Quantcast
Channel: Fórum Remote Desktop Services (Terminal Services)
Viewing all 26837 articles
Browse latest View live

Event ID 56 - TermDD - The Terminal Server security layer detected an error in the protocol stream and has disconnected the client

February 4, 2016, 3:30 am
$
0
0


Yesterday a customer complain about he couldn´t connect using MSTSC client to a Win2008R2 hosted on Amazon AWS/EC2

The error was on event log, but only one time, but the user says that he tried more than 5 times, allways with the same error message and the TS logs shows all retries of the user, but only one Event ID 56 was in the event log. There are several Event IDs 1149 (Remote Desktop Services: User authentication succeeded) in the log showing his attemps (more thant 9), but only one event ID 56 in the event logs,  all Event IDs 1149 showing login OK and for several hours it was working and suddenly stops, after the Event ID 56

We had this problem in the past (event ID 56), and was related to the traffic it was flowing through a (very very busy) fortigate appliance and after removing the fortigate the problem never happened again. IN this case, there was a fortigate also, but only making traffic flow through a VPN, not the same thing and during the diagnostic, two new information: There was a change in fortigate changing cluster mode from A-A to A-P AND the user tried also to connect from a Amazon Workspace (VDI) inside the Amazon Network and the problem ocurred again, even fortigate having (apparently) nothing to do with the matter.

I could connect with no problem through the fortigate VPN from a remote network using my domain user and the local useranme the user was trying to use it was a local user, in a disconnected state running several LOB APP services (don´t laugh) and i couldn´t disconnect/logoff the user, nor reboot the server.

This error is new to me. In the past we had several TermDD Event ID 56 errors, but it´s the first time i see this specific error:


>\temp\err\err.exe C000020D --> FIRST TIME, after the fortigate change 
# for hex 0xc000020d / decimal -1073741299 :
  STATUS_CONNECTION_RESET                                       ntstatus.h
# The transport connection has been reset.
# 1 matches found for "C000020D"

>\temp\err\err.exe C0000184 --> 2 or 3 times in the last 4 months
# for hex 0xc0000184 / decimal -1073741436 :
  STATUS_INVALID_DEVICE_STATE                                   ntstatus.h
# The device is not in a valid state to perform this request.
# 1 matches found for "C0000184"

>\temp\err\err.exe C000005E --> 2 or 3 times in the last 4 months
# for hex 0xc000005e / decimal -1073741730 :
  STATUS_NO_LOGON_SERVERS                                       ntstatus.h
# There are currently no logon servers available to service
# the logon request.
# 1 matches found for "C000005E"

>\temp\err\err.exe C00A0032 --> 2 or 3 times in the last 4 months
# for hex 0xc00a0032 / decimal -1073086414 :
  STATUS_RDP_PROTOCOL_ERROR                                     ntstatus.h
# The RDP protocol component %2 detected an error in the
# protocol stream and has disconnected the client.
# 1 matches found for "C00A0032"

>\temp\err\err.exe C00000DC --> 2 or 3 times in the last 4 months
# for hex 0xc00000dc / decimal -1073741604 :
  STATUS_INVALID_SERVER_STATE                                   ntstatus.h
# Indicates the Sam Server was in the wrong state to perform
# the desired operation.
# 1 matches found for "C00000DC"

The source for the err application was taken from: https://blogs.technet.microsoft.com/askperf/2010/03/24/the-curious-case-of-event-id-56-with-source-termdd/

Why does the EventID 56 shows only once, but the user reported several attempts of the error?

Maybe the network really is a problem?

Search

RDS 2012 remoteapp sessions, HKCU/Control Panel/Colors

February 1, 2016, 3:10 pm
$
0
0

I am in a test environment with a 2012r2 session host and with a 2012R2 gateway.  We published an application that currently requires us to modify the registry, specifically the 'InactiveTitleText' value in HKCU\control panel\colors.  In a remote desktop session, the registry change works fine, and the app displays as expected. However, once we are in a remoteapp session directly to the app, it will overwrite our registry value('InactiveTitleText') back to the default value of ' 0 0 0'.

Is there a different location for this value in the registry for a remoteapp session? How can I get this value set to a specific value within a remoteapp session besides the default value of '0 0 0'? Or is there no workaround for this? Settings in RDS I'm missing maybe?


Print PDF file from winform client installed on RDC or VDI using local printer (TS Easy Print)

February 2, 2016, 2:04 am
$
0
0

Dears,

I'm working on a legacy application using winform (.net 4.0 & c#).

The client application is installed on a machine accessible only via RDC or VDI. The OS is Windows 7 or higher.

The client application must be able to print PDF files from that machine to the local printer (local or network) installed on the client machine. This means that the printer selected via RDC is a redirected printer using the TS easy print drivers. Those drivers don't allow the usage of RAW printing.

