupManager windows.activatableClass.collector windows.certificates windows.preCompilationExtension
                                       windows.ntServices windows.wmiProviders windows.iisModules windows.performanceProviders windows.eventProviders windows.runTime
                                       windows.DeviceAccess windows.indexedDB windows.MicrosoftAccountClient.SignOut windows.searchIndexer windows.geolocation windows.userDataAccess
                                       windows.repositoryExtension.remove windows.stateExtension.remove .
20/02/2019 17:22:29       827          Capability parsing started for the package Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy
20/02/2019 17:22:29       5252         An internal error occurred with error 0x800705AA. See http://go.microsoft.com/fwlink/?LinkId=235160 for help diagnosing app deployment issues.
20/02/2019 17:22:29       306          error 0x800705AA: While processing the request, the system failed to register the windows.stateExtension extension due to the following error:
                                       Insufficient system resources exist to complete the requested service.
                                       .
20/02/2019 17:22:29       316          error 0x800705AA: Cannot register the request because the following error was encountered during the registration of the windows.stateExtension
                                       extension: Insufficient system resources exist to complete the requested service.
                                       .
20/02/2019 17:22:29       5252         An internal error occurred with error 0x80070002. See http://go.microsoft.com/fwlink/?LinkId=235160 for help diagnosing app deployment issues.
20/02/2019 17:22:29       331          error 0x80070002: While reverting the request, the system failed to de-register the windows.stateExtension extension due to the following
                                       error: The system cannot find the file specified.
                                       .
20/02/2019 17:22:29       300          error 0x80073CF6: Cannot register the Microsoft.Windows.Cortana_cw5n1h2txyewy package due to the following error: Package could not be
                                       registered.
                                       .
20/02/2019 17:22:29       605          The last successful state reached was ResolvedDeferredRegistrations. Failure occurred before reaching the next state RegistrationChanged. hr:
                                       0x80073CF6
20/02/2019 17:22:29       339          Registration will process the extensions in the following order: windows.stateExtension windows.applyDataExtension windows.repositoryExtension
                                       windows.capability windows.MRT windows.visualElements windows.alarm windows.autoPlayContent windows.autoPlayDevice
                                       windows.activatableClass.inProcessServer windows.activatableClass.outOfProcessServer windows.activatableClass.proxyStub
                                       windows.activatableClass.downloadUpload windows.gameExplorer windows.search windows.fileOpenPicker windows.fileSavePicker
                                       windows.cachedFileUpdater windows.appUriHandler windows.shareTarget windows.lockScreenCall windows.personalAssistantLaunch
                                       windows.fileTypeAssociation windows.contentType windows.protocol windows.appointmentsProvider windows.defaultPrograms
                                       windows.activatableClass.backgroundPlaybackClass windows.backgroundTasks windows.DefaultBackgroundTasks windows.webAccountProvider
                                       windows.userDataAccountsProvider windows.preInstalledConfigTask windows.updateTask windows.appService windows.appointmentDataProvider
                                       windows.contactDataProvider windows.emailDataProvider windows.internal.filePickerExperience windows.dialProtocol windows.restrictedLaunch
                                       windows.integrityExtension windows.licensing windows.accountPictureProvider AppSync windows.cameraSettings windows.printTaskSettings
                                       windows.print3DWorkflow windows.DeviceSetupManager windows.activatableClass.collector windows.certificates windows.preCompilationExtension
                                       windows.ntServices windows.wmiProviders windows.iisModules windows.performanceProviders windows.eventProviders windows.runTime
                                       windows.DeviceAccess windows.indexedDB windows.MicrosoftAccountClient.SignOut windows.searchIndexer windows.geolocation windows.userDataAccess
                                       windows.repositoryExtension.remove windows.stateExtension.remove .
20/02/2019 17:22:29       339          Registration will process the extensions in the following order: windows.visualElements windows.autoPlayContent windows.autoPlayDevice
                                       windows.activatableClass.inProcessServer windows.activatableClass.outOfProcessServer windows.activatableClass.proxyStub
                                       windows.activatableClass.downloadUpload windows.search windows.fileOpenPicker windows.fileSavePicker windows.cachedFileUpdater
                                       windows.appUriHandler windows.shareTarget windows.lockScreenCall windows.personalAssistantLaunch windows.fileTypeAssociation windows.protocol
                                       windows.appointmentsProvider windows.activatableClass.backgroundPlaybackClass windows.backgroundTasks windows.DefaultBackgroundTasks
                                       windows.webAccountProvider windows.userDataAccountsProvider windows.preInstalledConfigTask windows.updateTask windows.appService
                                       windows.appointmentDataProvider windows.contactDataProvider windows.emailDataProvider windows.internal.filePickerExperience
                                       windows.dialProtocol windows.restrictedLaunch windows.accountPictureProvider windows.cameraSettings windows.printTaskSettings
                                       windows.print3DWorkflow windows.activatableClass.collector .
20/02/2019 17:22:29       10001        Finished servicing package Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy. Setting the package state to enabled returned
                                       with 0x0.
20/02/2019 17:22:29       401          Deployment Register operation with target volume C: on Package Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy from:
                                       (AppxManifest.xml)  failed with error 0x80073CF6. See http://go.microsoft.com/fwlink/?LinkId=235160 for help diagnosing app deployment issues.
20/02/2019 17:22:29       404          AppX Deployment operation failed for package Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy with error 0x80073CF6. The
                                       specific error text for this failure is: An internal error occurred with error 0x800705AA. See http://go.microsoft.com/fwlink/?LinkId=235160
                                       for help diagnosing app deployment issues.

