Quantcast
Channel: Remote Desktop Services (Terminal Services) forum
Viewing all 7220 articles
Browse latest View live

Is it possible to disallow RDP for one member of local admins group?

January 30, 2014, 1:32 pm
$
0
0

Hello:

I have an application server which has a service account that is in the local admins group. Is it possible to disallow only that particular service account from being able to RDP into the server? Server is Windows Server 2003 SP2. Basically, I'm trying to bypass this: Members of the local Administrators group can connect even if they are not listed. I understand that anyone using the service account could undo any restrictions I make, so what I'm trying to do would just be a deterrent. I cannot disable RDP altogether since our regular sys admins need to be able to RDP into the server. Thank you.

Search

Event ID 1067, event id 1009, event id 4105, event id 1061

January 18, 2014, 7:33 am
$
0
0

I have 1 Dedicated DC, I have 3 Terminal Servers that are part of that DC. I only have the problem with the 1 TS.

I keep having these errors and I cannot find a fix. I've read articles but it's not helping. I really need help.

1067

The terminal server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: The specified domain either does not exist or could not be contacted.

1009

Error starting the Remote App and Desktop Management Service.

Error Code: 0x800706FD

4105

The Remote Desktop license server cannot update the license attributes for user "hkarovic" in the Active Directory Domain "wvchangeinc.org". Ensure that the computer account for the license server is a member of Terminal Server License Servers group in Active Directory domain "wvchangeinc.org".

If the license server is installed on a domain controller, the Network Service account also needs to be a member of the Terminal Server License Servers group.

If the license server is installed on a domain controller, after you have added the appropriate accounts to the Terminal Server License Servers group, you must restart the Remote Desktop Licensing service to track or report the usage of RDS Per User CALs.

Win32 error code: 0x8007054b


Windows Server 2012 RD Connection Broker Installation

September 19, 2012, 12:22 am
$
0
0

I am unable to install RD Connection Broker in Windows Server 2012 Physical machine, I have tried many different resources and techniques, yet cannot find a solution, may be this is happening only to me.  I have even tried to install all components on a single server but it fails again, there are no failure logs nor setup related logs under c:\windows\logs .  I have read somewhere about SQL requirement and did install SQL on the server I am trying to install RD, please help me with a step by step (though some online resources talk this as a straightforward installation), for me this has not been so straight.



Syed Saleem, PMP

RDP and left-handed mouse users

September 7, 2012, 1:34 am
$
0
0

Hi there,

I'm a left-handed person. So I use the mouse with my left hand and naturally I use "Switch primary and secondary buttons" mouse control panel option.

When it comes to RDP connections, I almost always connect to the desktops where "Switch primary and secondary buttons" is set for right handed people. When I'm inside an RDP session the mouse stops respecting my mouse settings and apply guest desktop settings which creates a lot of confusion to me.

Is there a way to setup my RDP client so that it automatically handles right vs. left buttons translation ?


COM Ports will not forward through RDP.

January 15, 2014, 7:46 am
$
0
0

I have a user that is using remote desktop through a VPN to connect to a remote computer. They have a USB Barcode Scanner device that connects through an emulated serial Com port that needs to go with the connection to use with their POS system.  The client PC was previously a Windows XP computer and we had no problems with this forwarding.   However, the XP computer has been replaced with a computer running windows 8.1 Pro with Media Center, and now the ports will not forward. I have checked the local resources in the remote desktop connection and ports are set to forward with the connection.  Both computers are on a work group, there is not a domain on this network.  The server is Server 2008 R2 and is running terminal services (other XP and Windows 7 computers on the VPN are able to forward without difficulty.)

I have also checked in the remote desktop session host configuration, com ports are not disabled in the RDP-TCP connection, and the Remote App manager does not appear to have the ability to control port forwarding that I can find, though it can control other local resources.

Any guidance on this you can offer is helpful, but web searches are only coming up with situations where someone wants to control how ports forward, I was unable to find any information about them refusing to forward.

The connection was denied because the user account is not authorized for remote login

January 11, 2010, 12:02 pm
$
0
0
Using Terminal Server 2008 not able to get non administrator users to login to the remote desktop. Have tried from Windows server 2008 and from Windows servers 2003. Get error login in "The connection was denied because the user account is not authorized for remote login" from Windows Server 2008. Error "The requested session access is denied" from Windows Server 2000.

