Quantcast
Channel: Remote Desktop Services (Terminal Services) forum
Viewing all 1106 articles
Browse latest View live

RDS2012, via PS: howto see id of disk mounted on a RDS-server?

May 20, 2016, 3:12 am
$
0
0

Hi,


On RDS 2012, we have User Profile Disks. This means the RDS-server will mount a VHDX on a remote file server for every user. So f.e. 40 users, 40 disks mounted.
In disk management they only show as id's.

Sometimes we have issues with UPD so I would like to see which user has which disk (the id of it) in use. So I can dismount it.
Get-Disk on the server doesn't reveal much.
Maybe this info can be gathered from the session host?

Please advise.
J.

Jan Hoedt

Search

The RDVGM kernel mode driver failed to start.

September 29, 2016, 7:56 am
$
0
0

I'm running Windows Server 2012 R2 with VDI using Windows 8.1 Enterprise client VMs.

When a user attempts to reconnect to a previously disconnected session, the RDP connection fails and a large number of the following critical errors are logged on the VM in Microsoft-Windows-RemoteDesktopServices-vGPU-KModeDriver/Admin (Event ID 1):

The RDVGM kernel mode driver failed to start. The VM will not run with RemoteFX. If this issue persists, consider running with a lower number of monitors, resolutions, VMs, or increasing the GPU capacity.

At the same time, the RDS Host server logs a large number of these errors in Microsoft-Windows-Hyper-V-VMMS/Admin (Event ID 32615):

The RemoteFX Manager process stopped working and has been restarted. VM computer: <withheld> VM ID: <withheld>.

Restarting the VM resolves the issue, but that also logs off the session that the user tried to reconnect to.

Things I've tried so far:
- Increase the resolution of the RemoteFX adapter, giving it more VRAM
- Enable Migration Compatibility on the VM Processor
- Tried using both older and the latest graphics drivers for the NVIDIA Grid K1 GPUs.

Any ideas?


Getting the IP Address of client connected over RD Gateway

October 3, 2016, 1:30 am
$
0
0

Hi.

I'm trying to get the external IP Address of clients connected over Remote Desktop through a RD Gateway.

I can get the IP Address using WTSQuerySessionInformation if I'm not connected through the gateway, but I get nothing but 0's when I connects through the gateway.

Interesting moment that if I connects from Mac OS (Microsoft Remote Desktop for Mac OS),

WTSQuerySessionInformation gets client's IP normally.

Is there some other way to get client's IP? Or how to get Windows client's IP connected through RD Gateway with WTSQuerySessionInformation?



Configure RAP (Resource Authorization Policies) with Powershell in RDS 2012R2

October 4, 2016, 1:11 am
$
0
0

I am trying to create a RAP with Powershell in 2012R2

Can sombody tell how to create a RAP with powershell in RDS 2012R2

- chris

How to specify multiple RDS License Servers with powershell?

October 6, 2016, 6:41 am
$
0
0

Hi,

Is there any way to specify multiple RDS License Servers (or add an additional one) with powershell?

Tried: 

$obj.SetSpecifiedLicenseServerList("srv-rds-lic01.local.net","srv-rds-lic02.local.net")

and:

$obj.SetSpecifiedLicenseServerList("srv-rds-lic01.local.net,srv-rds-lic02.local.net")

Specifying one entry works without any issues.

Thanks.


Pushing WS2012 RemoteApps to Windows 10 clients not working

October 7, 2016, 1:00 pm
$
0
0

WS2012 RDS infrastructure, domain member W10 clients, domain users.

I've set the "Specify default connection URL" policy to the full path to the RemoteApp feed. Clients are not adding the feed, and log this event:

-----------------------

Log Name:      Microsoft-Windows-RemoteApp and Desktop Connections/Admin
Source:        Microsoft-Windows-RemoteApp and Desktop Connections
Date:          10/6/2016 10:20:44 AM
Event ID:      1004
Task Category: Setup
Level:         Error
Keywords:     
User:          DOMAIN\Username
Computer:      COMPUTER.DOMAIN
Description:
The URL you typed does not have a connection.

