My remoteapps are functioning very well, but I am having an issue where switching between remoteapp programs using ALT-TAB, leaves the 'switched to' application in ALT mode.

Normally you would just ALT-TAB and continue entering data into whatever application, but most times when I switch, like to an Excel spreadsheet, it is as if I had just pressed ALT, to access the File menu.

If I hold or process the ALT-TAB motion slowly, all is normal. But with ALT-TABing very frequently, it is most often a very quick keyboard combination.

So it seems like there is latency happening here.

Is this a known bug? Or is there some optimization I could apply to correct this behavior?

↧

Winodws server 2019 unexpected shutdown

May 14, 2019, 4:20 pm

≫ Next: Suddenly Internal Error on RDP and Security Layer Errors in Event Viewer

≪ Previous: Delay with ALT-TAB using remoteapps in 2012

Hello support,

I have a new Windows server 2019 standard installation. It is a Hyper -V host and has a VM for RDS. whenever I reboot the host server it comes up with the Unexpected shutdown Dialog box. I do not see any errors in the event viewer like 6008 or 41.

I appreciate any help or input.

Thanks,

Jamshid

↧

Suddenly Internal Error on RDP and Security Layer Errors in Event Viewer

May 21, 2019, 10:07 am

≫ Next: RDS Servers Events 7011, 7046 - BSOD rdbss.sys

≪ Previous: Winodws server 2019 unexpected shutdown

Just started experiencing this out of the blue today.

Connecting to server 2012 virtual machine with latest RDP program.

RDP users (including me) seem to suddenly be unable to connect to the server intermittently.

Getting the below error messages on several tries. Sometimes it will ask for password and connect normally.

Event viewer shows many instances of:
RemoteDesktopServices-RdpCoreTS
The server security layer detected an error (0x80090308) in the protocol stream and the client (Client IP:XXX.XXX.XXX.XXX) has been disconnected.
EventID 139
User: NETWORK SERVICE
OpCode: ProtocolExchange
Task Category: RemoteFX module

↧

RDS Servers Events 7011, 7046 - BSOD rdbss.sys

March 14, 2019, 3:42 pm

≫ Next: Remote Desktop - No connection but shows logon/logoff

≪ Previous: Suddenly Internal Error on RDP and Security Layer Errors in Event Viewer

Hi All

I have a virtualised (VMWare) RDS 2012R2 environment with 20 Session hosts spread across 6 Dell ESXI Hosts - 2 Sets of different PowerEdge Models. Over the past 4-6 weeks we have started to get multiple event 7011's followed by a 7046.

A timeout (30000 milliseconds) was reached while waiting for a transaction response from the UmRdpService service.

The following service has repeatedly stopped responding to service control requests: Remote Desktop Services UserMode Port Redirector

At this point some existing connected users cant sign out and applications start to crash including explorer.exe. Trying to shutdown via the GUI just hangs and the only way to get the server back is to reset the power using vSphere console.

Applications on the Session Hosts are mainly MS Office 2016, Acrobat Reader, 7Zip and Webroot AV. Windows OS and applications are fully patched and up to date and Dell Firmware and drivers are fully up to date.

Users connect in via RemoteApp and local drives and printers are redirected into their sessions.

The weird thing is, like clockwork the crashes happen at the end of each day usually between 16:00 - 18:00 - To me its like a degradation symptom or perhaps its the actions of users disconnecting or logging off their session - Its affecting a couple of servers each day.

On top of this, it appears 7011, 7046 results in a BSOD. I have grabbed the Memory.dmp file and opened it with WinDbg.