The printing method used before were:

- Copy of the files directly on the UNC of the printer (\\printername\dc)

- Usage of ImportDll and calls to OpenPrinter, StartDocPrinter, WritePrinter, ....

Both of those solutions don't work anymore because:

- The network printers are not on the same domain anymore and therefore not accessible directly from the RDC.

- The WritePrinter method don't work anymore since the easy print drivers don't understand RAW printing.

So, here comes my question. How can I print on those printer? Do I have to create an EMF file for the printing? If yes, how can I use my PDF file and create an EMF file containing the information? Is there other solutions (modifying the group policy is not an option since we don't want to install the drivers of the different clients that will connect)?

In last resort, the usage of a library could be foreseen but a long discussion with the management will be necessary (so I hope other solutions exists). Is there some third party library that you could advice?

Also, I tried printing in that environment using PrintDocument.Print(). That is working as expected but with that solution the problem is to convert the pdf to a drawable format (one image per page or other ...).

Thanks in advance,

Benoit Delfosse
Senior .Net Developer/Architect


What RDS CAL-s I need for Windows Server 2012 R2 Foundation?

February 4, 2016, 12:11 am
$
0
0

I have licensing problem:

Till now we used Windows 2003 servers.

I have a fresh OEM Windows 2012 R2 Foundation that contains:

  • 15 user accesses for file server operations (It is absolutely enough for me to use simple database operations using WorkGroup in our local LAN)
  •   2 administrator RDS licences (probably for administration purposes only)

I need some more RDS accesses for users located in other cities (4-5 acceses).

My question is: What exact kind of CAL licence I need, that is suitable for this situation?
  Unfortunately the our local HotLine Sevice of Microsoft looks to be not informed enough to give correct and satisfying information for me...
   Some of my friends says that normal W12 RDS user CAL is not good for me (price about 30-32 €/licence), but I need a special RDS OLP user CAL which is more expensive (something about 130-140€/licence).
Is it trough?

Can anyone help me??

Jozef



install Windows Server 2012 RDS CALs - 10

April 30, 2014, 5:12 pm

Can't run remoteapp

January 19, 2016, 6:37 am
$
0
0
I'm running all server 2012 R2 servers. I have the licensing on a domain controller and web, connection broker and Gateway on a member server. We had a problem with a virus so the former licensing server had to be replaced. It's taken alot of configuration, but I have almost everything back working. I can go to RD Web and connect to a computer on the network just fine. However, if I try to run a remoteapp, I get a message that the remote computer could not be found. I'm not sure if this is just something misconfigured or if it could be a dns issue. What server is the error referring to? When I click a remoteapp on the RD web page, what should be the role that is contacted?

Roger Stumbaugh

Strange values for Idle and Disconnect Time in Server Manager - Session Collection

January 26, 2016, 2:40 pm
$
0
0
Question
Vote

Hello,

I see strange behaviour for Idle Time and Disconnect Time in Server Manager Session Collections.
When a user connects to a Session Collection then there is no value for Disconnect Time and Idle Time. Thats ok.

But when disconnection it i get some that look like the first (top) blue box, which is normal behavior, however i also get several users on different servers that get the secon blue box (bottom) - how can they have an active session state, be disconnected and idle????

I have 19 RDSH in the collection and the issue is on every server, i have tried building new RDSH and using it - sam result, i've disabled alle GPO settings regarind Remote desktop, handeling all setting in the collection properties. 

I have 2 RG GW, with Web access and HA RDCB on RDG's. All servers are Windows Server 2012 R2 VMs in Hyper-V.

Idle Timeout on reconnected sessions not displaying correctly

January 20, 2016, 1:48 am
$
0
0

Hi all,

I'm running into a problem with idle timeout not being displayed correctly in the Connections-overview.

As soon as the connection is disconnected, the idle-counter starts running.

When I reconnect, however, the idle-counter keeps running, instead of being reset to 0.

Reconnect is done from the same machine, same Client IP-address.

Connection is made through an RD Gateway-server.

Search

RemoteApp sessions not letting go of VMs or UPDs, causing subsequent logins to attach to TEMP profile or not work at all

December 22, 2015, 3:00 pm
$
0
0

I've set up a test server running the latest version of 2012 and configured RemoteApps. 

What appears to be happening is that after your initial logon to a remoteapp, when you close the session your user profile disk is staying "in use". So when you login again, if you get attached to a different VM (which seems to happen every time), then it can't attach to the UPD, so you get logged in with a TEMP profile.

Additionally, it seems like once you've had someone attach to all of the VMs, then you can no longer connect to any of them. They are basically one-use VMs. Once they've all been connected to and disconnected from, you get this error when trying to run any remoteapp:

   There are no available computers in the pool

Looking at the server manager the VMs all say "disconnected" but they also show the last user to login under "user". 