I can't seem to get the system to re-register those applications!

Open to any suggestions?  (Please no, have you restarted the server!)

This happens on all users including local admin and new accounts.  Happens in Safe and Clean Boot.

Thanks.

I'm trying to publish a Windows 2012r2 RDweb and RD gateway server in such a way that in order to use the rd gateway you need to provide your normal AD credentials followed by a prompt for a one-time-password that gets sent to the user by SMS

according to this article:

https://code.msdn.microsoft.com/Remote-Desktop-Gateway-517d6273/view/Reviews

this should be possible using a Pluggable Authentication Module on the gateway server - does anyone know of a product that uses these APIs? or some other method to achieve it?

Note that I can put it behind a (sadly deprecated) TMG server (or a citrix netscaler) and do the sms auth there by radius on the https://server/rdweb interface, but as it is handed off to the mstsc.exe client which tries to tunnel through https://server/rdweb interface, it needs to re-auth, so fails (the above article suggests the cookie can be transferred into the *.rdp file, but it doesn't appear to happen)

the MS Azure MFA service (and a few other 'cloud' auth products I've seen) is a radius server that expects a response to the SMS, via SMS - this is not the solution we're aiming for

Similarly, installing a 3rd party GINA on every host accessible via the gateway is also not an acceptable solution.

logically, the functionality should live at the gateway or the reverse proxy, but I cant find a way of doing it in the reverse proxy, and I cant find a product that uses the API MS provide for it - can someone steer me in the right direction?

RDP users are getting connections refused/dropped and a black screen. WIinver: 1607 (Build 14393.32.74). This is  terminal services on Windows Server 2016. On the server seeing these messages:

LogName:Microsoft-Windows-TerminalServices-LocalSessionManager/OperationalSource:Microsoft-Windows-TerminalServices-LocalSessionManagerEvent ID:36TaskCategory:NoneLevel:ErrorKeywords:User:          SYSTEMDescription:An error occurred when transitioning fromCsrConnectedin response to EvCsrInitialized.(ErrorCode0x80004005)LogName:ApplicationSource:Microsoft-Windows-WinlogonEvent ID:4005TaskCategory:NoneLevel:ErrorKeywords:ClassicUser:          N/ADescription:TheWindows logon process has unexpectedly terminated.

Hello All,

    We want to deploy RemoteAPP to some of our traveling laptops to open published apps from the RD Gateway server. When connected to the domain, this works. When we are offsite we get the message below.



   I did some research and found some were successful with RemoteAPP working offsite IF they chose the option to "Allow users to connect to any network resource" within the Remote Authorization Policy settings in RD Gateway Manger. 

      SO my questions are:

1) What are my options instead of using the RAP option (under  Network Resources tab) to "Allow users to connect to any network resource"? I need RemoteAPP to work but don't want to relax security this much to "ANY" network resource.

2) Under the Network Resources tab in RAP options to "Select an Active Directory Domain Services network resource group" I have been using a group we defined in active directory that included the RD gateway server, but this has prevented RemoteAPP from running (we get the error message above). I looked at Terminal server -gateway event viewer and when it will not work - it complains it cannot connect to the RD gateway server. What can I change to make the AD group option work- if at all possible??

Please let me know at your convenience

thank you,

Brian

Hi All,

We can read the clipboard contents by using a PowerShell command i.e. GET-CLIPBOARD. However, it is limited to generate outputs for local clipboard.

In case when we allow Clipboard Redirection in Remote Desktop Connection, how to read the Clipboard contents in a Redirected Clipboard memory?

