Quantcast
Channel: Fórum Remote Desktop Services (Terminal Services)
Viewing all 26837 articles
Browse latest View live

2012 R2 Remote Desktop Connection Broker Issues After Disabling TLS 1.0

September 4, 2018, 3:25 pm
$
0
0

Hi All,

I have a single Windows Server 2012 R2 remote desktop deployment, all roles on one VM. RD Licensing, RD Web Access, RD Session Host, RD Connection Broker, RG Gateway. It has at most 4 people connected at any time. 

This all works fine until I disable TLS 1.0 - after disabling TLS 1.0 I receive the following errors whenever I try to connect via RDS/RDG "A fatal error occurred while creating an SSL server credential. The internal error state is 10011."

I can work around this by enabling the Local Security Policy: Use FIPS compliant algorithms for encryption, hashing, and signing BUT this isn't ideal and breaks some other software packages (such as Sage Line 50 Authentication) that we use on this server.

I'm aware of the knowledge base article at https://support.microsoft.com/en-us/help/4036954/disabling-tls1-0-can-cause-rds-connection-broker-or-rdms-to-fail 

I've tried installing SQL Express 2014 SP2 + CU13 on the same VM and have enabled High Availability on the Connection Broker. The wizard completed without issue and successfully moved the Connection Broker Database to my new SQL Express instance butafter I disable the FIPS policy (so I'm again back to just TLS 1.2) I start seeing the same SCHANNEL errors again and I'm again unable to connect via RDS/RDG

I've been using the script at https://www.hass.de/content/setup-microsoft-windows-or-iis-ssl-perfect-forward-secrecy-and-tls-12 to ensure that TLS 1.0 is diabled, TLS 1.1 and 1.2 is enabled, insecure ciphers are disabled and the WinHTTP options are set. 

Has anyone successfully disabled TLS 1.0 and had a single server deployment working? If I absolutely have to I can install SQL Express on another VM but I'd like to avoid it if possible. 

(Forgot to mention, I'm testing from Windows 7 clients that are completely up-to-date and have TLS 1.2 enabledand also Windows 10 1709 / 1803 clients and I'm unable to connect from either)

Any help is really appreciated.


Search

Enabling multiple users to access windows server 2012 R2

September 5, 2018, 1:30 am
$
0
0

I have windows server 2012 R2 installed on my machine.

For now, the server only allows up to 2 users to access the server through Remote Desktop Service.

If I want increase the number of users simultaneously accessing the server is "Windows Server 2016 Remote Desktop Services 1-User Cal" the product I need to buy?

 


Black Screen on all new Connections, SessionHost has to be rebooted

June 21, 2017, 2:31 am
$
0
0

hi,

we're suffering from session hosts that produce black screen errors in a RDS 2016 farm.

already connected users can mostly work, all new connections end up with a black screen.

to resolve the error the server has to be restarted.

i can say that

- this error appears after error 1534 (Fehler bei der Profilbenachrichtigung des Ereignisses Delete für Komponente {709E2729-F883-441e-A877-ED3CEFC975E6}. Fehlercode: Das System kann die angegebene Datei nicht finden.) starts appearing in the eventviewer.

- upon checking the registry for this SID i end up at "ProfileNotifyHandler Class app id {E10F6C3A-F1AE-4adc-AA9D-2FE65525666E} inprocserver32, C:\Windows\System32\gameux.dll".

- starting explorer.exe per taskmgr does not open an actual explorer window although the process appears in taskmgr

- tskmgr, eventvwr, cmd can be started without problems

- affected users appear as active in RDS management

- no third party security software is installed

- farm is fully patched

- HKLM\Software\Microsoft\WindowsNT\CurrentVersion\ProfileGUID and ProfileList are ok (no old or .bak entries)

looking forward on how to resolve this without  rebooting the server or a permanent fix

thank you

best regards


RD Connection Broker don`t see users on different hosts

September 5, 2018, 5:16 am
$
0
0

Hi all, the following problem has arisen...

From time to time, the connection broker (on server 2016) don`t see sessions on different hosts, and when it comes we have connection problems, but if you restart the host which sessions don`t see the connection broker then after reboot  host the broker again sees them.

Tell me how to overcome this problem.

Switching from Device to User CALS

July 17, 2018, 5:54 am
$
0
0

Hi,

We use a single RDS license 2012R2 server with our Citrix XenDesktop setup. We wish to switch from Device to User Cals. How would this be achieved? Just a single GP with the setting enabled and User selected and then applied to the RDS license server or is their more to it than that?

regards,


Updated cert for all things RDS 2012R2 but occasionally a client is getting old cert when launching published app

September 5, 2018, 6:32 am
$
0
0

I renewed and replaced our wildcard cert on our 2 RDS GW servers, and our 5 RDS Web hosts. the new cert looks to be correctly installed in all places, yet a few users are still getting a cert error (old expired cert) when they launch a published application.