Make sure that:
 -    You typed the correct connection URL                       

Connection name:
Connection URL: https://remote.domainname.com/rdweb/feed/webfeed/aspx
Error code: 0x80072EFC, 0x194

-----------------------

The path is correct.

Split DNS is set up. The server is named remote.domainname.com whether on the LAN or WAN. Certs are *.domainname.com. So it's not a cert name mismatch as seen here: https://social.technet.microsoft.com/Forums/en-US/023bbb37-94e7-4ea2-a3b7-f885bb0f02e3/remoteapp-desktop-connection-deployment-in-2012-error-1004?forum=winserverTS.

When I manually enter the URL in RemoteApp and Desktop Connections, it works. I am prompted for credentials to add the feed, but not when running the resulting RemoteApps (IOW, CredSSP is working when running the RemoteApps). Is auth during setup what's tripping me up here? The GPO help text says default Windows credentials are passed.

[edit]
Oops...wait...the URL ISN'T right. "/aspx" should be ".aspx". You know how you look at something 1000 times and it looks right, and then on the 1001st time after posting to Technet, you see it?

After changing it, it worked perfectly.

Never mind!


Disk space consumed by printer drivers on RDS 2008 R2

October 5, 2016, 5:37 am
$
0
0

Hi all,

I'm facing issue on several RDS servers : the folder that contains printer drivers is anormally big, I guess.

In fact, the folder C:\Windows\System32\spool\drivers\x64 is about 15 GB on one of our RDS server and about 30 GB on other server although these 2 servers are used by the same population with the same printers.

So what should I do in order to reduce disk usage of these folder without disturb users ?

Thank you.

Have a nice day.

FXE

Failed: the Integration Components in the virtual desktop template are not the correct version

October 12, 2016, 8:00 am
$
0
0

Hi.

I've made a VM (win7) on server A, exported it and imported on server B.

It starts and everything looks fine. So I sysprepped it and tried to use as the template for Personal Virtual Desktop collection.

The Integration services are the latest bun adding vm to Collection stops with an error:

Failed: the Integration Components in the virtual desktop template are not the correct version

What is the reason of such error and how to get rid of it?

Search

User Profile Disks on Azure with remote desktop services

October 18, 2016, 7:12 am
$
0
0

I can't find any best practice (or anything at all actually) about profile disk management on Azure with Remote Desktop Services. What is the best way to do it? Create a VM for the storage management and access it with SMB? I can find a lot about Remote App but I am specifically talking about Remote Desktop Services here.

I tried the "File Service" in the storage account in the new Azure Portal, but the problem is then that the RDS broker can't access WMI:

Could not create the template VHD. Error Message: Unable to connect to WMI on server <storageaccount>.file.core.windows.net, error The RPC server is unavailable. (Exception from HRESULT: 0x800706BA).

I prefer that last method actually so I don't have to manage another VM with HA, monitoring, backup etc.

Ideas are very welcome. Thanks in advance.

License server Activation - How to get the ProductID using powershell script

October 18, 2016, 8:42 pm
$
0
0

I wanted to partially automate the Activation of license server using the web browser method .

I wanted automate the below 2 steps using powershell script

1. Open RD Licensing Manager (licmgr.exe) on your server, right-click on the server name and choose Properties

2. Change Connection method to Web Browser, before closing the window write down your Product ID.

How do I write a powershell script which will display the Product ID to the user.

Thanks for the support

Somaraj

 

RDP Interrupts and Tracing of Terminal Services Sessions

October 7, 2016, 12:54 am
$
0
0

Hi together,

we deployed terminal services on Windows Server 2008 R2, Standard.

Terminal services licences are available more than needed. In a Group Policy in the domain we set only the parameters as follow:

Idle session limit: 5 days

Active session limits: 5 days

All other parameters are not set in the Group Policy.

The users complain that their sessions are interupted bevor the active or idle session limit is  reached.

