Quantcast
Channel: Remote Desktop Services (Terminal Services) forum
Viewing all 5613 articles
Browse latest View live

Errors 1511, 1521 Roaming Profiles on Windows Server 2012 R2

May 29, 2015, 4:08 am
$
0
0

Hello!

I have a brand new Windows Server 2012 R2 with Remote Desktop Session Host Role installed. Roaming profiles are not working for any user, always gives the user a temporary profile.

Event Viewer shows 1511, 1521 errors with useless information:

  • 1511: Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
  • 1521: Windows cannot locate the server copy of your roaming profile and is attempting to log you on with your local profile. Changes to the profile will not be copied to the server when you log off. This error may be caused by network problems or insufficient security rights.

I have set up GPO in order to redirect profiles to a network share:

  • Set path for Remote Desktop Services Roaming User Profile: \\SERVER\Share
  • Use mandatory profiles on the RD Session Host server: Enabled

There is no network problem, I can access to \\SERVER\Share from user session. I tried GPO with \\IP\Share too

There is no security rights problems because \\SERVER\Share has NTFS full control permissions for everyone group (Is a pre production server)

There is no GPO errors in gpresult.

Any suggestions would be welcome,

Thanks in advance

 

Search

RDS Client drives not available in RDS 2012 r2 conection

May 29, 2015, 11:27 am
$
0
0

Having a challenge with RDS 2012 R2. I am unable to see any local drives when connected to RDS. I have checked the remote gateway policies and all are set as available. Deny in Group policy is un-configured and on the client connections printers and drives are checked.

Please note this is a SBS2011 environment with a 2012R2 server added to the domain running RDS.

When I connect to the SBS server which is 2008R2 and additional server running 2008R2 Enterprise and SQL I can see all of the local drives as well, including a USB flash drive.

I don't believe it is a Domain policy causing the issue. It is only on the RDS 2012 Server.

I do get Error ID 36 - Redirection of additional supported devices disabled by policy under event viewer. I can not find this policy.

Any help would be greatly appreciated!!

Accessing VMs from the internet

May 29, 2015, 8:51 am
$
0
0

Howdy,

I'm trying to find some information on RD Web Access and Pools as I think it might solve a problem we've been trying to fix.  What we want is to be able to setup a URL that we can direct people to that will list out some VMs that they can then connect to.  We use this when we do some training so the people being trained can remote into the VMs we have setup in a specific way so we know they have all the proper software and settings.

I don't know anything about how RD Web Access works and the only things I've found online so far are all referencing 2008 R2 and are quite old.  We're on 2012 R2 and I don't know if anything is majorly different or not.

Can anyone direct me to a video or anything that might walk me through how all of this works so I can try to set something like this up?

Thanks!

change the Domain Name from old Server

May 30, 2015, 12:01 pm
$
0
0

I had setup a SBS 2011 and created remote access on that server.  The server crashed and I had to build a new one.  When I attempted to create the domain it would not work because the old domain was still on record with Microsoft.  I would like to use the same domain with my new server.  The domain name is as follows:

InHouse Marathon Search Partners Remote Web Access

https://msp2.remotewebaccess.com

Please advise

Users can't change password on 2012 RDS after password expiration unless they have local admin privileges

May 27, 2015, 5:32 am
$
0
0

We have a client with a 2012 (not R2) Active Directory environment.  There are policies in place that force password changes after "X" amount of days.  The standard windows users get prompted to change in 5 days, but the RDP users do not.  And when their password expires, the new password they use is never accepted and they are in a loop of being forced to change the password.

The only way around it is to temporarily give that user local admin rights on the server, change the password, and then take the local admin privilege away.  

Group policy is in place, and it does reflect the same on the 2012 RDS server (again not R2)  I have looked at many of the forums around, and no one seems to have a fix that works.  Help please.  This has been going on for months.

Securing RemoteApp

June 1, 2015, 6:09 am
$
0
0

Hi,

I am running Remote Desktop Services on Windows Server 2012 R2

I want to deploy a RemoteApp, but I found many security issues linked to this, for example it's sufficient to have the possibilities to save or open a file that, within the explorer.exe serch bar, is possible to launch CMD.exe or any oher program (yeah, ok, without admin privileges there is some control but to be on the safe side...I don't want permit this action)!!!

For example, I thought to iplement Applocker, but there are some exploit linked also to this software restriction policies (throughout excle VBA compiler, is it possible to launch process that Applocker is supposed o block)...

So, my question is: there are some best practices for securing RemoteApp?

Monitor Terminal services (local session )/ operations

June 1, 2015, 7:19 am
$
0
0


Hello,

I'm asking for script that i want to run on multiple server to monitor events ID (21,22,23,24,25) in real time. 

i have a script but every time i run this script on all servers, the script collect all events from old time to current. that's waste much time and data duplication. i just want to get the newest or changes in those events and import it automatically in database and i want to generate the reports from database.

sorry for my language.