I went to IIS bindings and made sure the new cert is bound to all servers running IIS and made sure the old cert was deleted on all RDS servers via Certificate Management. Where else can I look to find this sneaky old cert that is being cached somewhere?

Cheers

Steve J.

Give access to single local folder via remote desktop

September 5, 2018, 7:47 am
$
0
0

We have an application which our clients run via Remote App. We would like to give the app restricted access to a specific folder on the clients local drive. Is there anyway to do that? As far as I can tell, you can give access to an entire drive, but but a folder in that drive.

For example, we would like our application to have access to an application specific folder in the users "My Documents" folder, but not to any of the other folders. The reason we want to do this is that we are providing our application to clients who are not part of our organization. We would like our app to be able to save files to their local drives, but do not want to ask them to give our application access to their entire C: drive.

Are there solutions to this problem that we haven't thought of? Right now, the way we deal with it is to have our application send them files via email, which isn't ideal.

Cannot install per user apps

August 30, 2018, 5:21 am
$
0
0

Hi

I'm trying to deploy an "Per User" application on Windows Server 2012, via login script:

msiexec /i C:\path\Install.msi /qn

But it fails when users are logging in: Installation success or error status: 1640.

Also when I install this with my administrator user, I cannot uninstall it again:

Only administrators have permission to add remove software during terminal services remote session

Only via the console can I uninstall it.

DisableMSI = 0 (without this administrator can't install anything)

DisableUserInstalls = 0 (Set via GPO, does not seems to do anything different for the user)

Without DisableMSI = 0 , the user get error 1625.

What is wrong? :-)

/Kim

Search

W10 1709 RemoteApp - Pop-ups hidden behind main window

November 16, 2017, 1:28 pm
$
0
0

Hi, I've this issue after migration of RDS server from 2012 R2 to 2016 and client have Windows 10 1709 but with Windows 10 1703 no issue.

Any suggestions?

Remote Desktop users getting disconnected every 9-10 minutes

September 5, 2018, 8:19 pm
$
0
0

I have a server running Windows Server 2016 Standard in a WORKGROUP environment.  This server has the Remote Desktop Services role installed with 20-CAL's.  Users can login remotely to access applications.  Everything works great for the first 9-10 minutes  The problem is after 9-10 minutes their RD session is disconnected.  Sometimes it reconnects and other times they have to log back in.  All the server gpedit.msc settings for timeouts are defaulted and have not been changed.

On the same network we have another old server running Windows Server 2008 in the same WORKGROUP environment with Remote Desktop Services and 5-CAL's and the users don't experience any disconnections.

Does anyone have any thoughts on how I might be able to resolve this?

RDS Server User Desktop Icon Display issues

August 31, 2018, 7:31 am
$
0
0

Hello Guys

We are in the end phase of publishing our new 2016 RDS Server. Now its the last 5% (Fixing Appearence Issues).

And the main problem right now is this: 

Either the text vanishes/cuts off or it changes its color/loses the shadow/frame.

When i refresh it gets back to normal (Google Chrome is the expected, ThinLinc and VNC Viewer is what i get).

When i hover over the icon it reverts back and this is just ugly.

Im not really sure what the issue could be so i searched for a bit but couldn't find anything regarding this issue. I also did a sfc /scannow to check if any of the files that are responsible for this might be corrupt or something but to no vail.

This is the 2nd server we setup that has the same issue.

I appreaciate every bit of help.

Kind regards

Pkey

RDS VDI using Azure VMs - Not able to communicate between connection broker server and the hyper-v VMs

September 4, 2018, 2:41 am
$
0
0
I have created a VDI setup in Azure VMs. I have created a NAT network in the RDVH server , so as to hyper V Vms to be joined to the domain. But after the virtual desktop collection creation step, I am not able to publish remote app as I am getting an error"unable to retrieve remoteapp programs for the start menu" .ie from the Hyper V VM created in the collection. Please let me know how to resolve this.

RDP logon takes 5 minutes

July 26, 2018, 11:02 pm
$
0
0

Hello,

I have a problem on several 2k8 servers: since a few days, when I get my hands on it in RDP the logon lasts 5 minutes. In the eventviewer I have: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the  ShellHWDetection service. And the same with the processes: Dnscache, CryptSvc, NlaSvc. the server reboot solves the problem but only for a few days. After that starts again, I tried among other things:
- Testing from another workstation
- Disabling the print spooler 
- Disabled smart card printers, etc. in connection settings
- Disable antivirus software
- GPO : System\Logon\Always wait for the network at computer startup and logon (Turns off Fast Logon Optimization)
- No Active directory replication problems
- No DNS problem
- The servers are in the OU computers and my user in the OU users (so no GPO)

without success, not against when I connect directly to it (without going through an RDP connection) I have no problem.
Do you have any idea?