Im now trying to figure out the dmp - uploaded to PasteBin here (happy to paste dmp here but didnt want to "dump" to much information in the post)

What stands out to me is rdbss.sys

Probably caused by : rdbss.sys ( rdbss!__RxAcquireFcb+1f3 )

IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: 0000000000000000, memory referenced
Arg2: 0000000000000002, IRQL
Arg3: 0000000000000000, bitfield :
bit 0 : value 0 = read operation, 1 = write operation
bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status)
Arg4: fffff80179d3ba44, address which referenced memory

BUCKET_ID: AV_rdbss!__RxAcquireFcb

PRIMARY_PROBLEM_CLASS: AV_rdbss!__RxAcquireFcb

My rdbss.sys version - 6.3.9600.18895

Can anyone help to try and decipher the above and suggest next/best cause of action?

Many thanks :)

↧

Remote Desktop - No connection but shows logon/logoff

May 23, 2019, 9:08 am

≫ Next: about Windows Server 2012 Remote Desktop Services(RDS）licenses

≪ Previous: RDS Servers Events 7011, 7046 - BSOD rdbss.sys

On a Windows Server 2008 R2 virtual server with RDWeb that's open externally (port 3389), a client is able to login to the RDWeb page but unable to connect when opening the remote application.

I've not found any common events that show up in Event Viewer, but the Security logs show that the user logs on and back off a couple of times in a row. The typical events if I were to attempt a login from the client computer were ordered as:

An account was successfully logged on.

Subject:
	Security ID:		NULL SID
	Account Name:		-
	Account Domain:		-
	Logon ID:		0x0

Logon Type:			3

New Logon:
	Security ID:		MYDOMAIN\MYUSERNAME
	Account Name:		MYUSERNAME
	Account Domain:		MYDOMAIN
	Logon ID:		0x6bcec6fd
	Logon GUID:		{00000000-0000-0000-0000-000000000000}

Process Information:
	Process ID:		0x0
	Process Name:		-

Network Information:
	Workstation Name:	CLIENTHOSTNAME
	Source Network Address:	CLIENTIP
	Source Port:		CLIENTPORT

Detailed Authentication Information:
	Logon Process:		NtLmSsp 
	Authentication Package:	NTLM
	Transited Services:	-
	Package Name (NTLM only):	NTLM V2
	Key Length:		128

An account was logged off.

Subject:
	Security ID:		MYDOMAIN\MYUSERNAME
	Account Name:		MYUSERNAME
	Account Domain:		MYDOMAIN
	Logon ID:		0x6bcec6fd

Logon Type:			3

A logon was attempted using explicit credentials.

Subject:
	Security ID:		NETWORK SERVICE
	Account Name:		TS-HOSTNAME$
	Account Domain:		MYDOMAIN
	Logon ID:		0x3e4
	Logon GUID:		{00000000-0000-0000-0000-000000000000}

Account Whose Credentials Were Used:
	Account Name:		MYUSERNAME
	Account Domain:		MYDOMAIN
	Logon GUID:		{db9597b1-8344-293c-7b99-fff6762c912f}

Target Server:
	Target Server Name:	localhost
	Additional Information:	localhost

Process Information:
	Process ID:		0x26f0
	Process Name:		C:\Windows\System32\inetsrv\w3wp.exe

Network Information:
	Network Address:	-
	Port:			-

An account was successfully logged on.

Subject:
	Security ID:		NETWORK SERVICE
	Account Name:		TS-HOSTNAME$
	Account Domain:		MYDOMAIN
	Logon ID:		0x3e4

Logon Type:			3

New Logon:
	Security ID:		MYDOMAIN\MYUSERNAME
	Account Name:		MYUSERNAME
	Account Domain:		MYDOMAIN
	Logon ID:		0x6bced09d
	Logon GUID:		{db9597b1-8344-293c-7b99-fff6762c912f}

Process Information:
	Process ID:		0x26f0
	Process Name:		C:\Windows\System32\inetsrv\w3wp.exe

Network Information:
	Workstation Name:	TS-HOSTNAME
	Source Network Address:	-
	Source Port:		-

Detailed Authentication Information:
	Logon Process:		Authz   
	Authentication Package:	Kerberos
	Transited Services:	-
	Package Name (NTLM only):	-
	Key Length:		0

An account was logged off.

