Quantcast
Channel: Forum Remote Desktop Services (Terminal Services)
Viewing all 27650 articles
Browse latest View live

Remote Desktop fails to connect on Windows 7 for users who have been assigned administrator rights. [The Local Security Authority cannot be contacted]

February 19, 2019, 10:32 am
$
0
0

Everything was working fine until about 2 months ago.

I have a Windows 7 system that I access with Remote Desktop Connection from a Windows 10 system.  One day I found that my user account, which had been given administrator rights quite some time ago, couldn’t log on remotely.  The Windows 7 system was configured for remote access with the setting “Allow connections only from computers running Remote Desktop with Network Level Authentication (more secure)”. When I tried to log on, I got an error stating “The Local Security Authority cannot be contacted”

If I configured Windows 7 to “Allow connections from computers running any version of Remote Desktop (less secure)”, then I could log in but I didn’t want to use this less secure setting.

Doing some experimentation, I found that if I enabled the built-in Administrator account, then the Administrator could log in remotely using “Allow connections only from computers running Remote Desktop with Network Level Authentication (more secure)”.

If I created a new standard user called Test.  I found that Test could also could log in remotely using “Allow connections only from computers running Remote Desktop with Network Level Authentication (more secure)”.

If I promoted Test to an administrator, then Test couldn’t remotely log on.  He got the LSA error.  If I demoted my account to a standard user then I could log in remotely using “Allow connections only from computers running Remote Desktop with Network Level Authentication (more secure)”.

When I promoted my account back to an administrator, the logon failed with the LSA error.

All users have valid passwords that are set to never expire and are members of the Remote Desktop Users group.  The only thing that is changing is whether or not the users have administrative privileges.

Is this a permissions issue, or a behavior change cause by an update to Windows 7?

Mark Wilson

Search

The logon attempt failed when connecting to multiple RDP sessions

March 13, 2019, 8:48 am
$
0
0

Whenever I connect to more than one RDP session that is through a gateway, some of them will not allow me to log on.  I get the error "The logon attempt failed" and that is all.  If I disconnect from some of the other sessions and reboot my computer, I can then connect to the server that was given me said error.

I can also connect to the server giving me said error without closing down other sessions or rebooting by connecting through a Hyper-V virtual machine on my computer. 

None of this makes any sense.  Has anyone else seen this behavior?

James

Mixing server 2012R2 - 2016 - 2019 in RDS deployment

March 15, 2019, 12:12 am
$
0
0

Hello

Is there any "official" word about using different versions of Windows server in an RDS deployment?  Is it supported and if so to what extent ? Can't seem to find a definitive resource about this.

Any pointer most welcome !

Task manager user control prompting for password

March 14, 2019, 2:00 am
$
0
0
Hello, 

I got a problem concerning Windows Server 2019 RDC. No matter how we configure the GPO, we can't connect to users over the Task Manager without the password prompt. Got any ideas how to work around that? Both I and my colleague are Administrators on the network and got all permissions.

I know you can shadow people over the RDC manger tool, but the user we're trying to have assist with insists to doing it over task manager... 

Change date format for RDP sessions

March 12, 2019, 1:19 am
$
0
0

Hi

I want to change the date format for RDP users for just one VM. I have created the policy and did the f5 trick as per this post 

https://theezitguy.wordpress.com/2014/08/07/group-policy-use-regional-settings-to-change-date-format/

but still the date format is correct when i RDP. 

Under scope - security filtering of the GPO i have entered my own username as well as the VM name in question, any idea why the settings isnt taking effect ? 

RemoteApps - is there such a thing as an "approved list" of apps that can leverage this technology?

March 11, 2019, 9:32 am
$
0
0

Hello and thanks for the help.

I'm trying to find a solution for allowing external users on a different domain to securely access TFS from their copy of Visual Studio to check-in/check-out code. 

I'm using a Privileged Access appliance that has a technology that allows folks to start applications remotely like this, but the rep told me they do not think I could use Visual Studio in this kind of manner because it is not on the "approved list" of RemoteApps.

I've been looking for a little while and can't find any sort of list of approved Microsoft RemoteApps.

It's difficult to search for this because it always brings back error-related threads.

Does an approved list of software for RemoteApps exist and if so, where can I find it?