In the Event logs there is no eye-catching logs. But there are some Events which should be analyzed. I could not find any good Information about these Event IDs:

Log Name:      Application
Source:        Microsoft-Windows-User Profiles Service
Date:          06.10.2016 02:27:34
Event ID:      1530
Task Category: None
Level:         Warning
Keywords:
User:          SYSTEM
Computer:      <TERMINAL SERVER NAME>
Description:
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

 DETAIL -
 1 user registry handles leaked from \Registry\User\S-1-5-21-1465920317-3573457174-689236308-1025:
Process 224 (\Device\HarddiskVolume2\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1465920317-3573457174-689236308-1025\Printers\DevModePerUser

Event ID 56 indicates a Time-out. This Event ID is monitored very rarerly during interrupts occur very often from different clients (Windows PCs, Handheld, etc.):

Log Name:      System
Source:        TermDD
Date:          06.10.2016 02:27:31
Event ID:      56
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      <TERMINAL SERVER NAME>
Description:
The Terminal Server security layer detected an error in the protocol stream and has disconnected the client. Client IP: <IP ADDRESS>
Event Xml:<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"><System><Provider Name="TermDD" /><EventID Qualifiers="49162">56</EventID><Level>2</Level><Task>0</Task><Keywords>0x80000000000000</Keywords><TimeCreated SystemTime="2016-10-06T00:27:31.702701900Z" /><EventRecordID>199479</EventRecordID><Channel>System</Channel><Computer>TERMINAL SERVER NAME</Computer><Security /></System><EventData><Data>\Device\Termdd</Data><Data>IP ADDRESS</Data><Binary>0000040002002C000000000038000AC00000000038000AC000000000000000000000000000000000B50000D0</Binary></EventData></Event>

My analyzing for the error code in Event ID 56:

B50000D0 turning to > D00000B5
ERROR: C00000B5

Error code with err.exe:

D:\err>err.exe /ntstatus.h C00000B5
# ntstatus.h selected.
# for hex 0xc00000b5 / decimal -1073741643 :
  STATUS_IO_TIMEOUT                                             ntstatus.h
# {Device Timeout}
# The specified I/O operation on %hs was not completed before
# the time-out period expired.
# 1 matches found for "C00000B5"


The other Event ID is 

Log Name:      Security
Source:        Microsoft-Windows-Security-Auditing
Date:          06.10.2016 02:27:31
Event ID:      4779
Task Category: Other Logon/Logoff Events
Level:         Information
Keywords:      Audit Success
User:          N/A
Computer:      <TERMINAL SERVER NAME>
Description:
A session was disconnected from a Window Station.

Subject:
	Account Name:		<USER ACCOUNT>
	Account Domain:		<TERMINAL SERVER NAME>
	Logon ID:		0xf8e72c6f

Session:
	Session Name:		RDP-Tcp#12

Additional Information:
	Client Name:		<CLIENT NAME>
	Client Address:		<IP ADDRESS>


This event is generated when a user disconnects from an existing Terminal Services session, or when a user switches away from an existing desktop using Fast User Switching.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"><System><Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-A5BA-3E3B0328C30D}" /><EventID>4779</EventID><Version>0</Version><Level>0</Level><Task>12551</Task><Opcode>0</Opcode><Keywords>0x8020000000000000</Keywords><TimeCreated SystemTime="2016-10-06T00:27:31.718302300Z" /><EventRecordID>1473106</EventRecordID><Correlation /><Execution ProcessID="600" ThreadID="10144" /><Channel>Security</Channel><Computer>TERMINAL SERVER NAME</Computer><Security /></System><EventData><Data Name="AccountName">USER ACCOUNT</Data><Data Name="AccountDomain">TERMINAL SERVER NAME</Data><Data Name="LogonID">0xf8e72c6f</Data><Data Name="SessionName">RDP-Tcp#12</Data><Data Name="ClientName">CLIENT NAME</Data><Data Name="ClientAddress">IP ADDRESS</Data></EventData></Event>

My questions:

How can I trace all RDP sessions in DETAILS inkl. logon, logoff, Interrupts, etc.?

Is there any  tool for it? I mean EXCEPT "Remote Server Services Manager".

