Hey Together,

we have a customer with a RDS Terminalserver Farm with 4 2016 RDS Session Hosts located in Azure.

The customer is facing the issue that the desktop icons are flashing, like they are pressing f5 all the time.
Already tried the specific registry key here: 
https://community.spiceworks.com/topic/1978620-rds-2016-desktop-icons-flickers-refreshes. that either did not work.

In addition the users are experiencing that the cursor sometimes start to randomly juming around.
For example, user is typing in the adress field of outlook, and the cursor jumps out of that field and the user has to click in it again to finish typing.

Probably the issue is related to the flickering and refreshing desktop, but not sure.

Best Regards,
Dominic

Is anyone aware of a fix to this issue?

See the post from Sasha (Microsoft): here

Here is a post to the MS KB acknowledging and providing a resolution for 2012 R2:here 

To resolve the issue when it happens, i need to kill the TermService service (it won't stop normally as it is in a deadlock state). I can then start the service again and it's business as usual until it happens again.

I can't see any info about this in RDS 2016... Anyone else? MS?

Thanks,

Stephen

Dear All,

we have a ADC  server on windows 2012 r2 but its working very slow when i view like task manager,disk management some time get hang and some time working good. kindly suggest how to resolved this issue.

Thanks & Regards

Naved Anjum 

Everything was working fine until about 2 months ago.

I have a Windows 7 system that I access with Remote Desktop Connection from a Windows 10 system.  One day I found that my user account, which had been given administrator rights quite some time ago, couldn’t log on remotely.  The Windows 7 system was configured for remote access with the setting “Allow connections only from computers running Remote Desktop with Network Level Authentication (more secure)”. When I tried to log on, I got an error stating “The Local Security Authority cannot be contacted”. 

If I configured Windows 7 to “Allow connections from computers running any version of Remote Desktop (less secure)”, then I could log in but I didn’t want to use this less secure setting.

Doing some experimentation, I found that if I enabled the built-in Administrator account, then the Administrator could log in remotely using “Allow connections only from computers running Remote Desktop with Network Level Authentication (more secure)”.

If I created a new standard user called Test.  I found that Test could also could log in remotely using “Allow connections only from computers running Remote Desktop with Network Level Authentication (more secure)”.

If I promoted Test to an administrator, then Test couldn’t remotely log on.  He got the LSA error.  If I demoted my account to a standard user then I could log in remotely using “Allow connections only from computers running Remote Desktop with Network Level Authentication (more secure)”.

When I promoted my account back to an administrator, the logon failed with the LSA error.

All users have valid passwords that are set to never expire and are members of the Remote Desktop Users group.  The only thing that is changing is whether or not the users have administrative privileges.

Is this a permissions issue, or a behavior change cause by an update to Windows 7?

Mark Wilson

We have Symantec End Point Installed in Servers. We found Event 4625 Which has NULL Event Logs Information found in the Logs 4625.

Can can anyone explains, How do we do the Investigation cause receiving many logs for same with Justification. 

We are in Mid of the Conclusion, and Why is this Event Generated by Whom and How?

Error: 

Configuration:

We have few servers on WORKGROUP however i have made single server as RDS License server and on rest all servers did below configuration

<style type="text/css"><!--td {border: 1px solid #ccc;}br {mso-data-placement:same-cell;}--></style>Local group policy on each server
Local Computer Policy -> Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Licensing

"Use the specified RD license servers" = myservername

"Set the Remote Desktop licensing mode" = Per User

Solution that i always apply to fix this by removing the REG Key and reboot the server

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM\GracePeriod

We have all the licenses and configuration in place still why we get the error after every 180 days..... What needs to do to avoid this 

Dayanand Gavas

Hi guys,<o:p></o:p>

We have the following situation in our IT environment. We set up multiple terminal servers, which are used by 50-60 end user of our company. They use them regularly. Every terminal server is a RD license server at the same time.<o:p></o:p>