Terminal services licensing in workgroup server 2016

March 11, 2019, 12:35 am
$
0
0
Which license should i purchase for terminal access in server 2016 with workgroup setup. All our users are in workgroup and there is no  domain setup in our company. its a small office and we are accessing the server(around 12 users) via remote desktop(with LAN only). Earlier it was  server 2003(workgroup only) and have 15 userCAL licenses  in it, it was working fine.
recently we purchase this new server with server 2016 and also purchased 10 userCAL licenses. new server is up and running and enabled remote desktop services also, its working fine now(without RDS license. should be in free grace period). Is that my userCal licenses will work with this or do i need to purchase devCAL for this setup?

RD Gateway is temporarily unavailable

March 10, 2019, 12:33 am
$
0
0

++ 2008R2  Environment.

++ Installed Session host role, RDGW role and RD WEB access role on one server 

++ Customer is accessing third part application via RD Gateway.

++ Customer has public certificate XYZ.COM but the internal domain is different i.e. XYZ.local

++ RD Gateway is configured on the SSL certificate name.(XYZ.COM)

++ Customer created the Forward lookup zone within DNS with the name XYZ.COM and created the host records.

++ Customer has published third party applications to access them via RD Gateway instead from RDweb.

++ I checked from DC customer is able to ping the Gateway server and able to access the third party application.

++ But from client machine which are in same Network unable to ping RD Gateway and unable to access third party application along with mstsc.

Error Message:

Your computer can't connect to the remote computer because the Remote Desktop Gateway server is temporarily unavailable. Contact your network administrator for assistance.

Could any one please suggest on the above issue...

Search

Handle Remote Desktop Idle timeout

March 7, 2019, 9:24 pm
$
0
0

Hi, 

We want to use RDP for connecting to remote machine, execute Desktop Application Automation there. The challenge that we face is that on the customer end there are restrictions on idle timeout in RDP session. Once we start executing the automated desktop application and if execution takes longer that than the idle timeout to execute, the remote desktop session ends, and the Desktop Automation fails. Is there a way to handle this?

1. I have tried TSCON, but TSCON unlocks the console session, so it may not be acceptable to customers.

2. I have also tried Java's Robot classes to do some mouse action(https://stackoverflow.com/questions/52874/how-do-you-keep-the-machine-awake) This also works with limited scope. In case the RDP session loses focus, it does not work.

Is it possible to keep the RDP session from disconnecting on Idle Timeout?

Thanks in Advance.

Best,

Sumit

Cumulative Updates breaks RDP since November.

March 11, 2019, 5:04 am
$
0
0

We have an RDS server (2016).  Since November or October, every cumulative update (well until Jan, haven't applied latest yet), breaks RDP. We can connect to the gateway fine, but accessing the RD desktop just fails with a warning about not being able to connect.  If I uninstall the Cumulative update, then all works again.

Event log shows hundreds of Schannel events (A fatal error occurred while creating a TLS client credential. The internal error state is 10013.)  The remote desktop management service fails to start and the server manager shows this issue:

the server pool does not match the rd connection broker that are in it. errors

Any ideas on how to fix?

 

UAC page wont shown to admin to enter credentials

March 14, 2019, 1:26 am
$
0
0
Hi. I configured BitLocker on my host machines. It worked perfectly. But some users forget their password .So I have to reset it using recovery key. When windows open ,now it is time to change pin. I connected to remotely to host using MSRA(remote connection software) and clicked  "Reset a forgotten pin" UAC opens to enter admin credentials. I see nothing only black screen but my host sees that UAC opend and require admin credentials. Could you please tell me how could I see same UAC page that host sees. Without seeing that page I coudnt enter admin and password.It is so urgent please help me to solve this issue.

Black Screen on Windows Server 2016 RDS

March 14, 2019, 2:50 am
$
0
0

Running Windows Server 2016 Remote Desktop Services (session-based desktops).

Multiple session host servers, one DC, all running as VMs under Citrix XenServer 7.1. The servers are fully updated to present time as of 7 March 2019.

Every few days a user reports that after logging in to an RDS session he does not see his desktop but sees a black screen. When this happens, I can see that some users on that same RDS server still have their session working normally, but every user logging in after this also gets this black screen.

