Good morning everyone!
Task is to get information about RDS status from remote machines.
Local poweshell on Connection Brokers works fine:

PS C:\> Import-Module RemoteDesktop
PS C:\> (Get-RDConnectionBrokerHighAvailability).ActiveManagementServer
ms-s-tscb02.sodrugestvo.local

But if we try to do this remotly it gives error:

PS C:\> New-PSSession -ComputerName ms-s-tscb02.sodrugestvo.local -Name RDS

 Id Name            ComputerName    State         ConfigurationName     Availability
 -- ----            ------------    -----         -----------------     ------------
 26 RDS             ms-s-tscb02.... Opened        Microsoft.PowerShell     Available


PS C:\>
PS C:\> Enter-PSSession -Name RDS
[ms-s-tscb02.sodrugestvo.local]: PS C:\Users\Administrator.SODRUGESTVO\Documents> cd \

[ms-s-tscb02.sodrugestvo.local]: PS C:\> Import-Module RemoteDesktop
[ms-s-tscb02.sodrugestvo.local]: PS C:\> (Get-RDConnectionBrokerHighAvailability).ActiveManagementServer
Get-RDConnectionBrokerHighAvailability : The RD Connection Broker server is not available. Verify that you can connect
to the RD Connection Broker server.
At line:1 char:2
+ (Get-RDConnectionBrokerHighAvailability).ActiveManagementServer
+  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Get-RDConnectionBrokerHighAvailability

Can someone give a tip or direction to look at?

Regards, Dmitriy Ilyin

Hi all,

I am trying to setup our RDS Web Access to authenticate via RSA SecureID using the RSA Web agent on the RDS Web Access-server. I do not have a ISA/TMG server and i will not be able to get this. I have been looking alot arround the net for a fix for this, but the only guides and questions out there is when people are using an ISA.

I got RDS Web Access and Gateway on the same server and a RDS farm behind. It works great without the RSA authentication.

I have installed the RSA Web Agent on the server and it intergrates perfect with IIS and on a testpage it has been tested and it works.

But when i enable the "RSA SecureID Web Access Authentication" on the Default Web Site, the /RDWeb just breaks down with Internal Server error 500. When enabling i get an error with "This web site has one or more applications which have custom application pool that is incompatible with the Web Agent" I'd figure that the pool that is incompatible is the RDWebAccess-pool.

The server error 500 gives me the following information (accessed from localhost):

Module SecurIDModule
Notification BeginRequest
Handler StaticFile
Error Code 0x00000000
Requested URL https://localhost:443/RDWeb
Physical Path C:\Windows\Web\RDWeb
Logon Method Not yet determined
Logon User Not yet determined

It happens even borefore i enable the RSA Authentication for the RDWeb application.

Has anyone got RDS Web Access to work directly with the RSA Web agent?

I hope you can help me out here - thanks.

/rGjorret

Hi all,

We've implemented an RDS session host deployment (using Server 2012 R2) and have configured RemoteFX, but although the devices show when clicking on the RemoteFX devices button in the connection bar, we're wanting to have these automatically enabled so users don't have to manually select the devices to map through to their RDS sessions.

Are there some group policies that can be set to set to do this?  I've had a look around, but everything I'm finding is for RDS 2008 where I'm unable to get to the old RDS admin tools to configure.

Still looking around for answers elsewhere in the meantime, but hoping someone else might be able to shed some light on this.

Thanks!

Eva.

I have searched and tried a massive variety of solutions offered on MS and other sites. So far, nothing seems to be much help. Others are not describing the problem the exact same way I see it, so let me explain what I end up with.

When logging into Server 2012 R2 running on an Intel S2600CP motherboard, the login is accepted and the screen goes black.  This happens both at the system logging in locally and also when using Remote Desktop Services.  It does not do it every time, but less than every fourth time.  If you allow it to sit, then you will get a desktop in about 10 minutes.  If using remote, you can disconnect from the session and remote right back in.  When you do so, you get the desktop immediately.  If you are local and get the black screen, you can remote and get the desktop immediately.  Then you can log back in locally and the desktop works fine as well.  All MS updates have been installed and Windows Updates reports that there are no further updates available.  This happens with user and administrator accounts via remote.

Most places point back to MS update 2887595 as a possible solution.  I do not find this update installed or offered.  I do have the current update rollups showing as installed.  In the 2887595 it reports that installing it on certain system will cause those systems to crash.

Looking for other items to try as the problem still has not been resolved.

Hi,

Deployment:RDS 2012 R2 provides RemoteApp...