RD Gateway FQDN Certificate Confusion

January 15, 2014, 10:23 am
$
0
0

Hi all

I want to establish if I am on the right lines and close to success or not:

I have 4 servers:

Server1 Roles/Info

RD Web role

Connection Broker role

Server2 Roles/Info

Session Host role

Member of RDS Farm

Server3 Roles/Info

Session Host role

Member of RDS Farm

Server4 Roles/Info

Gateway

I have RemoteApps working internally and load balancing so that seems to be working fine. My confusion arises with regards the external access:

Situation: My internal domain name is example.co.uk. My company also use the same domain for external websites eg support.example.co.uk, website.example.co.uk etc. So I decided to use the domain for DNS for external access. I used “rds.example.co.uk” and pointed this to one our public IP’s. I then setup on the firewall NAT and firewall rules from external to internal RDWebServer. I purchased a cert off GoDaddy which is also “rds.example.co.uk”.

Possible problem 1: Is me using the same internal and external domain an issue?

Possible problem 2: Is using a single SSL Cert a problem?

Possible problem 3: To gain access to the RDWebsite externally, where should my NAT rule point the traffic to? The Gateway server or the RDWeb server? Currently I have the NAT rule pointing to the RDWeb server and I am currently getting 404 HTTP webpage cannot be found errors.

Possible problem 4: Should my Gateway server have the same FQDN as the cert? At the moment it has a generic server name like rds04.

Any help will be greatly appreciated


Windows Server 2012 Essentials - Remote Desktop Services

June 20, 2013, 4:44 am
$
0
0

Hi Experts,

I was hoping someone would be able to provide me with some guidance.

We have recently purchased Windows Server 2012 Essentials as well as 5 RDP user CALS.

We do not have a domain or any other servers. We only require 5 people from various locations to be able to remotely log into the server and work on a program that is installed on it.

However, the setup and configuration of the Remote Desktop Services did not go as planned. After many attempts and various configuration settings, it still doesn't work.

What I am lead to believe is that the Essentials version of Server 2012 doesn't support being the RDP Gateway and License Server and Host. However, nowhere can I confirm this, I have searched many forums where people are experiencing the same problems, but nowhere can I find answers.

If there is anyone out there that might be able to shed some light and maybe point me in the right direction, it would be greatly appreciated.

Thanks and Regards,

Wynand.

Search

Remote Desktop Now Disconnects Wireless Connection

February 18, 2007, 8:14 am
$
0
0

I have two computers running XP Pro. The desktop is using a wired connection to my home network and the laptop uses a wireless connection. For nearly a year, I have been able to use Remote Desktop to control the laptop from the desktop. In the past month or so, this has changed.

Now, when using Remote Desktop to connect to the laptop, the wireless connection is dropped. Logging manually back in on the laptop resets the wireless connection, but this is consistently dropped each time I try using Remote Desktop. I need this facility since the laptop is used to control some equipment remote from desktop.

The desktop is able to connect and control a wired connection to a new Vista Ultimate machine, so I don't think there is anything wrong with it.

The only software changes to the laptop has been whatever Windows updates that have come through. Does anyone have any idea how I can get my Remote Desktop to work once again?

 

Mike

Difference between Terminal server connection and MSTSC remote desktop connection

April 27, 2010, 9:12 pm
$
0
0

Hi everyone , Wats the main difference between Terminal server connection and MSTSC remote desktop connection? Well both are used to connect a server remotely. right!

Are there any much difference between them?

Licensing - per Device or per User

January 24, 2014, 6:06 am
$
0
0

Hello,

I know there are many threads about this topic, but I don't understand it. Thus I have to ask you and I hope that you can help me.

I have installed an Win2k8R2 RDS Server with eight per Device CALs. My Clients are Win7, WinXP, Win2k3 and Win2k8R2.

My requirements are that I have one account (e.g. Gast) which can connect to the RDS Server several times simultaneously. Further I want that only eight people can open a session simultaneously but overall there should be more than eight devices which can connect to the server. At the beginning it worked and I had eight simultaneous sessions. But now some clients cannot connect to the RDS Server anymore until I delete the registry key "HKLM\Software\Microsoft\MSLicensing\Store\LICENSExxx".

As far as I know the RDS Server allocates at first temporary licenses and for the second login it allocates permanent licenses. After allocating all my permanent licenses it only allocate temporary licenses. And probably this temporary license cannot be updated. Thus after a while it is impossible to connect to the server again?!? Is that the reason?