There are numerous references to this problem on the internet. It is apparently occuring since Server 2012 and has never been fixed.

Some people recommend to restart the Windows Audio service. Does not help in my case, never does when it happens to me. Other recommendations were to remove Firefox browser from the RDS session host servers. I did that two months ago and it seemed to help for one week but then it came back. I have not found any other recommendation - there seems to be simply no solution, except restarting that RDS session host server, which is a major inconvenience, it throws out the other users which still work, it takes 10 minutes or more to restart that server, and it can only be done manually. Most often it has to be force-restarted on top of it, as the server is totally unresponsive, and then some users may loose their user profile. Then I have to delete that user and recreate his user profile. Major trouble.

In the last few months I have rebuilt all RDS session host servers from scratch - total new installation, all updates, totally clean. It STILL happens. I have that system running since 2 years, and it has been a problem all the time.

When I try to log in to the console of the offending RDSH I can sometimes not even log in . Sometimes it does let me log in but I also get a black screen as local admin user (both Server\Administrator and Domain\Administrator). In this case, I can bring  up TaskManager via Ctrl+Alt+End and run a command prompt. I can restart services this way and execute other commands, but anything relating to the UI does not show up. Screen stays black.

Managed once to get the black screen off by restarting ShellExperienceHost service but then this logged out all users somehow and corrupted some profiles.

The only applications installed on the RDSH servers are Chrome browser, Thunderbird email client, Libre-Office.

From what I can find on the internet this problem occurs since the release of Windows Server 2012. This is seven years ago. I do not know if this happens to everyone, but there seems to be no common denominator from what I can find, it seems to happens on all sorts of environments, pointing to a bug within Windows Server itself.

From what it seems it is related to the new UI system implemented with Windows 8 (and Server 2012) because I can find no reference to this occurring with Server 2008. I have not run RDS on Server 2008 myself so I have no first-hand experience.

Is there ANYTHING I can do about this? It does NOT seem related to my setup which is really rock-bottom basic. Many users are reporting this as a dreaded issue they hope one day will be fixed by Microsoft.

Can it be related to the virtualization software? Anything having experienced that issue on bare-bone installs of RDSH servers? Any difference with Hyper-V VMs?

WHEN IS THIS GOING TO GET FIXED? THIS IS A PROBLEM SINCE 2012 - 7 YEARS!

I feel forced to start researching for non-Microsoft solutions for RDS type solutions because I simply cannot tolerate non-functional software. To the users it looks like it is me as admin who is not doing his job!

Atradius








RDS 2016 - Start Menu freeze

April 4, 2018, 11:47 pm
$
0
0

Hi all,

We're currently experiencing issues at a random interval with regards to freezing start menu's on Server 2016 RDS Hosts.
When the freeze happens we can see the following items in the eventlog: Event ID 5973

Seems to be related on a per user base, as multiple users can connect to the RDS server but only a few of them are experiencing issues.

We are using User Profile Disks and Start Menu redirection. Any thoughts?

"Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: Not enough storage is available to complete this operation. See the Microsoft-Windows-TWinUI/Operational log for additional information."

"Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: The RPC server is unavailable. See the Microsoft-Windows-TWinUI/Operational log for additional information."

"Activation of app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App failed with error: The remote procedure call failed. See the Microsoft-Windows-TWinUI/Operational log for additional information."

Allow users to RDP to a File Server on another domain

March 15, 2019, 5:46 am
$
0
0

Hi All

Quick Question:

Have a file server in Domain A and need users that have been migrated from Domain A to Domain B to RDP back to a file server in Domain A  (No Trust), what the simplest way of doing this ?

Effectively Domain A = Company 1  & Domain B = Company 2

Thanks


RDP issues, remote computers requires network level authentication

January 5, 2016, 1:30 pm
$
0
0

Hi,

First of all, please note this: 

  • Network level authentication IS supported on all machines as per theAbout Remote Desktop Connection. So please don't ask me to check this on the about remote desktop connection window.
  • All clients are set per GPO to use the Remote Setting of the "more secure" option:
  • The problem is on random machines, all windows 7. We only have a few windows 10 machines but no issues found on those so far. 
  • It doesn't matter if the RDP connection is initiated from a windows 7, windows 10 or Windows Server 2012 R2. The problem remains and is exactly the same.
  • The problem exists when attempting to connect RDP from personal home PCs (not managed by company GPOs and MS update schedules) over VPN

So the problem is this, first comes the first message and then the second.