Thanks,
Amit Jogi

Hi 

Can anybody share their views if they have experience the similar issue with the remote user. One of the remote user when tried to remote connect to the server her start button and task bar get freeze. But this issue clears when we restart the server, but after couple of weeks this issue comes back again. Its quite frustrating. Can anyone share their ideas if they have experience such kind of issue.

This issue happens only with one user among 10-12 users.

Regards

Resham

Invoke-WmiMethod -Class Win32_TSLicenseReport -Name GenerateReportEx

Windows 2016 RDS Server w. NPS server for Azure MFA

User - on laptop  both machines running win10 1903 enterprise OS build 18.362.535 thanks

• Can connect to RDS server via RDWeb getting MS Authenticator prompt. can open the apps
• Cannot connect to RDS via RemoteApps. Will get prompted for password over and over. Never completing authentication, and NO MS Authenticator prompt.
• Can connect to RDS via RemoteApps on different laptop. Does get MS Authenticator prompt, can open the apps. 

the RemoteApps are deployed via group policy. I can update the collection. 

So the issue is specific to the user profile on that laptop. What settings can I reset, registry settings, anything that is tied to remote apps. Is there a way to reset it? Delete the registry. let "RemoteApp and Desktop Connection" Properties"Update now" repopulate/replace current settings. 

 - TY Jess

Hello,

I have set up a Windows Server 2016 with Remote Desktop Session Host and Remote Desktop Licensing Manager only, as the client does not need Active Directory but requires per user licenses. I have succesfully completed the setup based on instructions found on another social.technet thread.

Everything seems to be working. However, Remote Desktop Session Host informed me that there is a 120 day free trial period. So now, I have created 4 separate users and logged in with all of them and while they work ok, they are not being licensed by the license server. How can I make the license server issue licenses immediately so I know my setup works and I wont have problems with the client in 120 days?

Kind Regards,

Hello,

I have a big RDS farm at a client, which mixes RDSH and RemoteApp session.

I'm able to publish those work resources into Session open into the RDSH collection of my farm. This way, my user (on their thinclient) are able to access the RemoteApp published by the collection, everything works fine, but I had to use the Windows 7 way, with the Powershell script and the feed.aspx file.

Everything fine this way, and our end-user are pleased to have direct access to the app from their Windows session.

But we also need to use redirected StartMenu via GPO, and when this is set, we cannot publish the Work Resources anymore.

I know that publishing those work resources create an entry in the start menu, but if I deactivate the publishing GPO, apply the redirected StartMenu GPo, I can't manually publish those Work Resources.

Any ideas of the why, and maybe the how to correct this ?

Regards

Hello -

I am getting a strange error when I attempt to access an application via RemoteApps. The error is "The number of local display monitors exceeds the limit allowed by the remote computer."

I have 6 monitors. The RemoteApps server has the display limit set to the default of 16. I am running Server 2019 as my desktop and the RemoteApps server is also running Server 2019. For all my Googlefu, I've not been able to find much about this specific error.

First, I'm assuming that the RemoteApps display limit is for all concurrent connections? Is this accurate? If this is the case, it would make sense that my 6 monitors put us over the 16 screen limit, as my co-workers that use this RemoteApps server all have multiple screens.

Second, can the display limit for RemoteApps be increased from 16?

Any advice is appreciated. Thanks.

Hi All,

The basics...

I want to build 3x "jump box" RDS Servers in 3x different departmental subnets with firewalls between each subnet in a single domain, single forest.

Currently only the required ADDS, DNS and DHCP network ports / flows are allowed between each departmental subnet. All other services for each department sit within their own subnets....RDP will be the only exception...I need to be able to assign security groups the ability to RDS into either DEV / UAT / OFFICE networks from the OFFICE network where our users log into and sit from a domain perspective.

I have got all 3 jump box RDS servers working but only if I leave TLS 1.0 / 1.1 /1.2 enabled on the RDS servers...my company security policy requires us to use TLS1.2only and have the older two protocols disabled.

Where and how can this configuration be made and changed, in my EventVwr checks and online reading it seems I need to address 1 or 2 or both of the below to work.

1. WinRM

I'm currently unable to PSRemote from one subnet to another. Will addressing the required ports and directional flows for WinRM resolve this alone or...

2. TLS Requirements

Do I need to somehow address TLS 1.2 config - this confuses me as I though TLS 1.2 was default for Server 2016?

As always, thanks in advance for your time...

durrie.

Which Windows Server versions allow installing the Remote Desktop Server and the Domain Controller role on the same server?

Windows server 2008 R2 does, what about later versions?

Regards

Mario