Quantcast
Channel: Forum Remote Desktop Services (Terminal Services)
Viewing all 27650 articles
Browse latest View live

RDS 2012 R2 - Users cannot 'logoff' but just 'disconnect'

February 23, 2019, 10:39 pm
$
0
0

Hi,

there is some setting to be done in a way to allow users itself to 'logoff' their sessions? Today they only have the option 'disconnect'.

---

I found some posts over the internet saying to create a shortcut for a .bat file with 'shutdown /l' command inside.

---

Here is another tool to help admins to close sessions: https://charbelnemnom.com/2015/06/how-to-log-off-remote-desktop-user-sessions-in-remote-desktop-services-via-powershell-rds-ws12-ws12r2-vdi/

---

Here another script designed for helpdesk team to be able to force logoff of users:

https://rcmtech.wordpress.com/2017/07/07/gui-to-log-off-remote-desktop-users-by-non-admins/


Search

UVHD-template.vhdx is gone! Recreate the template Windows 2016

February 25, 2019, 3:21 am
$
0
0

Hi All,

I have following problem.

Somehow and I don't now why, the UVHD-template.vhdx is gone.

Is there a way to recreate this template disk?

Thanks in advance

Jean

Single Sign On through Remote Desktop Gateway

March 1, 2019, 12:53 am
$
0
0

Hello,

I have a problem with my setup. If I connect via RDP to a termianlserver through a RDGW I must type the AD-Credentials two times.

One time for the RDGW and one time for the terminalserver.

I have configured the deployment setting  of the RDGW to "Use RD Gateway credentials for remote computers" but it´s not working.

Both systems are Windows 2016 Server.

Have anyone an idea and can help me please?

Remote Desktop -Redirected local printer not printing from remote desktop session

February 28, 2019, 4:23 am
$
0
0

Dear All ,

I have a Remote Desktop session Host which is my application server and added to the domain.

I have a brand new HP LaserJet 700 M712 ,which i installed in local system using the Complete driver from HP.

Then the users is taking the RDP to the server from local system and this printer is showing redirected in remote desktop session for the user.

But when i trigger a print to this redirected printer nothing prints.

No error messages shows.

This is for some systems only not for all system 

The OS of local system is Windows 7 Pro and Server is Windows server 2008 R2 standard.

I have tried lots of troubleshooting .Below are the steps

1 . Installed diffrent driver UPD PCL6 both in local system and server.

2 . Cleared the Print Spooler and restarted the spooler service

Please provide me any solution .

RDS App Sessions Don't Apply GPOs

March 1, 2019, 4:06 am
$
0
0

I published an app via RDS. The app makes lots of internet calls using the default browser. I want the app to use Chrome instead of IE for this. I tried both of the following:

1. Use an app associations file that was exported from a user profile that was configured to use Chrome as the default browser. I used it for the appropriate GPO policy.

2. Added the Google Chrome adm to GPO and configured it to make Chrome the default browser.

Neither approach works. I restarted the RDS instance after making the changes, then used the rdweb endpoint to launch the app. The app still uses IE.

In my research on this I found a post that suggested using a logon script that invoked the Chrome command line with a "make default" switch. I don't want to use this approach, as it adds more time to the login process.

Any ideas?

remoteapp keyboard shoutcut + maximize problem

February 28, 2019, 9:45 am
$
0
0
Hello,
I have windows server 2016 with last update and windows 10 built 1809 with last update too.
I have an application that is work under remoteapp in windows2016 server . the application have option ctrl+tab to switch between application windows.
when I click ctrl+tab on windows 10 the windows is show and going back.
also when I minimized any windows I cant maximize from the maximized button else if I do a right click and select restore.
so how I can pass that ?
thanks.

Microsoft Lover

Microsoft remote desktop 10 connect to the wrong environment

February 25, 2019, 10:51 pm
$
0
0

I am using Microsoft remote desktop connection client for mac version 2.1.1, and when I am connecting to the server I first input the address and then I can select the user from the second window, but when I use the Microsoft remote desktop 10 I always login in the wrong environment because it does not give me the option to choose the user and it always log in to the first account in the list. how can I achieve that in the new software? Thank you



No remote Desktop Licence Server available on RD Session Host server 2012

February 21, 2019, 1:45 pm
$
0
0

Error: 

Configuration:

We have few servers on WORKGROUP however i have made single server as RDS License server and on rest all servers did below configuration

<style type="text/css"><!--td {border: 1px solid #ccc;}br {mso-data-placement:same-cell;}--></style>Local group policy on each server
Local Computer Policy -> Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Licensing

"Use the specified RD license servers" = myservername

"Set the Remote Desktop licensing mode" = Per User

Solution that i always apply to fix this by removing the REG Key and reboot the server

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM\GracePeriod

We have all the licenses and configuration in place still why we get the error after every 180 days..... What needs to do to avoid this 


Dayanand Gavas

Search

Block network access from terminal

March 1, 2019, 10:59 am
$
0
0

Hey everyone!