HA is not configured but round robin is created for the FARM_name of 2 brokers

Currently only one RDSH provides Remote App.

Yesterday, I added CALs to Licensing server. AND added second RDSH into collection for providing CALs from License server.

This morning I got a trouble call... Clients could not connect to Remote App.

1. first thing I checked licensing server. I found issued Licenses.

2. then I connected to RDSH1 (that currently has all roles) by RDP and received the Message (didn't save a message)t: but it was like this: connections are redirected to RDSH2 ... for connection use the FARM NAME.

To remind : HA was not touched yet.

As a QUICK solution I shut down RDSH2 and everything works. Couldn't think that adding second RDSH to collection will create this kind of problem...

My question:

would you recommend to remove RDSH2 from the collection until starting HA configuration ?

Could it create some problems when I will need to add it to collection?

Thx.

--- When you hit a wrong note its the next note that makes it good or bad. --- Miles Davis

Ok, I have racked my brain trying to figure this out and I'm out of ideas.

Issue - Random Windows 7 PC that has updated to RDP 8.0 gets this error when they try to connect to a server we have set up for them through a gateway.  Only happens when the computer is updated to RDP8.  Downgrading to RDP7.1 fixes the issue and they can connect just fine.

The issue only affect a very small number of computers.  Most Windows 7 computers with RDP 8.0 can connect just fine.  But right now, I am working with a client that has their own computers and domain (I have no control over) that are affected by this issue.  This is not the only client I have run into with this issue as well. 

This problem is essentially what is described here - http://www.examiner.com/article/fixing-an-error-occurred-on-the-remote-computer-with-remote-desktop-connection  Except I would really like to know if there is a fix other than uninstalling RDP 8.

Hello,

I have a problem with a RD Gateway 2012 R2, that domain users can't log on over the RD Gateway to the RD Sessionhost. I get an error message in the eventlog on the RD Gateway.

Protokollname: Security
Quelle:        Microsoft-Windows-Security-Auditing
Datum:         09.12.2014 16:45:24
Ereignis-ID:   4625
Aufgabenkategorie:Anmelden
Ebene:         Informationen
Schlüsselwörter:Überwachung gescheitert
Benutzer:      Nicht zutreffend
Computer:      DMZ2.bptest.local
Beschreibung:
Fehler beim Anmelden eines Kontos.

Antragsteller:
	Sicherheits-ID:		NULL SID
	Kontoname:		-
	Kontodomäne:		-
	Anmelde-ID:		0x0

Anmeldetyp:			3

Konto, für das die Anmeldung fehlgeschlagen ist:
	Sicherheits-ID:		NULL SID
	Kontoname:		user@bptest.local
	Kontodomäne:

Fehlerinformationen:
	Fehlerursache:		Bei der Anmeldung ist ein Fehler aufgetreten.
	Status:			0xC000005E
	Unterstatus::		0x0

Prozessinformationen:
	Aufrufprozess-ID:	0x0
	Aufrufprozessname:	-

Netzwerkinformationen:
	Arbeitsstationsname:	SCHULUNG
	Quellnetzwerkadresse:	-
	Quellport:		-

Detaillierte Authentifizierungsinformationen:
	Anmeldeprozess:		NtLmSsp
	Authentifizierungspaket:	NTLM
	Übertragene Dienste:	-
	Paketname (nur NTLM):	-
	Schlüssellänge:		0

Dieses Ereignis wird beim Erstellen einer Anmeldesitzung generiert. Es wird auf dem Computer generiert, auf den zugegriffen wurde.

Die Antragstellerfelder geben das Konto auf dem lokalen System an, von dem die Anmeldung angefordert wurde. Dies ist meistens ein Dienst wie der Serverdienst oder ein lokaler Prozess wie "Winlogon.exe" oder "Services.exe".

Das Anmeldetypfeld gibt den jeweiligen Anmeldetyp an. Die häufigsten Typen sind 2 (interaktiv) und 3 (Netzwerk).

Die Felder für die Prozessinformationen geben den Prozess und das Konto an, für die die Anmeldung angefordert wurde.

Die Netzwerkfelder geben die Quelle einer Remoteanmeldeanforderung an.  Der Arbeitsstationsname ist nicht immer verfügbar und kann in manchen Fällen leer bleiben.

Die Felder für die Authentifizierungsinformationen enthalten detaillierte Informationen zu dieser speziellen Anmeldeanforderung.
	- Die übertragenen Dienste geben an, welche Zwischendienste an der Anmeldeanforderung beteiligt waren.
	- Der Paketname gibt das in den NTLM-Protokollen verwendete Unterprotokoll an.
	- Die Schlüssellänge gibt die Länge des generierten Sitzungsschlüssels an. Wenn kein Sitzungsschlüssel angefordert wurde, ist dieser Wert 0.