It seems to have started after we deployed some Microsoft server updates, but its very inconsistent, some sites seems worse off then others, but its not all machines at any site. We haven't even done client updates yet.

Again, please don't give me a link to an old post or blog saying that I need to enable network level authentication, as shown by the top screenshot, it is already enabled/supported.

I already spent hours googling this. Please, I want responses from people who have actually had the exact same symptoms and issues or someone who has an idea that I haven't already clearly stated that I've checked above already.

Thank you.

Search

Server 2016 RDS Farm Certificate

March 12, 2019, 2:09 pm
$
0
0

Getting to where I HATE certs.

2 node 2016 RDS farm.  Generated a SAN cert from my MS CA.  It contains common name *.xxx.xxx.  The SAN names are the Farm FQDN and the FQDN of both servers.

Imported this into the Server Manager RDS Deployment Properties successfully.

It WORKED properly after I imported those 2 certs that afternoon, several times.

Then, the next day, the 2nd server (not the first) decided it would use the Self-Signed RDS cert it has rather than the SAN cert assigned the previous day.

So, I have 1 server (which is a Gateway and session host) use the SAN cert, but the 2nd (session host only) uses a self-signed.

WHY?  Any suggestions on how to fix?

Auto logon and run Remote App

March 13, 2019, 11:04 am
$
0
0

I am looking for a way to allow domain users click the .rdp file and it can auto automatically logon the remote desktop server and run remote app with their AD credential. I currently published the remote app and downloaded the remote app .rdp file to the workstation. But it still requires users to type username and password to logon, then the remote app run.

Thanks,

Hanson

Ghost typing the letter G

March 9, 2019, 9:35 am
$
0
0
We have a 2016 standard server to which a few employees connect to for Terminal Services. Only one client using Windows 10 has suddenly developed an odd problem. The letter "g" keeps being printing. It doesn't happen on the computer itself, just in TS. I removed all peripherals thinking maybe there was some signal being transmitted from there, but still happens. Any ideas?

Start menu not coming up, Server 2016 RDS

March 22, 2018, 10:08 am
$
0
0

A few users are experiencing this problem.

 

Event ID: 5973

Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: The remote procedure call failed. See the Microsoft-Windows-TWinUI/Operational log for additional information.

 

And event ID: 1000

Faulting application name: ShellExperienceHost.exe, version: 10.0.14393.2125, time stamp: 0x5a990817
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.14393.2125, time stamp: 0x5a9909e5
Exception code: 0xc000027b
Fault offset: 0x00000000006d710b
Faulting process id: 0x6b78
Faulting application start time: 0x01d3c1fbf1890ced
Faulting application path: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
Report Id: 7c1dae0b-eec7-416c-b5c9-5148b1bc7ba6
Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.14393.2068_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: App

 

When this happens the start menu will not work. This corresponds with me enabling the roaming of C:\Users\user\AppData\Local

 

I'm wondering if there is a folder I should exclude from roaming.

 

If it's not being caused by roaming the local folder then it may be caused by some GPO settings I also changed. I did this because windows search was out of control and consuming too many resources. Unfortunately I cannot disable search completely because of Outlook. My discussion on Outlook and search I had to re enable indexing outlook.

 

Any guidance on this is appreciated.

 

So far the only fix I've come up with is temporary, which is to delete the local profile and on the next login the start menu works. After a day or 2 it stops working again. I haven't totally recreated the user profile and I'm hoping this is not the ultimate fix because that would be a PITA to have to do that for all the users that have this happen.





Can Server 2019 CALs be used from a Server 2016 Terminal Server License Server?

March 15, 2019, 9:05 am
$
0
0

Can I import Server 2019 CALs into an existing Server 2016 Terminal Server License Server?

Or do I have to "upgrade" the 2016 server in order to issue 2019 CALs?

Or do I have to build out a new Server 2019 and install the Terminal Server License Server Role and import 2019 CALs?

Thanks!

Viewing all 27650 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>