We also have 50-60 3-party-accounts from other companies, who are using one specific terminal server to get access to our IT environment. This guys are maintaining/repairing our systems, installing software updates, and so on. They are doing it irregular. That means, that there are some 3-party-users, who use this terminal server once a week, and some of them who use it once in 6 months. This terminal server is also a RD license server. <o:p></o:p>

Now we are looking forward to reduce the number of our RD license servers to one or two. The question is, whether we have to separate the RD license server into a RD license server for internal users (who are performing business processes) and RD license server for external users (who are maintaining and repairing our systems). The number of internal users is constantly growing and we are afraid, that at some point of time in the future all free RDS user CAL will be reserved by our internal users and in the case of a critical system failure one of our external users won't be able to access our environment and fix the problem (because there won't be any free RDS CAL).<o:p></o:p>

Does it make sense to set up two RD license server in our case or what would you advise? I would prefer only one RD license server if we could assign some fix number of RDS CAL to the terminal server our external users use (but I think it's not possible) or if we could be sure, that even in case we don't have sufficient number of RDS CAL for some reason our external users will be able to connect to our terminal server in a critical situation.<o:p></o:p>

Of course we have to take care that we buy new RDS user CAL every time we grow, but what if we forget to do it for some reason (for example in case that the responsible person is sick or leaved the company)?

Thanks in advance and best regards
Valdez

Hello,

I have allot of apps that installed on a network share. So there is a front end installed on the server but the executable sits on network. It does not appear as an installed app in the window of publishing apps. The reason for this is so any settings modified as part of this software must be installed as a network server so that all users get the settings.

Thanks in advance

Hi All,

Just wanted to check with you all on is there a possibility to provide a maintenance window on RemoteApp collection level.

We have Production collection and Test Collection in an event we need to take down the production collection. For this purpose, we send emails to our client saying that that environment will not be available. Is there a way that we can let them know when they launch the RemoteApp?

We have 400+ end users that we need to notify when there is a maintenance window. 

BTW we have Window server 2012 R2 for all RDS servers.

I really appreciate your help.

Shekar-Technet

I'm trying to set up 2019 RDS to replace our 2008R2 Terminal Server.  I used this paper as a guide, but did not publish any apps, just using session based desktops: https://gallery.technet.microsoft.com/Windows-Server-2016-Remote-ffc383fe

I have a broker server, gateway server, web server and two session hosts.  Licensing server is running on the broker server but not activated yet.  I also haven't enabled the gateway server yet as I'm just testing internally. So far I have just one collection pointing to one of the session host servers. We are not testing any remote apps, just session based desktops.

Here's the problem:

• I'm able to initially get two users connected (either directly on the broker server, or through the Remote Desktop Web Access page) If a third tries to connect, it hangs at a black screen and eventually gives the message "failed to reconnect to your remote session.  Please try to connect again".  I would expect to see a message about not enough licenses or do you want to bump someone else off.
• During the black screen time, and before the error message, the active two users get bumped off, but then automatically reconnect.
• If I then log off one or both of the active users, I'm unable to log anyone into the server again.  They all get the black screen and the error message.  At this point I'm only able to log into the server on the console.  The only way to fix this is to reboot the broker server, and the cycle begins again.

Here's what shows up in the Event Viewer on the Broker server:

• When active users get bumped out theTerminalServices-LocalSessionManager log shows an error like this: “Session 3 has been disconnected, reason code 3489660929”. Also shows reason codes 12 and 0.  Also get this error in the same log: “An error occurred when transitioning from CsrConnected in response to EvCsrInitialized. (ErrorCode 0x80070102)”

• In the RemoteDesktopServices-RdpCoreTS Operational log, we get lots of weird errors:

-TCP socket READ operation failed, error 10054”; “RDP_TCP: An error was encountered when transitioning from StateUnknown in response to Event_Disconnect (error code 0x80072746).”;

-RDP_SEC: An error was encountered when transitioning from FStateProcessingData in response to FEventPostReceiveFailed (error code 0x80072746).”

