Good Morning,

Hoping to get some insight on troubleshooting this.

I have a brand new single instance Windows 2016 Standard Remote Application and Desktop Server.

The server hosts the following roles;

Gateway
Licensing
Connection Broker
Web Access

The server is protected via a public CA Cert and works as far as being a Gateway, and Web Access is concerned.  Users can connect thru it to other servers via gateway and can open and launch applications via the Web page.

When users try the add the URL https://servername/RDWeb/Feed/Webfeed.aspx  in the RADC applet in control panel,  they receive an error that they are using Incorrect Credentials.  When they type in their credentials in either DomainName\username or username@domainname format it errors out and they need to try again or cancel.

I have looked in the event log in the server and while I can see the transactions happening in the IIS logs,  the end user never is allowed to log in or receives apps.

Could use some insights here?

If I type the URL correctly in a web browser,  I receive a login prompt which once submitted provides me what appears to be an encrypted token.

I have a Windows Server 2008R2 server that i installed Remote Desktop Services on many years ago.  It only has two role services installed.  

Remote Desktop Server.  It is as basic a configuration RDS can be.  It only has Remote Desktop Session Host and Remote Desktop Licensing Server installed.  Nothing else.  And all i do is create local users, put them in the Remote Desktop Users group and i let them remote to this server using "Remote Desktop Connection" in Windows 7/10.

How do i replicate this environment as closely as possible in Windows 2012R2/2016/2019?  I see that those versions introduced a bunch of new features and role services, all of which look like stuff I DONT NEED. :) I dont need a connection broker or a web server!  None of that. I just want what i already have today and nothing more.  Is that possible?

Has anyone written a guide for building a bare bones RDS server on the newer OS that doesnt have all this new stuff?

Single RDS gateway 2016.  Both RDweb and RDC point to same Gateway. We have NPS extention configured. 

When we login on to RDweb we get the MFA prompt from Ms Auth

When we log on to the same GW via RDC the logon never gets to NPS for MFA. 

I am trying to ID the issue. RDweb is aware and looks to the NPS CAP store. But RDC seem oblivious. How do these two authenticate differently? Any ideas on how to troubleshoot to ID and resolve? 

I have even remove NPS completely and rebuilt but same issue. So I am convinced the issue is w. RDC/RDGW and not the NPS/MFA side of things. 

Thanks,

SJMP

we are facing RDS licensing issue in windows server 2012 R2 Datacenter evolution. 

Error : RD Licensing Manager : the license code is not recognized .ensure that you have enter thr correct code  

Hello,

Is there any documented approach to minimize the number of running VDIs?

I'd like to :

1. Schedule starting the machines early in the morning.
2. Schedule shutting down the machine after working hours.
3. Allow the users to start their machine without admin support.

1 and 2 are easy, my concern is with 3. or any other recommended approach.

Thanks

Hi,

We have two AD forests and I'm moving users from one domain to another. Domain A have 100 users and two terminal servers 2012 r2 (TSSRVR1 is session host, connection broker, RD web, license server and TSSRVR2 is session host only). I have migrated all users to new Domain B using ADMT, so they keep the same passwords. Now I am really confused what is the best way to move terminal servers to new domain, should I just disjoin and join to new domain or should I use ADMT to migrate them? what is the good working approach?

I did try to test migrating them in my lab using ADMT and when I open TSSRVR1 I get error following servers (TSSRVR1.DomainA, TSSRVR2.DomainA) are not part of deployment and add them into server pool. Which means rds deployment still searching for servers on old domain, I added TS servers from new domain using Add Servers but no luck.

Before I do migration in production, I really need to know if disjoin and re-join is better than ADMT? If I go with this approach what are steps involved to make TS servers functional again?

There are no profiles to migrate or to worry about, they will have new profiles from Domain B because they only use one published app on terminal servers.

Thank you and your expert help will be highly appreciated.

Hi All

This is a request for pearls of wisdom from anyone who has migrated a Windows 2012 TS RDS environment from internally hosted, dedicated infrastructure to a shared cloud in a datacentre.

We have bravely made the leap but are now experiencing VHD disconnect/unavailable issues as well as severe lag for all users. These issues happen regularly during the least active hours so we suspect it is to do with jobs running in the background. Since everything was working fine before the migration it seems likely these issues are occurring at layer 4 or below.

Without going into too much detail, has anybody experienced this type of behaviour from an RDS migration before?

Thanks

Roley

Hi all, our Windows 2012R2 RDS system was just handed over to me to support. With little knowledge I was tasked with setting up the following and am wondering if this even possible.