Subject:
	Security ID:		MYDOMAIN\MYUSERNAME
	Account Name:		MYUSERNAME
	Account Domain:		MYDOMAIN
	Logon ID:		0x6bced09d

Logon Type:			3

I'm not sure if these events help, but any ideas on this would be greatly appreciated. We had a similar issue two weeks ago where every user that tried to connect would time out with similar security events, and the workaround for that was to just try 3+ times and it would eventually let you connect. We never really fixed it, but it just kind of went away and this is the closest thing I've heard since.

Thank you

↧

about Windows Server 2012 Remote Desktop Services(RDS）licenses

May 21, 2019, 8:04 pm

≫ Next: Redirected printers do not appear on 2008 R2 RDS

≪ Previous: Remote Desktop - No connection but shows logon/logoff

If I rds release office(word, excel,ppt), It's a license or By number of users

↧

Redirected printers do not appear on 2008 R2 RDS

May 22, 2019, 6:27 am

≫ Next: RDP - connecting to server as 'local' administrator

≪ Previous: about Windows Server 2012 Remote Desktop Services(RDS）licenses

Since today we have a issue with our 2008 R2 RDP server

local printers from desktops are no longer forwarded to the RDS (before today all was working fine)

I cannot find any related errors in eventvwr and the settings havent changed.

Ive tried a few google solutions but unfortunately none worked. Hopefully you guys can help.

Done:

Print spooler restart
Checked printer redirection in configuration program for RDS
Checked local RDP settings
Verified rights to system32/spool
Tried different workstations. All seem to have the issue
Add a regkey under HCU\Software\Microsoft\Terminal Server Client\Default\AddIns\RDPDR (FilterQueueType FFFFFF)

Any suggestions?

Preferably without rebooting the server. That would really disturb the workflow.

↧

RDP - connecting to server as 'local' administrator

May 19, 2019, 3:38 pm

≫ Next: Limit Redirect Printers

≪ Previous: Redirected printers do not appear on 2008 R2 RDS

Hi there,

is there a way to connect via rdp to a server as a local admin?
The program I use always detects that I am in a ts session (using the administrator account) and does not give me full access. Is there a way to hide the information and pretend to be logged in to the physical machine as administrator?

I tried mstsc /admin and username ./administrator but both are not working

Thanks

↧

Limit Redirect Printers

May 19, 2019, 2:15 pm

≫ Next: "no license servers were available" issue on Windows Server 2008 R2 on AWS

≪ Previous: RDP - connecting to server as 'local' administrator

Hey everyone we have a very secure network designed off of NIST 800-171 requirements and we have an RDS environment from a less secure environment to a more secure environment. On the less secure environment we have printers pretty much everywhere around the world. In the secure environment we only want printing to be done to printers that we have vetted and approved for PIN to Print. The RDS environment is hosted inside the secure environment. We know we can allow passthrough for printers for RDS but we want to limit it to printers that we say are OK and have vetted. Is this possible with RDS that anyone might know? We are using RDS on 2016.

Thanks!

↧

"no license servers were available" issue on Windows Server 2008 R2 on AWS

May 20, 2019, 9:28 am

≫ Next: Remote app redirected printer stops working then log off hangs forever

≪ Previous: Limit Redirect Printers

I've tried using

mstsc /admin

with no luck. Any other ideas how to log in to my VM to install (or disable) RDP licenses?

Thanks,

Matt

↧

Remote app redirected printer stops working then log off hangs forever

May 21, 2019, 9:47 am

≫ Next: What RDS licenses do I need and WHERE do I need to put them?