Need help. I have a terminal server in AD. The terminal server is public with few remote apps for 5 accountants. Installed Remote Apps connect to another server with MySQL databases in my local network and he is not public. I want to block network access from the public terminal to the local network with the exception of the SQL server. That 5 accountants should not have access to my network at all. Via GPO I blocked cmd, powershell, and iexplorer. In RemoteApp settings, I left only the clipboard and printer mapping. Any advice for resolving my idea?

Thanks for help

Restrict RDP access to certain AD group.

March 1, 2019, 12:33 pm
$
0
0

Hello, 

I want to restrict RDP access to computers in an OU only to a certain AD group.  

How do I do this using group policy?  

I have tested the screenshot settings but a regular user still able to RDP.  

Please advise.  

Thanks. 

I cannot figure out why I cannot access Remote Apps from my RDS Server (via the RDS Web Page).

March 1, 2019, 12:58 pm
$
0
0

When I try to access the remote apps from the RDS Web Server page, I receive the error;

This computer can't connect to the remote computer.  Try connecting again.  If the problem continues, contact the owner of the remote computer or your network administrator.

What am I missing here?

With the exception of certificates, I have all components configured.  As of now, this is all internal within our AD Domain, so I wasn't going to worry about certs until later on.

rdweb authentication error 0x607

October 2, 2015, 11:25 am
$
0
0

Hi,

I deployed a RDS 2012r2 with a self-singed certificate and everything worked until I changed the certificate with a third party cert.
I can still login using RDP from a client through RDS Gateway and broker .. is working, but when I try to log on through RDWeb I get the famous "authentication error 0x607" error.
Setting/changing the collection security to low ... is not working for me.I can't imaging that recreating the collection is the only solution to this.

Thank You,
Best Regards,

MrFormula

Windows Server 2012 R2 as either a Domain Controller and a Remote desktop Server

March 2, 2019, 2:17 am
$
0
0

I need to configure a Windows Server 2012 R2 server as either a Domain Controller and a Remote desktop Server.

I know that the solution is deprecated and I remember that it was not possible on Windows Server 2012 before R2.

I read that Windows Server 2012 R2 allows configuring a single server with both roles, plus Remote Desktop Licensing.

Giver that there is no alternate solution, is there anything I should do in order to minimize possible problems?

Is there any guide I can use to perform the installation in the best way?

Regards

Mario

Error applying wildcard cert to RDS Web Access Role Service, event ID 20480 Failed to enumerate SSL certificate information

March 2, 2019, 10:33 am
$
0
0

I am trying to apply a third-party wildcard cert to a RDS server farm.  The .pfx is imported successfully for the RD Connection Broker roles, but gives an error "Could not configure the certificate on one or more servers..." when I apply it to RD Web Access.  In the Event log, this generates event ID 20480 "Property page: Manage certificates update failed: due to Exception Failed to enumerate server SSL certificate information."

This is an internal farm, with no RD Gateway server, 1 Connection broker/Licensing/Web Access server, and three additional session hosts.

JWT token identity needs to be preserved across multiple RDP Session IDs

March 2, 2019, 7:38 pm
$
0
0

Hi,

I am building a demo environment using a windows 2016 server with RDP access via a Web HTML5 portal, always using the same windows username/password credentials at the URL, but obscured by link cloaking. The purpose is to let users access an account protected website, via the Chrome browser installed in that server, where software packages can be demoed in real time but cannot be purchased. Users cannot have the website password ( because that will allow them to access the same website from their own computer, which cannot be allowed). So, it is as if the windows 2016 server is used as a client to access a website, this setup was initially thought to be used concurrently by some 10-20 people. I have edited Group Policy accordingly to allow multiple connections, time limit connections , logoff for disconnected sessions and took other Security measures to mitigate attacks and etc. Once users have logged via HTML5 RDP Portal, they get a tdp-rdp Session ID and can access the website, which has a JWT token stateful authorization strategy. Under normal conditions, from any user direct access to this website using his/her own computer, the JWT token would be loaded in the user computer upon the first access and later access  would be validated by the JWT token loaded and by concurrently accessing the website domain page, and during the JWT token time-to-live (15 days), entering with website account username/password again is NOT required.  My problem with moving this arrangement to the demo server is that, Session IDs are unpredictable! I realized that whenever I get again a RDP Session ID where the web site credentials have been already been provided, I am logged directly to the website, but when a new session ID is used by the server, I have the target website Login screen asking for username/password credentials. In other words, the JWT token seems to be "trapped" inside the RDP Session ID. Second problem is that, under tests, RDP Session IDs being unpredictable, they cannot be restricted to a certain number of Sessions like 1 to 5 to match 5 RDP allocated ports. Session IDs start to spiral towards Session 10,11,12,13 etc unpredictably ... I have read in many posts here the RDP Session ID algo has never been published so the pattern is completely unknown, sometimes it reverts back to lower Session IDs like 2 or 3 and works as expected (described above), and sometimes it continues to move upwards numerically and with that behavior, Users will be faced with the website login page, instead of falling directly at the validated demo content inside the website account area.  I activated "Do not use temporary folders per session" Group Policy rule to enable the following = "If you enable this policy setting, per-session temporary folders are not created. Instead, a user's temporary files for all sessions on the remote computer are stored in a common Temp folder under the user's profile folder on the remote computer.", but this had no effect on the problem. I expected that would create a common pool for the JWT token at the server, and address the problem, but all remained the same. 