Task: Set up a Windows7 32bit session host so that some very old software can be loaded on it and it would be accessed by only one person. The user is working remotely and can only get to an internet accessible RDS gateway that would provide access to the Windows 7 Session Host inside our network.

The windows7 Hyper-V virtual machine was created and then I get on our Windows 2012R2 server where RDS is managed and I open up Server Manager and add the new Windows7 PC. The Server Manager shows a Manageability status of "Online - Cannot manage a client-based operating system'.

Can I still add this Windows 7 vm as a Session Host in RDS? Is Windows 7 even a supported operating system to function as an RDS Session Host? Can I create a session collection such that the win7 session host will be used for Remote Desktop sessions?

Any feedback will help me understand RDS better and would be much appreciated.

Dear concern,

I am using 200 RDS Device CALs. I am using 2 RDS server in workgroup environment. I installed RDS host and licensing role in my one server and installed 200 RDS CALs in this server. Also installed RDS host role in another server and map of the first one server as it's licensing server via local policy. Users randomly connect to these two server via Remote Desktop. Licensing server shown the 200 device CAL in console but when user connect to RDS server via thin client (non Microsoft endpoint) they can establish connection only for one hour and got a warning message"There is a problem with your license for Remote Desktop and the session will end in 60 minutes. Contact your system administrator to resolve this issue"then user forcibly disconnected. I had seen two things that RDS server didn't assign temporary license for thin client user and RDS license not count down, it fixed on 200.

Please response me ASAP.

Thanks,

Babu

Babu

I'm having problems with one Username, I get this error in Event Viewer:

Windows could not load your roaming profile and is attempting to log you on with your local profile. Changes to the profile will not be copied to the server when you log off. Windows could not load your profile because a server copy of the profile folder already exists that does not have the correct security. Either the current user or the Administrators group must be the owner of the folder.

1. The profile path exists: \\ts-srv\Profiles$\Username

2. The folder Username.V2 exists too.

3. The user has Full access Username folder.

What I did once is gave full rigths to Administrators for the Username.V2 folder, I wanted to see something and I did not have access so I've change the permission.

How to fix this issue ?

Thank you.

Dear Microsoft,

We are getting error on rdp services and in task bar users there are User4 Disconnected cant log off.

The task you are trying to do can't be completed because remote desktop services is currently busy. Please try again in a few minutes. Other users should still be able to log on.

Please help on this support.

Hello everybody,

We got a problem in our company about strategy group to mount printers for users in RDS 2012 R2.

We need to set printers for user. We use Security Group for this. The user belongs to a security group, and in the strategy group, we configure a printer for a security group (with common targeting).

So we add a user to a group like that he gets printers. The user log in to the RDS, and he sees the good printers.

The problem is, when we remove the user from the security group, printers stay in the session.

In the RDS, we use roaming profile, and I think the problem come from here. When we delete the profile on the file server, to get a new one, the user does not have anymore the printer.

I also tried to create a GPO to delete all shared printers in order 1, before to mount the printers. This is working the first time, but after this, when you add the user to a group, and remove him again, he also sees the printer.

It's a big problem, because a user which doesn't belong anymore to a security group, can use the printer.

Please, could you help me to solve this problem ?

Thanks by advance

Hello!

We have two Connection Broker servers using DNS round robin. Yesterday i saw that our RD host servers have alot of Audit Failure events (4625) in the Security log.

It looks like our CB servers are trying to logon with it's computer account to the RD Host. This happend multiple times per day and when it does it's looks like it's spamming login attempts, up to 10 times per second. Please take a look at the following look example:

Any suggestions?

Kind Regards,

Anthon

Hi All

We are encountering a rather strange issue on a few of our VMs. We are running a Hyper-V environment on 30 physical hosts. The hosts are made up of 4 different models, from 2 different manufacturers (Dell and Cisco). All our VMs are Server 2008 R2, 2012 R2 or 2016. They are either Enterprise or Datacentre edition and full desktop installs, nothing running core edition. We run Symantec Endpoint Protection on all physical and virtual servers.

The issues we are having seem to manifest themselves in 2 main ways, although both seem to be connected. The first thing we notice is issues with resource redirection. We run an RDS environment for clients. With some of the VMs, the clients are unable to see their locally connected printers. On some of these machines, restarting the spooler seems to sort this. On the rest, a full server reboot is required. Following the reboot, it seems to work fine for that day, then it drops off again requiring another reboot. No errors or warnings in the event logs. It just doesn’t seem to work. We tested the drive redirection, and this also seems to drop off when the printers fail to connect. However, if the printers failing to work is fixed by the restarting of the spooler alone, the drive redirection is not affected and always stays working. This seems to happen on all 3 releases of Windows Server. It happens on different physical hosts from different manufacturers and ranging from 4-year-old hosts to 2-month-old hosts.