Best Regards

Birdal


Remote Desktop Services has taken too long to load the user configuration from server Event ID 20499

October 18, 2013, 10:41 pm
$
0
0

I keep getting Event ID 20499 "Remote Desktop Services has taken too long to load the user configuration from server \\SERVERNAME for user USERNAME" in our event logs for multiple servers that are running 2012 R2

I noticed that when this happens the user often is missing items that get applied via group policies such as desktop wallpapers and mapped drives.  

I am also using the Microsoft Remote Desktop for Mac that was release yesterday on another Mac computer and for certain users it won't launch the redirected folder that I specified when I get this Event ID 20499

Windows Terminal Server 2012 wont publish any more remote apps!

April 23, 2014, 3:58 pm
$
0
0
I have a weird problem with our new Windows 2012 Terminal Server. We have already published one application through a session collection via Remote Desktop Services. We now have the need to publish another application. When I click on the "Tasks" drop down menu and select "Publish RemoteApp Programs" I get an error of "Server.domain.local is not available on the network. Verify that the server is available on the network or remove the server from the collection"

Does anyone have any ideas why I am seeing this?

Thanks

Nmap how to scan RDP open port 3333 or 3392 only for RDP,

October 20, 2016, 7:15 am
$
0
0

Nmap how to scan RDP open port 3333 or 3392 only for RDP and not show me all opened port, noo , only open port for RDP (port 1024-65.000) ? thank you

if i use this syntax nmap will show me all opened ports and NOT ONLY RDP OPEN PORTS:

nmap -p3333-3392 -sS RANGE/IP --open -oG save.txt


Allow non-administrator user access to shadow RDS users

August 30, 2016, 6:52 am
$
0
0

Hi, is there a way to give an AD group permissions to shadow users on Windows Server 2012 R2 - desktop collection?

Thank you 


Search

Add Session Host to Deployment

October 25, 2016, 6:48 pm
$
0
0

Hi guys,

strange issues here. I can't add a Session Host to an existing Deployment.
It's all Windows Server 2012 R2.

If I try to add the Session Host via PowerShell (my preferred way), I get this error:

New-RDSessionCollection : The RD Session Host server WIN-DJQ9B0G1C3M.fqdn.com does not exist in this
deployment.
At C:\Windows\temp\schtask6.ps1:8 char:1+ New-RDSessionCollection -CollectionName 'Planning' -CollectionDescrip ...+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~+ CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException+ FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,New-RDSessionCollection


If I try to just add the server as a new Session Host via the UI, I get this error here.

I now tried it via GPO and on the Session Host I'm getting the following error in Eventlog:

Remote Desktop Services failed to join the Connection Broker on server WIN-1A1B9M6OF6H.fqdn.com.
Error: Current async message was dropped by async dispatcher, because there is a new message which will override the current one.

I manually added the Session Host to the "RDS Endpoint Servers" group as that was missing. This didn't resolve any issues.

Thanks,
David

My blog on all about automation: www.david-obrien.net | me on Twitter: @david_obrien Please remember to mark the post(s) that helped you resolve the issue (even if it was your own)

local printer connected via IP port not shown up in RDP Session

October 25, 2016, 4:24 am
$
0
0

Hi,

having Windows 8 and Windows 10 Clients. Terminalserver is 2012 R2.

printers, connected to the clients via a printserver (\\server\printer) are shown up in RDP session and are usable.

But the same printer connected via network ip port are not visible in RDP (via default network IP port). There are clients connected via WAN where it is not sensfull to connect via printserver.

Any ideas where are the differences?

Greetings/Grüße Gernot

When attempting to Shadow on 2012 R2 RDS we get an Unspecified error

May 11, 2014, 4:46 pm
$
0
0


We have built a Windows server 2012 R2 RDS server, and setup the whole deployment on one server, Gateway, Broker, licensing, session host, and collection.

But when we go to shadow the user using Server manager or command line mstsc /shadow:n when get this very helpful error:   Unspecified error in a Window called Shadow Error

I have tested Shadowing on another networks server with a similar setup and it works fine, only difference is the Active directory server are 2008 vs this one that doesn't work being 2003.