The domain administrator can log on successfully over the RD Gateway. When i log on a domain user on the RD Gateway server console first and then log on over the RD Gateway, the authentication works fine.

The RD Gateway 2012 R2 has been installed as well as the instructions (http://technet.microsoft.com/en-us/library/cc754191.aspx). I have tried a lots of things, but without a result.

e.g.

• register NPS in the AD
  
• all ports in the Firewall between LAN and DMZ are opened
  
• set the "Network security: LAN Manager authentication level" to "Send NTLMv2 response only"
• re-install of the RD Gateway 2012 R2
  

Environment:

All machines have Windows Server 2012 R2 or Windows 8/8.1 with the latest updates. All servers are virtualized with Hyper-V.

• Domaincontroller (LAN)
  
• RD Sessionhost (LAN)
• RD Gateway (DMZ)
• Clients (DMZ/WAN)
  
• Hardware-Firewall (3-zone)

Does anyone have an idea, what might be the problem?

Best regards,
BpDk

2012 (not R2) RDWeb

So I ran through my grace period and then added a licensing server. Now it appears that I am in another grace period (I haven't entered CAL's yet). How long is this second grace period?

TIA!

Hello,

I am testing a RD session broker role.

So I have 4 VMs: lest call them VM1, VM2 VM3 and VM4

VM1 is the DC and all other 3 VMs are under VM1.

VM2 is the Session broker server.

VM3 and VM4 are the host servers which are in a farm called Farm1.
Now I have done everything pretty much right. VM2, VM3 and VM4 all are listed in the Session broker computer local group (which is on VM2 since it is the session broker server)

Then I also have VM3 and VM4 setup in regards to their Remote desktop session host configuration.

RD Connection broker is VM2 and Farm name is Farm1.

everything sounds good right?

Okay.. So then I also have added those "New host (A or AAAA)" for VM3 and VM4 in the DNS on VM1 (which is DC).

Both VM3 and VM4 are set to 100 in "Relative weight of this server in the farm".

Now I am trying to do MSTSC from VM2 to farm1.domain.net. First user goes to VM3 just fine. But when I try to do MSTSC again with the second user, it tells me this:
"

The remote computer hat you are trying to connect is redirecting you to the remote computer.
Remote Desktop Connection cannot verify that the two remote computers belong to the same farm.
This can occur if there is another computer on your network with the same name as the computer your are trying to connect to.

"

I have read 10 pages of google search about this and still have no clue what to do. I have tried flushing DNS cache on VM1. Time and date is exactly the same on all 4 VMs. 

I also read the following thread but could not understand the answer that he has given there.
http://social.technet.microsoft.com/Forums/windowsserver/en-US/40be1eda-f752-4b64-bb47-dbe2156218f9/remoteapp-cannot-verify-computers-belong-to-the-same-server-farm?forum=winserverTS

Please help me on this.

Thanks,

I am in the process of configuring a new Windows 2008 terminal server in an existing Windows 2003 domain.  The TS is installed on a member server running Windows Server 2008 SP2.  The problem is that the domain login script (set in group policy) does not seem to be working for the users.  

I have a special TS group policy for the new terminal server and have enabled loopback processing on the default domain policy. The only setting configured in the TS policy is the location of the user's terminal server roaming profile. This seems to be working.  Other than the login script, other elements of the domain-level group policy, such as folder redirection, seem to be working. When I run the GP result tool on the terminal server, it shows all of the appropriate group policies from both the TS policy and the domain-level policy, including the login script.  This login script is vital, since it does drive mapping for a bunch of resources on the domain that users need to run certain programs.  The odd thing is that the login script runs for the Administrator account, which uses a separate group policy that has inheritance blocked.

Any help would be appreciated!

I have set up a test Server 2012 RDS collection (Single Server for now) and implemented User Profile disks.

I have two problems.

First: My generic test user can connect and does successfully use the user profile disk as expected. However, atlogoff, the system event log contains these errors:

The error (NTFS 137) is: The default transaction resource manager on volume C:\Users\ts3.test encountered a non-retryable error and could not start.  The data contains the error code.

The warning (NTFS 50) that concerns me is:

It appears that the user profile disk is being "disabled" or "disconnected" before the profile data is completely written at logoff. What can I do to troubleshoot this?