The other issues we have noticed is in the Server Manager. When you select the All Servers tab, you get a box in the middle showing the list of the servers that are online or offline, and deeper details if its online but cannot talk. Some servers seem to show up as “Online – Cannot get role and feature data”. These servers we cannot manage properly remotely or indeed locally for things such as RDS Broker that requires the Server Manager. We are unable to change any of the roles or features, to remove or add new ones. We are unable to install or uninstall any applications or Windows Updates. We are also unable to access Disk Management, the VDS being unavailable. We reboot the affected server and that will bring it back online, but the issue will come back, it may be an hour, or it may be a few days.

I have taken copies of VMs that are struggling and removed the AV, and removed all updates installed in the last month. The issue persisted. What is interesting, I took another copy of the same VM and popped it into an isolated network (Private Network) and it didn’t seem to be affected by the issue. I am running this test again and will update this with the results to confirm, but that does seem to be hugely out of the pattern, purely by isolating it. Now this may be due to another VM causing issues, or a lack of WAN access but I am pretty much out of ideas. I have tried as many iterations of this as I can think of, removed and tried various versions of it. I cannot see what is causing this. It seemed to start badly 3-4 weeks ago. It is not affecting all servers, and it is affecting different clients with their environments ranging from Workgroups to Domains, each client having their own space on the hosts. However, the network is one large subnet, so it is possible that something is passing across the LAN. As I say, I have tried everything that I normally would and done lots of digging online and found nothing.

Many Thanks

James

Hello,

On my remote desktop server, I have an app that my users can access on their computers as a remote apps. I have a user that have dual monitor on his computer and he cannot move the app from his main monitor to the second one.

Any help from you would be appreciated.

Thanks in advance.

P Jacques

Hello

Can a Windows Server 2012 (R2) sessionhost be added to a Windows Server 2019 Gateway, and is this supported?

The Microsoft documentation has not yet been updated for Server 2019.
(https://docs.microsoft.com/en-us/windows-server/remote/remote-desktop-services/rds-supported-config)

I would like to migrate existing SH's to a newer Gateway to make use of a broader set of security ciphers.

Kind Regards

D.

Hi guys,

On a random base (daily, weekly) we're experiencing major log-in problems on our Windows Server 2012 R2 Remote Desktop Services farm. The VM's are hosted on Hyper-V 2008 hosts and we're not using Citrix techniques etc.

Users are reporting that they cannot log-in, the log-in sessions hangs with a blank screen when loading their user profile (e.g. Please Wait For The User Profile Service).

In the System event log of the server on which the user is logging on the following errors are shown:

Source:        Service Control Manager 
Date:          23-12-2014 7:28:01
Event ID:      7011 
Task Category: None 
Level:         Error
Keywords:      Classic
User:          N/A 
Description: 

A timeout (30000 milliseconds) was reached while waiting for a transaction response from the UmRdpService service.

…and after 30 (or sometimes 60) seconds, the same error only another service (in random order):

A timeout (30000 milliseconds) was reached while waiting for a transaction response from the UmRdpService service.

…and after exactly 30 seconds, the same error only another service:

A timeout (30000 milliseconds) was reached while waiting for a transaction response from the UxmSms service.

etcetera, with the following errors:

A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioEndPointBuilder service.

A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WPDBusEnum service.

A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NlaSvc service.

The Portable Device Enumerator Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TrkWks service.

A timeout (30000 milliseconds) was reached while waiting for a transaction response from the UmRdpService service.

These errors are logged continuously.

An administrator cannot solve this since he isn't able to login in as well (console or remotely), only a hard reset of the VM is possible to use the affected server again.

I took different steps to solve this problem without any success, like:

- Installing the latest Windows updates
- Removed unnecessary printer drivers, print monitors and print processors (no local printers/drivers are installed, only Remote Desktop Easy Printer driver is used)
- Searched different forum posts, but found only hotfixes for Windows Server 2008 R2.

Can someone please help me with this annoying problem?

Many thanks!!

EDIT:
Of course is increasing the time-out not really an option here... http://social.technet.microsoft.com/wiki/contents/articles/13765.event-id-7011-service-timeout.aspx

I searched everywhere and i cant find an answer. I tried enabled fips, it worked but the remoteapps failed to launch and crashes.

I tried setting the rdp security layer and that didnt help, the rdm still failed to start.

The only thing that work is enabled tls 1.0 which we need to disabled.

Any ideas. Thank you