-RDP_SEC: An error was encountered when transitioning from FStatePassthrough in response to FEventCheckAndCompleteReadsFailed (error code 0x8007139F)”.

-Failed InputMgr->GetHandles' in CUMRDPConnection::GetInputHandles at 4043 err=[0x80070102]”; “'GetInputHandles Failed' in CUMRDPConnection::GetInputHandles at 1401 err=[0x80070102]”

Here’s what I’ve tried:

• All servers are updated
• Removed and recreated my collection
• Rebooted many times
• Restarted the Windows Audio service
• Tried both from the RD Web Access page and directly connecting to the Broker server
• Tried disabling firewalls on all RDS servers

I’m kind of at a loss and it’s driving me bananas. Any suggestions would be much appreciated!

George Moore

In RD Licensing Diagnoser on Server 2016, I get a message that the licensing mode for the Remote Desktop Session Host server is not configured. How does one set this. I cannot find the "RD Session Host Configuration Tool" like I we have used in the past with Windows Server 2008 R2 to accomplish this task.

Thanks
NK

I've seen a number of discussions on this topic but not sure I saw a solution.

My 3rd party app published RemoteApp doesn't pick up user environment variables.  If I run the app in Remote Desktop it picks up the user environment variables just fine.

Is this just a shortcoming of RemoteApp?  Is there a way around this?

I have 1 Server that can't RDP or be RDP'd, access file shares or have its file shares accessed from other servers on a different subnet. 

I can access the file shares and RDP to and from it from other servers in the same subnet. 

Windows Firewalls are off, no I cannot change the IP address for testing because web and application services are dependent upon it. 

Other servers can access shares and RDP across the subnets just fine. It's literally just this 1 server that's having the issue.

Hi Guys:

I am stuck in a very strange problem and wonder if someone can help ASAP. It turs out to be a challenge as I have tried everything by the book but no luck.

I have remote desktop deployed with Hyper-V VM1 as RD Connection Broker which is also RD licensing server,Hyper-V VM2 as RD Session Host, Hyper-V VM3 RD Web Access which is also RD Gateway and DirectAccess server ---All running windows server 2012 R2 datacentre 

I have setup an A record corp.publicdomain.co.uk on public domain pointing to our public static internet address and have forwarded ports TCP 443 & UDP 3391 to VM3 (RD Web Access & RD Gateway).

The certificate is issued from our internal Enterprise sub-ordinate CA to *.internaldomain.com & corp.publicdomain.co.uk in CNAME and DNS. This certificates is also installed into Trusted Root authority Store of remote clients and they trust the remote desktop servers.

I have windows 10 Enterprise installed on remote clients which are domain joined and connected to our network with DirecAccess. We only use direct access to apply group policies. Through GP they are set to use our public domain corp.publicdomain.co.uk as RD Gateway, delegate default credentials TERMSRV*.internaldomain.com to ensure SSO and have a setup default RemoteApp connection through public address of RD Web Access. Clients run remote apps by going to Work Resources folder on the start menu and client on published apps icon.

Internally this works fine and also worked fine for remote clients until two days ago when suddenly they encountered a dialogue box:

Windows Security

Enter your credentials

Typer your username and passoword to connect to <FQDN of VM1> which is remote connection broker

and in red The logon attempt failed. Wont login even the credentials are entered again. 

As work around, I have now arranged to connect them through VPN and running apps from RD Web access page from local FQDN/rdweb of RD Web Access server.

I tried to connect from outside from windows 10 home, windows 10 pro and windows 7 and could connect through RD Gateway without any problem. So this pretty much narrows it down to windows 10 Enterprise (64-bit if this matters :))

Many Thanks

Situation: 
Windows Server 2012 standard- with NO virtualization enabled. Machine is NOT a DC.  It is a single WS 2012 file server among 6 other WS 2008R2 machines.  All servers are members of a single domain.
I have been attempting to load Remote Desktop Services- Many failures prior to finally getting RD Connection Broker, RD licensing and RD Session Host to load.  Ended up using a combination of PS and Server Manager.