≪ Previous: "no license servers were available" issue on Windows Server 2008 R2 on AWS

Anyone know know where to start looking for a solution to our Remoteapp issue? Redirected printers will stop printing then when the user tries to log off and reconnect it will show a message that says "Signing out" indefinitely or a black screen. We are using windows 10 Clients connecting to Windows 2012 R2 Remote app servers. This happens to multiple Remote App servers we have. Any suggestions would be great!

↧

What RDS licenses do I need and WHERE do I need to put them?

May 15, 2019, 6:46 am

≫ Next: Adding another icon/ rdp shortcut to the RDWEB Page

≪ Previous: Remote app redirected printer stops working then log off hangs forever

I'm building a new server... [Host Server] (Windows Server 2019 Standard)

The new HOST Server will have 4 VM's

1) [PDC/DC1] - Domain Controller - Windows Server 2019 Standard

2) [Exchange] - MS Exchange Server - Windows Server 2019 Standard / Exchange 2019

3) [Apps] - Apps Server - Windows Server 2019 Standard

4) [Workstation] - Windows 10 Professional

As an Admin, I will be RDP'ing directly to: [Host Server] - [PDC/DC1] - [Exchange] - [Apps] servers for maintenance.

Connections:

1) As an admin, I will be RDP'ing directly to: [Host Server] - [PDC/DC1] - [Exchange] - [Apps] servers for maintenance.

2) A handfull of users (1 at a time) will RDP directly to [Workstation - Windows 10 Pro] for various tasks.

I believe that I need RDS licenses to accomplish this. What I don't know is where do I need to install them to? Do I:

A) Install all of them to the host server?

B) Install 1 on each of the VM's [Host Server] - [PDC/DC1] - [Exchange] - [Apps] - [Workstation Windows 10 Pro]

Thanks!

↧

Adding another icon/ rdp shortcut to the RDWEB Page

May 7, 2019, 5:13 am

≫ Next: RD Gateway Configuration Failed - Error 2147749890

≪ Previous: What RDS licenses do I need and WHERE do I need to put them?

Hi,

I have set up a Windows Server 2016 RDS environment which is as follows:

1 RD Gateway Server (RDGW1)

1 RD Web Server (RDWeb1)

5 RD Session Hosts (RDS1 to 5)

1 RD Broker (RDBroker1) - also does licensing.

gateway url is: gateway.domain.com which points internally and externally to the RDGW1 server.

The RD gateway and RD Web servers are in the DMZ.

We now want to implement Azure MFA using the NPS Extension as described here: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-nps-extension-rdg

To minimize impact, I set up another Gateway server in the DMZ called RDGW2, along with an NPS server in the LAN (NPS1). Following the documentation linked to above, I was able to successfully set this up.

To test, I have downloaded the RDP icon from the RDWeb page and edited it to direct via RDGW2 rather than RDGW1. I also created an External DNS entry for gateway2.domain.com pointing to the WAN IP for RDGW2. This works fine from outside of the network and I get MFA prompts and can see connections going through RDGW2.

I now need to publish 2 RDP shortcuts. One would be using the old non MFA gateway (RDGW1) - this is already there. The second would be the edited RDP Shortcut that uses the new MFA configured Gateway (RDGW2).

Is there any way I can publish the second RDP icon? Perhaps by editing the relevant web page or locating where the original icon is located? Publishing via RemoteApp is not an option. The reason for having both is to provide a transition environment and possible future DR environment (in case there are issues with Azure).

Thanks,

↧

RD Gateway Configuration Failed - Error 2147749890

February 7, 2018, 8:55 am

≫ Next: Per User RDS licensing on Windows Sever 2016 in Workgroup environment

≪ Previous: Adding another icon/ rdp shortcut to the RDWEB Page

Hi, I've tried everything I could possibly think of (full server wipe is not an option), I've reinstalled the role and everything but everytime I goto complete the setup it says:" RD Gateway Configuration Failed on (servername) With Error: Unable to configure the RD Gateway server: (servername) The error is 2147749890.". I've looked around I've enabled event log auditing and no errors other than that one, this has been an issue for weeks any help would be super thanks!