Hence, I either need a way to contain RDP Session IDs in a certain range ( 1 to 5) which seems to be impossible, or a way to allow JWT token loaded by a kick start access using webste account username/password to be seen by the following RDP sessions and do not require username/password after the first username/password 'kickout" access. Note that all RDP HTLM5 Portal sessions to the windows 2016 server use the same Windows Username/password, so I was expecting that to work as it does over the Web/HTTP,but for some reason the JWT token appears to get trapped inside the RDP Session ID. 

Apologies if my explanation was not technical enough but this is not exactly my core expertise. All comments are Welcome!

Many Thank indeed!

Search

JWT token identity needs to be preserved across multiple RDP Session IDs

March 3, 2019, 6:59 am
$
0
0

Hi,

One internet website based at JWT stateful utilization for account Login, works well when accessed via the Web. As expected, once you visit the Login URL and logs with username/password, there is no need to repeat Login the next times the same home page URL is visited, unless the token expires (15 days later). However, when the same home page URL is access via RDP, it appears the JWT token is "trapped" inside the RDP Session ID where the Login happened.

  • Every time, the rdp-tcp Session ID randomly selected by Windows is the same ID number where a Login has successfully happened before (via username/password), the website URL home page loads directly and no account credentials are asked again.
  • If the rdp-tcp Session is different, Login credentials need to be used again.

I need the RDP access to perform the same as the Web access, so I am looking to have the JWT token reachable by all subsequent RDP connections, or a way to keep Session IDs at a controlled range (ie: 1-5). As a side note, RDP Session IDs are unpredictable and trend to spiral towards a higher number, so I cannot login to a range of Session IDs as a work-around to the problem, because new RDP attempts to connect keep the RDP Session ID rising all the time, unless the servers is restarted.

Many thanks indeed,


Load Balancing among 5 RDV hosts on Hyper-V | ** Windows 2012R2 ** | Pooled VMs

February 27, 2019, 11:22 pm
$
0
0

Hello Experts,

There are 5 RDV hosts (2012R2) on Hyper-V with pooled VMs configured. These 5 hosts have approx. 100, 100, 200, 200, 200 sizes (number of VMs configured using template). When I checked, Hyper-V has fetched 50, 50, 100, 100, 100 VMs (approx. again) from these RDV hosts respectively. 

So, is load balancing happening normally here ? Does Size of Hosts matter when Hyper-V load balances among hosts ?

I have been checking for some documents/articles from Microsoft in internet but couldn't find an exact article sharing this knowledge !

Please clarify the same and any help providing documents/articles from Microsoft on this topic is much appreciated !

Thanks in advance,

SJNC.

Can we restrict user logins via HTML5 webclient based on IP address and specific user (or group)?

February 27, 2019, 2:33 pm
$
0
0
I have some users that should only login from certain IP addresses but others have free access. We're using RDS HTML5 webclient and the client connections are not from domain joined machines.

Administrative access via RDP and license

February 27, 2019, 7:35 am
$
0
0

Hi,

i have a 2012 r2 RDS server with 15 per-user license.

When an administrative user connect to the server via RDP a license is assigned and scaled from the total.

There is a way to access the server as administrator without use the users license?

Thanks for help,

regards.

Fabio

delegate permission for enable/disable host

February 26, 2019, 5:50 am
$
0
0

I have a typical RDS setup. I have a connection broker and 5 hosts. I manage the system. One of the hosts is just for our dev environment. We are mostly using remoteapp.

I want to delegate permission so our dev users can only enable/disable an RDS host to accept new connect for a particular host.

I don't want to give them the ability to do enable/disable the rest of the production hosts. They will be doing this through the gui or through PowerShell.

thanks!

Viewing all 27650 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>