The problem:  No Remote Desktop access to the server--- NONE--- No Admin access - No User access. Admins DID have access prior to loading Connection Broker, Session Host and Licensing. Remote desktop connection is enabled & users have been specified. When you try to log on to the server a popup states the following:  Your computer can't connect to the remote computer because the Connection Broker couldn't validate the settings specified in your RDP file. Contact your network administrator for assistance."    The server event logs show:

event 802:  RD connection Broker failed to process the connection request for user xxxx\yyy.  User's RDP file has invalid hint format.  Error:  the format of the connection hint in the RDP file is incorrect.  

Event 1306 Micosoft-Windows-TerminalServices-SessionBroker-Client:  Remote Desktop Connection Broker Client Failed to redirect the user xxxx\yyy.  Error:  NULL

Even 1296 Micosoft-Windows-TerminalServices-SessionBroker-Client: Remote Desktop Connection Broker Client failed while getting redirection packet from Connection Broker.  User:  xxxx\yyy Error:  Element not found.

I would be very grateful for any help.  Since this is a new installation and has never worked, it is difficult to know where to start.  I do know that if I remove session broker and the other remote desktop services, normal admin remote desktop access is restored.

Hi,

there is some setting to be done in a way to allow users itself to 'logoff' their sessions? Today they only have the option 'disconnect'.

---

I found some posts over the internet saying to create a shortcut for a .bat file with 'shutdown /l' command inside.

---

Here is another tool to help admins to close sessions: https://charbelnemnom.com/2015/06/how-to-log-off-remote-desktop-user-sessions-in-remote-desktop-services-via-powershell-rds-ws12-ws12r2-vdi/

---

Here another script designed for helpdesk team to be able to force logoff of users:

https://rcmtech.wordpress.com/2017/07/07/gui-to-log-off-remote-desktop-users-by-non-admins/

Hi,

is there some cmdlet to disable the user consent?

Hi All,

An environment of RDS servers and broker, OS version Windows Server 2016 Standard with roaming profiles,

random users sometimes are signing in and creating c:\users\temp* folder,

once full log off is preformed the next login will probably be valid even to the same server,

I can attach GPO result summary if needed,

any ideas?

thanks alot,

Noam.

Hi, I have been using Windows Server 2008 R2 since it was released, and have 100 servers up and running. I configured Allow Remote Desktop on all of them and have been able to connect to them and manage them via RDP since then. I also have two servers configured as Remote Desktop Services.

That was up until yesterday. Yesterday afternoon I started getting the The requested session access is denied. I managed all Terminal services via Group Policy and have three users entered.

I am connecting to the servers via Windows XP SP3 and Windows 7. Both clients have been updated to the latest Remote Desktop Services client.

I have been searching for the answer, and I am not finding it.

I have also tried KB954369 without any success. 

Thanks,

Brian

Hello from Austria !!

First of all I wanna say, please excuse my bad english.
Since about 5 weeks I am struggling with the problem, 
that after a reboot of a fully patched 2012R2 RDS server,
the printer and drive redirections at logon will be done only about 2-3 hours after the reboot.
For users who do not log out / disconnect, they work the whole day. But when you log in again, no drives or printers will be redirected.

Sometimes the redirections work after lunch, but here they will be done only about 30 minutes.
After that time, new logged in users will not get any redirections.
At weekends, things usually work the whole weekend.

I have already done SFC / scannow, DISM / Online / Cleanup-Image / RestoreHealth.
Restarting "Remote Desktop Service Port Forwarding in User Mode" service does not change anything.

Deactivating and activating the "Device Redirector Bus for Remote Desktop" in the Device Manager has  worked only once, then the redirected drives and printers reappeared in the session.
Only the restart of the server (what happens Monday to Friday at 5:30) is bringing back the redirects for the mentioned 2-3 hours.

In the event log I find no error messages in consense with Remote Desktop.

I look forward to any kind of feedback, thanks in advance !!!

Regards from Austria

Reinhold