↧

Per User RDS licensing on Windows Sever 2016 in Workgroup environment

May 8, 2019, 3:30 am

≫ Next: Cannot RDP from domain-machine to Workgroup Win2K12

≪ Previous: RD Gateway Configuration Failed - Error 2147749890

Hello to All!

We have a problem with RDS feature on 2016 Server.

Server was deployed with no CALs installed and worked some time in a trial mode. Then owners of this server bought 30 Per User licenses trough SPLA programm and I was asked to activate and install licenses in it.

Before I connect to server I saw that owners are now in procces of deleting grace period registry entry (because grace period has ended and they was in big hurry to make it work again).

After all this and mine (standart activation and installing licenses proccess) manipulations server now did not want to see legal licenses and continuing working in trial mode (grace period still ticking). Last manipulations was to delete grace registry again and reboot the sever (I found similar situation https://www.360ict.nl/blog/no-remote-desktop-licence-server-availible-on-rd-session-host-server-2012/) but it did not helped and now grace period start ticking from beginnig (120 days).

I found info that 2016 server is still can issue Per User CALs to local users in Workgroup environment and made all manipulations with local group policies https://digitalbamboo.wordpress.com/2017/04/05/deploy-remote-desktop-services-in-a-workgroup-easily/ and other stuff and now in diagnostics there have no warning and all green.

Maybe some one faced similar problem or have any suggestions I would be very graceful. I'm desperate already.

↧

Cannot RDP from domain-machine to Workgroup Win2K12

May 14, 2019, 8:30 am

≫ Next: 2016 RDS issue - Single user | Windows cannot find local profile.

≪ Previous: Per User RDS licensing on Windows Sever 2016 in Workgroup environment

Hi,

as suggested on my previous topic (https://social.technet.microsoft.com/Forums/windowsserver/en-US/b1b0cc9e-461f-4bb3-b497-ef139093f195/cannot-rdp-from-domainmachine-to-workgroup-win2k12?forum=winserver8gen), I'm here to ask about my problem in a more dedicated forum.

My computer is part of a domain. I want to RDP on a server hosted in datacenter (Win2K12, part of workgroup, standalone server). When I try to connect, I enter the remote server administrator credentials and I have the error message (translated from french) :

"Your system administrator is refusing connection to this remote computer. Contact your system administrator or technical support for assistance".

- All domain joined computer can RDP on the domain but they can't RDP this remote server.

- A non-domain-joined computer in my LAN is able to connect to the remote server.

- My user is member of "Domain User" & "RemoteDesktop User".

What's wrong ?

Thanks for help.

Vincent

↧

2016 RDS issue - Single user | Windows cannot find local profile.

May 8, 2019, 10:00 am

≫ Next: New to RDS with RDP

≪ Previous: Cannot RDP from domain-machine to Workgroup Win2K12

Hello,

I'm receiving a few errors with my RDS 2016 build. Randomly a user, upon logging in will be given a temporary profile. I do the normal remediation steps by deleting the temp profile in the registry and Advance User options, the server is rebooted and they can log in fine. But after a while the error comes back again. All other users can remote in fine with no issues, it only effects one user at a time. A few errors I see....

1. Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.

The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user (xxxxxxxxxxxxxxxxxx) SID (S-1-5-21-3444666529-4500789-23435591xx-xxxxx) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

The RDS server shows this error

3. Remote Desktop Services could not apply a user desktop for a user account with a SID of S-1-5-21-3444666529-4500789-23435591xx-xxxxx. A temporary profile was enforced for the user. Verify that the user profile disk settings are correct. The error code is 0x15.135

4. Remote Desktop Services could not attach a user profile disk for a user account with a SID of S-1-5-21-3444666529-4500789-23435591xx-xxxxx. The error code is 0x15.135

Thanks.

Please assist,

Seneb

↧

Latest Images