Is RD Load Simulation Tool suitable for RDS Farm

May 13, 2015, 6:22 am
$
0
0
As stated in the title I would like to load test all the RDS servers in a RDS Farm (using RD Connection Broker), is this supported with the RD Load Simulation Tools the reason I ask is when I test this with a non production two node RDS Farm (2008R2) I continually get connected / disconnected status on the RDS server agent on both RDS servers. 
Search

How to force DNS to use virtual IP Adresses on RDS Host

May 29, 2015, 5:02 am
$
0
0

Hello,

I configured virtual IP adresses for our RDS Farm in Windows Server 2012 via GPO. All is working fine but I don't know how to configure DNS to use these virtual IP adresses for DNS requests.

I use NXFilter to control per user web browsing. The problem is NXFilter use DNS requests to know wich user wants to access a specific URL (relation USER <-> IP ADDRESS - that's why I had to configure Virtual IP on RDS), but actually all DNS requests (from all users on the RDS host) use the physical IP of the RDS host instead of users session's virtual IPs.

Thanks for help.

RD Gateway and a challenge/response SMS OTP

October 30, 2014, 8:56 pm
$
0
0

I'm trying to publish a Windows 2012r2 RDweb and RD gateway server in such a way that in order to use the rd gateway you need to provide your normal AD credentials followed by a prompt for a one-time-password that gets sent to the user by SMS

according to this article:

https://code.msdn.microsoft.com/Remote-Desktop-Gateway-517d6273/view/Reviews

this should be possible using a Pluggable Authentication Module on the gateway server - does anyone know of a product that uses these APIs? or some other method to achieve it?

Note that I can put it behind a (sadly deprecated) TMG server (or a citrix netscaler) and do the sms auth there by radius on the https://server/rdweb interface, but as it is handed off to the mstsc.exe client which tries to tunnel through https://server/rdweb interface, it needs to re-auth, so fails (the above article suggests the cookie can be transferred into the *.rdp file, but it doesn't appear to happen)

the MS Azure MFA service (and a few other 'cloud' auth products I've seen) is a radius server that expects a response to the SMS, via SMS - this is not the solution we're aiming for

Similarly, installing a 3rd party GINA on every host accessible via the gateway is also not an acceptable solution.

logically, the functionality should live at the gateway or the reverse proxy, but I cant find a way of doing it in the reverse proxy, and I cant find a product that uses the API MS provide for it - can someone steer me in the right direction?

 



Additional Downgraded Server 2012 RDS CAL License Key Pack will not Install on existing Server 2008 R2 RDS

June 1, 2015, 12:44 pm
$
0
0

I have a Server 2008 R2 installation that RDS was installed/activated using a License Key Pack ID from 3 - Downgraded Server 2012 RDS CALs that I obtained by calling the MS Clearinghouse and providing the necessary information.  No Problems with the existing setup.

No my issue.  I needed to install 2 more CALs.  So, I called the MS Clearinghouse, gave the the required information and received the corresponding License Key Pack ID (I verified that this License Key Pack ID was different from the License Key Pack ID that was originally used to install and activate RDS).  When I go to add the License Key Pack ID, I receive a message that it has already been installed and hence the 2 newly downgraded Server 2012 RDS CALs will not install.  How can it already be installed when it is a different License Key Pack ID?  How do I add the additional 2 Licenses?

Any insight would be greatly appreciated before I suck it up and sit on the phone with MS.

Terminal services licence consume

June 2, 2015, 9:40 pm
$
0
0

Hi Team,

We Have a query to move the TS licences from  one server to another server both are Microsoft Windows Server 2008 R2 Enterprise.

Terminal server from one server should consume maximum 10 TS licenses on other server.

We have installed terminal services on server , and the request is to consume maximum 10 TS licenses on other server. We tried to check the licenses on the server and found the server has total 600 licenses for 2003 server  and only 9 license for 2008 server. While running the licensing diagnosis on server, we are getting the following error

The Remote Desktop Session Host server is in Per Device licensing mode and No Redirector Mode, but license server does not have any installed licenses with the following attributes:

Product version: Windows Server 2008 or Windows Server 2008 R2

Licensing mode: Per Device

License type: RDS CALs or VDI Premium Suite licenses

Please guide us on this how to provide Licenses from license server other server

CAL Usage-RDS Server

June 4, 2015, 9:37 am
$
0
0

Hi All,

I am having a RDS Session host server (WIN2K8) with session host role.

Same RDS server acts a license server.

When i open RD License manager to check utilization of RDS CALs, i see all my installed licenses are available and none of them is issues.