I have also tested using local accounts and still get the same error, and there is not a lot on the web regarding this error and RDS shadowing


RD Web & Gateway setup in Web Application Proxy WAP?

May 13, 2015, 3:06 am
$
0
0

Hi,

I'm building Web Application Proxy with ADFS Preauth for RD Web and Gateway. Can anybody help with these 3 questions:

  1. ADFS:
    What is the best way to configure Relying Party Trusts in ADFS for RD Web and Gateway?

  2. RD Web:
    If I configure RD Web for windows integrated authentication, then I can logon to ADFS and successfully access the RD Web page, however no credentials are passed through to the client for connecting via RD Gateway.
    If I configure RD Web for forms based authentication then I have to logon twice however it appears to set a TSWAAuthHttpOnlyCookie cookie correctly and credentials are passed through to the client for connecting via RD gateway.
    How do I achieve SSO for both RD Web and RD Gateway?

  3. RD Gateway:
    I can't get gateway to work through WAP. I am wondering if this might be because it is attempting to authenticate with NTLM instead of Kerberos? I get repeated auth popups with "the logon attempt failed". Nothing useful in Web Application Proxy log. In the headers below extracted from fiddler my WAP is 'rdsext.lab.local'.


About the only doco I've found on this is here: https://technet.microsoft.com/en-us/library/dn765486.aspx

Any assistance appreciated!
Simon.

RDG_OUT_DATA https://rdsext.lab.local/remoteDesktopGateway/ HTTP/1.1
Cache-Control: no-cache
Connection: Keep-Alive
Pragma: no-cache
Accept: */*
Cookie: TSWAAuthClientSideCookie=Name=lab%5Ctestuser&MachineType=public&WorkSpaceID=CB1.lab.local
User-Agent: MS-RDGateway/1.0
RDG-Connection-Id: {9DB5E643-DA7E-4D22-89FF-F6AB061CFBDE}
RDG-Correlation-Id: {6BB275E1-B8E1-44EE-B45C-ABE1BCA00000}
RDG-User-Id: dAB0AEAAcwBsAGEAYgA=
Host: rdsext.lab.local
Authorization: NTLM TlRMTVNTUAABAAAAB4IIogAAAAAAAAAAAAAAAAAAAAAGA4AlAAAADw==


External Users Prompted Twice or More for Credentials

October 31, 2016, 9:27 am
$
0
0

Simple setup, all 2012 R2 Standard.

  1. Domain Controller
  2. RDS Gateway, Broker, Webaccess
  3. Session Host

Clients can log into webaccess with their email address (account in DC). When they run the connection app from webaccess it will prompt a second time for credentials. If you type in the email address again it will often go straight in. If you don't type in the email address and run with DOMAIN\username you will get one more credential request which, once details are entered, will let you in, although sometimes it doesn't. So two prompts with an email address and three with DOMAIN\username.

The event logs on the gateway state that the user is successfully redirected to the session host.

The event logs and netlogon.log, when enabled, on the session host show that when logging in with DOMAIN\username the username is (NULL)\DOMAIN\username the first two times then changes to DOMAIN\username for the third.

Using the email address, not much is in the netlogon.log. The Security log seems to state A logon was attempted using explicit credentials"in relation to the successful login but nothing about the first unsuccessful.

I might be looking at the wrong thing, but I've tried everything else I can think of, including:

  • Built a new session host and connection as different session collection. Same issue.
  • Add TERMSRV/*.domain.local and TERMSRV/*.domain.co.uk in "allow delegating default credentials" and the NTLM-only version in the local policy on the gateway. (will tighten security on this once works)
  • Set "always prompt for password" to disabled on session host.
  • Set "NTLMv2 only" in LAN manager authentication level across the domain. And checked that the client computer has this set to "Not defined".
  • Turned off "Use my RD Gateway credentials for the remote computer" in the app from remote access. It prompts the second time for direct auth to the session host as expected, and DOMAIN\username works. So has to be something the gateway is doing.

Ideas would be greatly appreciated!!!! I'm certain it's something to do with (NULL)\DOMAIN\username. But could definitely be wrong.

Happy to post logs (ran out of time for now)



Viewing all 1106 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>