Second:

Update: A post from Mike Connor on the following page: -LINK- solved the problem described below. 

My administrative user always logs on now with a temporary profile. At the beginning, the UPD was working and mounting. That stopped working. In attempting to troubleshoot, I logged the admin user off and deleted the UPD disk file from the share. I remember it working again after generating a new UPD disk file in the share. Soon, it quit working again. I deleted the UPD disk file again from the share and ever since, it has never regenerated a new UPD andalways logs on with a temporary profile.

Hello,

I currently have a very interesting problem:

Some (not all) printers show up multiple times on every user session on the specific terminal server. This behavior show up on both of the 2 servers. Also the printer only shows up multiple times under the control panel, but not in the printer dialog.

The users are not part of either printer operators, Administrator or Power Users.

The servers are Windows Server 2012.

I cannot find a reason for this after some hours with my friend Google.

Does someone have any idea how to fix this?

Thanks in advance

Paul

We have a small RDS farm running on Windows Server 2012 R2.

All the RDS hosts and related servers are virtual servers running on vSphere 5.5 (hardware version 8 if that makes any difference).

I've seen various articles about configuring RemoteFX in Group Policy, but they are confusing.

I'm not asking about improving things like watching YouTube videos etc., I'm asking about improving graphics in general, like screen redraws and displaying mouse movements, keystrokes, etc.

What are the best things to do to improve these things within an RDS farm??

I will try increasing the video RAM within the host servers' VM settings but this is a guess, and these hosts are logged into by multiple users over VPN connections...

Thank you, Tom

I am looking for any information/docs describing using KDC Proxy with RD Gateway. All I could find is this KB (http://support.microsoft.com/kb/2957984) mentioning rdgiskdcproxy property, but I can not find anything more on this. 

Any help would be appreciated!

Regards,

Pawel Mazurkiewicz

Hi,

I am testing this simple C++ application below on Windows 2012 R2 and WTSVirtualChannelOpen fails with error code "ERROR_NOT_SUPPORTED". The same application runs fine on Windows Server 2008.

I have tried with WTSVirtualChannelOpenEx but I got the same error code.

Can anyone help me shed some light on this issue? That would be much appreciated :-)

Thank you.

#include <conio.h>
#include <windows.h>
#include <Wtsapi32.h>
#include <iostream>

#define TERMINAL_SERVICES_VC_NAME "TEST"

int _tmain(int argc, _TCHAR* argv[])
{
	std::cout << "<< Virtual Channel App >>" << std::endl;
	HANDLE hVirtualChannel = WTSVirtualChannelOpen(WTS_CURRENT_SERVER_HANDLE, WTS_CURRENT_SESSION, TERMINAL_SERVICES_VC_NAME);

	if(hVirtualChannel)
		std::cout << "WTSVirtualChannelOpen successful" << std::endl;
	else
		std::cerr << "WTSVirtualChannelOpen fails with error code: " << GetLastError() << std::endl;

	std::cout << "Press Enter to quit..." << std::endl;
	_getch();

	if(WTSVirtualChannelClose(hVirtualChannel))
		std::cout << "TSVirtualChannelClose successful" << std::endl;
	else
		std::cerr << "TSVirtualChannelClose fails with error code: " << GetLastError() << std::endl;
	return 0;
}

Hi. We need to allow users to save their RDP credentials on the clients when connecting to the RDS environment.

This works fine when they check the "Allow me to save credentials checkbox" and then "Remember my credentials" checkbox in the username/password dialog.

However we have a 2012 R2 RDS deployment with two RDSH hosts connecting through the RDCB server. Therefore we're specifying the "workspace id:s: <rds_session_collection_name>" in the RDP file. From my testing, whenever the RDP file contains the workspace id line, the "Remember my credentials" checkbox is missing from the user/pass dialog when connecting to the RDS environment and therefore the password is not saved in the user's credential manager.

How can we fix this problem?

Hi,

We have setup a brand new Remote Desktop Services farm with 10 Session Hosts for 200 users.

Now we see the Task 'Optimize Start Menu Cache Files xxx(SID)' for about 200 times on every Session Host server.

These can be deleted but they return whenever a user logs onto a specific Session Host server.

How can this be prevented? 

This has been addressed in another thread (http://answers.microsoft.com/en-us/windows/forum/windows_8-performance/how-do-i-permanently-delete-this-task-scheduler/0fd8f7a0-c182-45c1-ad42-f02d768cb295), but the solution there would be to stop the Tasks individually of stop the Task Scheduler. Both are obviously not what I, or anyone else, want.

Regards,

Sjoerd