Having said above, Users can login to server but in report i am not seeing any CAL issued.

I have checked that users logging on to server have active directory account and server is also joined to same domain.checked this because per user CAL is tracked based on AD Account property.

What could you be cause the i am not seeing any licenses issued? 

Regards,

Abhishek

The Remote Desktop Session Host server is within its grace period, but the RD Session Host server has not been configured with any license server.

June 4, 2015, 12:50 am
$
0
0

Hello,

I am Pritam From MIMER MEdical College Talegaon Dabhade, Pune

i am facing below problem on windows server 2012 standard 

1) The Remote Desktop Session Host server is within its grace period, but the RD Session Host server has not been configured with any license server.

2) RD server not configured 

Assign folder to RDP clients

May 28, 2015, 12:53 am
$
0
0

Hi, I m running a Windows 2008 R2 on a TransIP VPS. 

We need RDP junioir_users to run a program, I restrict them to use that program only in the "environment" properties.
A senior_user prepares files for these junior_users on his rdp profile, and stores them in a C:\users\senior_username\junior_username folder.

I would like the junior_users to be able to see just that one folder:"c:\users\senior_username\junior_username".

That means I would possibly like to hide libraries and favorites, and preferably the C drive, but more importantly, I need to be able to assign that folder to the junior_users. The "Remote Desktop Services Home Folder" does not seem to do the trick.

What will? 



Search

File Type Associations

June 3, 2015, 12:18 pm
$
0
0
RDS 2012 R2. We have an office collection with word published through remoteapp and desktop connections. Should file type associations be working on windows 10 insider preview 10074? 

RD Gateway Cert Level is Error

May 13, 2015, 7:07 pm
$
0
0

Good Day,

Our Windows 2012 R2 RDS configuration is working but when users connect remotely via the RDS Gateway and then launch their program they are warned about a cert. We are using a wild card cert and the same cert is applied in all places. When I run the power shell command Get-Rdcertificate is shows everything is good. Yet the RDS Console shows a cert error on the RDS Gateway (we have two). The RD Gateway manager shows everything is good.

Steve J.

User is not reconnected to their disconnected virtual desktop

May 13, 2015, 9:55 am
$
0
0

First a little background.  Using RDS in Windows Server 2012R2, I have published applications from a collection of pooled desktops (to avoid confusion, I’m not using RD session hosts).  When a user opens any of the published applications, their connection status shows as "Active" under Server Manager, Remote Desktop, Collections.  In Hyper-V manager, you can see their user profile disk mounted.  All appears well at this point.

After closing published applications or if their client PC enters a power save state, their connection status changes to "Disconnected".  In this disconnected state, a problem occurs when launching a published application again.  Instead of reconnecting them to their previous disconnected virtual desktop, a connection to a new virtual desktop is created, leading to all sorts of user profile related issues.  I’m assuming this is not intended behaviour and I have missed a setting or have a fault somewhere so any advice would be very welcome.

Thanks in advance.

Bob

Caps lock keeps switching itself on and off via RDS

May 27, 2015, 7:37 am
$
0
0

We have 13 Dell OptiPlex 3020 Micro PC’s which connect over RDP Connection (through a router based IPSec Tunnel). The Clients connect to a Server 2012 R2 RDS Server which hosts application such as Office and other 3rd party apps.

We are experiencing capslock issues when using the Terminal Server. Seems to randomly change to upper/lower case when typing, doesn’t seem to be any pattern to the issue. We have tried the existing keyboards supplied by Dell and also a couple of other Microsoft keyboard. All of the keyboards we have tested are USB as there are no PS/2 Ports to test with. Obviously we have tried multiple brands and affects different users on different client workstations across 2 different sites (and in fact the users on the second site use custom built PCs not the OptiPlex Micro), the only thing really that is consistent is that they all connect to the same RDS server.

Has anyone seen this before or have any suggestions?

Thanks
Daniel

Users logging in with temporary user profiles

May 29, 2015, 1:00 pm
$
0
0

Hi,

I just started to have 30-40 users logging in with temporary user profiles. Everytime they log into the Windows Server 2008 R2 Terminal Server, they get this message: "You have been logged on with a temporary profile" or they get

"The User Profile Service service failed the logon. User profile cannot be loaded"

Things I have done

1) Went to C:\Users\Username and deleted the username.

2) Went to C:\Users\TEMP and deleted all TEMP profiles.

3) Went to hkey_local_machine\software\Microsoft\windows nt\currentversion\profilelist\s-1-5-21.bak and deleted all these keys.

4) Went to C:\Users\Default and went to Advanced and selected "Replace all child object permissions with inheritable permissions from this object."

Issue remains that new users are now logging in with temporary user profiles. Any ideas of what else I can try.

Thanks

Viewing all 5613 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>