There aren't any errors or warnings in my event logs that seem related or are even from the specific times.

Rebooting the server fixed the issues only until users logged in again and it started over.

I'm at a loss, as this VDI/VM stuff is kind of new to me.


Certificate Issue

February 5, 2016, 9:53 am
$
0
0

Hello,

I have a strange problem with my rds server, the server host an appplication used by multiple users.

I have created a link shortcut on the desktop (Web Access) and just a shortcut.

The problem I have is related to the SSL certificate:

- When I click on the Link on the server, I receive a certificate error.

- But when Copy the link on a workstation I Don't receive the certificate error (CA is valide)

- Logs does not show a lot

- Browser used is IE

Thank you

no audio

February 5, 2016, 11:02 am
$
0
0
I have a toshiba c655 satelite and there is no audio when I play dvds can you help

RemoteApp with user specific assignment still shows for other users

January 20, 2016, 4:53 am
$
0
0

Hi,

I have two remoteApps where I have configured that Only specified users should see it.

I have a two-way domain trust between domain1.local and domain2.local.

If I specify domain1.local\group1 then all that group1 can see is that app.

When I specify domain1.local\group-trust then they can se both apps even the one that only has group1 assigned.

The group-trust is a "domain local" group on domain1 where domain2.local\group2 is member.

It really bothers me that I can't get the "group-trust" to only see the app that I have specified for them and it shouldn't even be possible for them to see the other app. When they try to run it though it doesn't work, however it still syncs as a resource in the "RemoteApp and Desktop connections".

Why is this happening?

Remote Desktop Web Gateway and multiple RDS Farms

January 29, 2016, 9:42 am
$
0
0
I'm setting up a 2012R2 RDS farm that will include a Web Gateway, or possibly a Web Gateway cluster. In the end, I will end up having multiple RDS farms set up. Is it possible for a single RDS Web Gateway or Web Gateway cluster to be the web gateway for multiple RDS farms and route users to the appropriate farm based on their group membership, rather than having a separate Web Gateway or Web Gateway Cluster for each farm?

RDS certificate error when trying to setup Internal CA

February 5, 2016, 6:33 pm
$
0
0

Hi,

I recently setup a Windows Server 2012 R2 to replace a Windows Server 2008 R2 that had a published remoteapp for users.

Now, I have installed RDS and configured Remoteapp with my published app. The users are only able to access via the web URL on their computers. That's okay, but they prefer to have it setup similar in 2008R2. They used to click on a RDP file and access their program. I realize the infrastructure is different. I found I can setup WebFeed. I logged into a clients PC and tried to setup WebFeed. I got this error message: I'm trying to use another Server 2012 R2 Essentials as the Internal CA.

 

Any assistance would be helpful. Thanks

Disable file URL in IE11

February 5, 2016, 11:16 pm
$
0
0

I use Windows Server 2012 R2 and try to block the access to local drives.

Accessing the local drives is blocked through policy and works fine. However, people are able to access to the local drives when using the URL tab in IE11. By starting IE11 they are able to type d:\ for example and browse to files where I don't want them to go.

The point is, it is a RDP server and users must access it. However, the following policies have been applied already: "Prohibit access to Control Panel and PC settings", "Hide these specified drives: A, B, C and D", "No entire network in Network Locations"and "Prevent access to drives from My Computer".  This means they can't see the drives, but user specific settings are written to C and D, which is fine. So far so good.

So the only thing left is to browse the filesystem through IE. And I haven't been able to find a policy setting for this. I don't want to use the registry for this (preferrably). 

Hopefully anyone knows if there is a group policy setting to disable this?

Adding NoFileRun to the registry doesn't seem to work by the way.

Any suggestions are welcome.

Search

Connect RD Connection Broker to SQL

June 27, 2013, 12:23 pm
$
0
0

Hello I'm not being able to install RD Connection Broker with High Availability.

The RDS deployment consists on two servers running win2012

server1 - RDWA and RDG

server2 - RDSH and RDCB

The SQL server 2012 that I'm using is installed on server2 itself and had to be installed after the RDS otherwise the SQL installation failed and had to be done using the RD-install. It's working fine , I've applications that run on it.


As when configuring RDCB HA "both" RDCB hosts access directly to the SQL DB to create a new database, their accounts need to be authenticated as a SQL login with dbcreator role.

1 step: I checked a straight forward installation_

Installing and Configuring RD Connection Broker High Availability in Windows Server 2012

Failed

2 step: I checked an installation where my problem happened.

I checked RD Connection Broker HA – SQL Permissions
Added the host to a domain group and added the group as an SQL login, SQL authentication failed.