Thansk in advance,

C.

Unable to reset password for password expired account from windows 10 machine

August 29, 2018, 3:38 am
$
0
0

We have users which using windows 10 machines and windows 7 machines. If their domain password is expired, while they RDP terminal server they get prompt to set the new password. This function is working from windows 7 machine but its not working from windows 10 machine.

Also for new users, user must change password at first login is working while users trying to RDP to Terminal server from windows 7 machine but from windows 10 machine its not working.  Getting error as contact your system administrator.


RDP issues, remote computers requires network level authentication

January 5, 2016, 1:30 pm
$
0
0

Hi,

First of all, please note this: 

  • Network level authentication IS supported on all machines as per theAbout Remote Desktop Connection. So please don't ask me to check this on the about remote desktop connection window.
  • All clients are set per GPO to use the Remote Setting of the "more secure" option:
  • The problem is on random machines, all windows 7. We only have a few windows 10 machines but no issues found on those so far. 
  • It doesn't matter if the RDP connection is initiated from a windows 7, windows 10 or Windows Server 2012 R2. The problem remains and is exactly the same.
  • The problem exists when attempting to connect RDP from personal home PCs (not managed by company GPOs and MS update schedules) over VPN

So the problem is this, first comes the first message and then the second.

It seems to have started after we deployed some Microsoft server updates, but its very inconsistent, some sites seems worse off then others, but its not all machines at any site. We haven't even done client updates yet.

Again, please don't give me a link to an old post or blog saying that I need to enable network level authentication, as shown by the top screenshot, it is already enabled/supported.

I already spent hours googling this. Please, I want responses from people who have actually had the exact same symptoms and issues or someone who has an idea that I haven't already clearly stated that I've checked above already.

Thank you.

Search

rds cals missconfigured ?

September 6, 2018, 5:44 am
$
0
0

Hi,


I have a Windows Server 2012 R2, with and installed downgraded version of 2016 User RDS cal (1 user)

We have an application that should use this RDS, but not sure if that's configured correct.

But to me it seems that there is some kind of wrong configuration with the RDS, or missing cals ?

Because when I try to connect with our software I get an error "The server denied the access"




/Regards Andreas

How to upgrade Windows 2012r2 to RDP protocol version 10.x

September 5, 2018, 1:12 pm
$
0
0

I have a complex routing scheme that seems to only work with Windows 10 and Windows 2016. I have narrowed down the problem to RDP protocol version 10. I can get it working with version 10 but version 8.1 does not work.  How do I upgrade Windows 2012r2 to have RDP protocol version 10.x

Thank You

VDI with Wyse 3040 boxes - RD connection broker sign-on failed

September 6, 2018, 7:06 am
$
0
0

We are running MS VDI on a server 2016. Periodically we are not able to log into the personal Virtual PC's (VPC) and get the error RD Connection broker sign-on failed. Rebooting the server or the Wyse 3040 boxes do not fix the issue.  We can log into the VPC's with remote desktop from a different PC. Today I got this fixed by re-installing the same cert over again in RDS certificates for RD Connection Broker -Enable Single Sign on, RD Connection Broker - Publishing, RD Web Access, and RD Gateway.

What could be causing this I'm not seeing any errors related to it in the event viewer ad restarting the services or rebooting does not work.  We were down once for 6 hours until I stumbled across doing this and it came up, luckily this time it was a few minutes.

Change published FQDN for Server 2016 RDS Deployment

August 31, 2017, 1:21 pm
$
0
0

Hi,


I have read the various discussions that relate to this:  https://gallery.technet.microsoft.com/Change-published-FQDN-for-2a029b80

However, it does not have 2016 listed.  I tried it anyway, and it did not work..

Any updates to that script?

Thanks

Server 2016 (NOT 2012R2) with RDS how to prevent users from rebooting after Windows Update?

January 3, 2018, 1:04 pm
$
0
0

I have a Server 2016 with Remote Desktop Services installed. A huge problem: Remote users are prompted to install updates, and worse:after updates complete ordinary users are prompted to reboot the server and that reboot actually happens, abruptly pulling the plug on the other users.

I have read many articles about this issue, but all of those articles apply to Server 2012R2, not Server 2016. The GP methods I have tried for 2012 R2 do not work on Server 2016.

Pulling my hair out. All I can do is disable the Windows Update service, and even that seems to turn itself back on.

Thanks!

-frank

Viewing all 26837 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>