4 step: Google for how to create SQL login for a computer account and  I added it by executing:

“CREATE LOGIN [MyDomain\MyComputer$]FROM WINDOWS”

Also tried to use Add-ADcomputerServiceAccount without success.

3 step: I ended here

Taking a closer look at RD Connection Broker High Availability in Windows Server 2012

Where I verified that none of the following explanations were correct:

  • The SQL Server Native client is not installed
  • A firewall is blocking SQL Access from the RD Connection Broker (port 1433)
  • The incorrect SQL Server Native Client version is specified
  • An incorrect SQL Server name is specified



I tried several variations of the string to use but this is the one I think it's correct:

DRIVER=SQL Server Native Client 11.0;SERVER=WIN2012-1;Trusted_Connection=Yes;APP=Remote Desktop Services Connection Broker;Database=RDCB

The error registered on SQL is:

"Message
Login failed for user 'RDS\WIN2012-1$'. Reason: Could not find a login matching the name provided. [CLIENT: <local machine>]"

I tried to connect via ODBC with an existing username an it succeeded.

The problem seems to be with the computer account not existing as an SQL login...the thing is that it exists.

I need to set this up in order to be able to change the RDCB FQDN to a public FQDN.

How were you guys able to overcome this? Did you faced this at all?

Thanks,

David

Can we restore a set of User Profile Disks to a different location and use them in a DR scenario from another RDS Collection?

February 6, 2016, 2:52 am
$
0
0

We have a collection of Session Hosts that use UPDs stored on a file share at a primary datacentre and wanted to find out if it's possible to restore these UPDs to a different location and use them from a DR Session Host at another datacentre as part of a different RDS Collection?

Cheers for now

Russell

When remotly executed net use command to map a drive with administrator credentials, the drive shows "unavailable" status

February 6, 2016, 5:48 am
$
0
0

Hi, 
I am trying to execute "net use " command remotely to map a network share directory by using administrator credentials, to one of my windows server 2012, command executes successfully.

However, the mapped drive shows "unavailable" status. what could be the cause, and how to workaround this ?

Following is the command I am using,
net use * \\xx.xxx.xx.x\share\Software password /USER:Administrator

Thanks in Advance,
 Krishna

2012R2 RDS Server accepts new connections after reboot

December 7, 2015, 1:52 am
$
0
0

Hi,

When we need to do maintenance on a Server 2012R2 RDS server we change the Allow New Connections to "False" in Server Manager.
After the server reboots new connections are allowed on the server before the Allow New Connections is set to "True".
Is this reset after a reboot, because it looks like it?

Is this a known issue?

Kind regards,

Matthijs

Server 2012 R2 VDI Quick Start Deployment Failed - RD Virtualization Host Configuration Failed (Event ID 4119)

February 6, 2016, 10:11 am
$
0
0

I am struggling to get my Windows Server 2012 R2 standalone system to successfully deploy VDI quick start deployment for Virtual Machine - Based Desktop Deployment.

Hardware:

  • Supermicro X10SRA-F Motherboard (two NICs)
  • Intel Xeon E5-2687W v3
  • 64GB Kingston DDR4 ECC 2133MHz Memory
  • 800GB Intel Fultondale 3 DC P3600 NVMe PCIe SSD

I was able to successfully install Microsoft Windows Server 2012 R2 Standard on the PCIe SSD along with drivers and windows updates.  Set static ips for both adapters and installed ADDS and DNS roles to create domain controller successfully. 

Next I try to deploy VDI Quick Start for Virtual Machine-Based Desktop Deployment using a sysprep Win10 VHD (mode:vm).

  1. The server restart and begins role installation.
  2. It gets to 99% then begins undoing changes saying "could not complete" or something like that.
  3. Once logged back into admin, server manager says RDS role installed successfully but virtual template failed (invalid namespace), but:
    • Event ID 4119 shows that RD Virtualization Host Configuration Failed (5 errors):
      1. Could not add server to the rds management servers group (but when I check, it has been added).
      2. Could not add the rd connection broker server to the ts virtual desktop server settings
      3. VmHostAgent on server could not sync the vm objects to CB (invalid namespace).
      4. Could not configure the migration settings on the rd virtualization host server
      5. Could not create virtual switch on the server.
    • RDS role shows RD Virtualization Host role installed.
    • When I go to add or remove roles, it shows RD Virtualization Host NOT installed.

I am really struggling to get this system up and running with personal virtual machines that clients can connect to. I have tried installing VDI with standard deployment as well as individual roles even trying to MS checklist one role at a time. When I get to installing RD Virtualization Host role it fails.

Can someone please help me?  I don’t know what I am missing.

Thank you for your feedback.

-- Michael Lowe Computer Engineering

Viewing all 26837 articles
Browse latest View live
Search