Now my actual questions:

- Is there a way to free licenses after closing a session? So I don't need 20 CALs for 20 devices although I only want eight simultaneous session with the same account.

- Is it possible to shorten the reservation time of the licenses? It seems to be about 3 months at the moment.

- Is it possible to logon simultaneously with User CALs?

I am not sure if I am using the wrong CALs or if I misdo while configuring the server or if its impossible to fulfill my requirements.

Thank you for your effort.

Regards

Felix

join terminal session greyed out

January 28, 2014, 12:48 am
$
0
0

Hi,

I have Terminal Servers and Domain Controller. Few years ago i had Terminal Session Broker on one of TS. Then I disconnected all servers from session broker but I can not uncheck the box "Join Terminal Session" on session broker. In event log i'm getting error every minute that server can't find Session Broker. The Session Broker role is unistalled. In Domain controller in group policy manager i set "Policies,Administrative Templates, Windows Components, Terminal Services, Terminal Server, TS Session Broker" all fileds to "not set". Then i tried to do the same in local group policy editor. But in terminal services settings on TS the fileld "join terminal session broker" is still checked and greyed out. Where else I can disable it?

Thank You.

2012 RDS Server - old clients can´t connect

February 8, 2013, 5:40 am
$
0
0

I have just put up my first 2012 RDS server in a small SBS2011 enviroment. My setup is pretty simple, running all RDS roles from the same 2012 server. I have configured it via a rdp client from a win2008 and win8 machine and everything seems to work fine.

Now that I want users to test it, I find that old HP thin clients (t5000/t5530) and XP machines can´t connect. I guess it is some security stuff which I in the good old days would have changed in the Connections under "Terminal server configuration" I can understand that this is not there anymore but can´t find where settings has gone. I seem to remember seeing it when I ran the installation wizard.  When I try to connect from en XP it tells me "The Remote computer requires Network Level Autentication, which your computer does not support" The HP thin lients just says: Internal error occured. Googled it a lot !!! Found only stuff for 2008 servers.

Can anyone point me in the right direction?

The following roles is on the server:
RD Connection Broker
RD Session host
RD Gateway
RD Licensing
RD Web Acces

I also have NAP and IIS installed.

Thanks a lot.

Michael Grøn

Michael Grøn

Remote Desktop Configuration on Windows Server 2012 R2

January 23, 2014, 8:17 am
$
0
0

Hi, I wanted to see if anyone knows how to access the console that was known before as Terminal Services Configuration.

I've been having trouble with some servers that have 2 or more NICs and sometimes the RDP protocol won't listen on the right IP and I can't connect until I disable the other NICs.

Usually in 2008 R2 I would just go on this console and define the specific IP Address in which the RDP Protocol should be listening to, but know I can't find this console anywhere on 2012 R2.

Any ideas on how I can get there or change this setting on Windows Server 2012 R2?

Thanks

Eduardo Rojas

Certificate RDS 2012

January 23, 2014, 8:53 am
$
0
0

Hello,

I have a problem with certificate on RDS 2012.

I have :

2 RD Gateway
2 Connection Broker
2 Session Host
1 RD WebAccess

The url of gateway is : rdgwfrm.mydomain.ch
The url of ClientAccessName of the Connection Broker is : rdcbfrm.mydomain.ch
The url of my RD Webaccess us ; rdwa.mydomain.ch

I have an internal domain AD : corporate.lan


I have a wildcard certificate of mydomain.ch. 

If i check the certificates states on the deployment properties, I have this : 

All of the roles uses my the wildcard of mydomain.ch

I have set my wildcard for my RD Session Host with this command :

wmic /namespace:\\root\CIMV2\TerminalServices PATH Win32_TSGeneralSetting Set SSLCertificateSHA1Hash="Thumbprint"

First Problem :

Why my session host keep showing the internal certificat ? Do I need to assign my certificate manually on my servers ?

Second problem :

When I try to connect on my iPad with the official app , I have a certificate error. It's says that rdgwfrm.mydomain.ch doesn't match *.mydomain.ch. And same error for rdcbfrm.mydomain.ch. The wildcard is not supported on the IOS Apps ?


Thanks !



Search

How to install the Remote Desktop Services role on a Windows 2012 R2 Server

February 3, 2014, 7:50 am
$
0
0

Hello,

I am a bit confused on how to install the RDP role on a 2012 R2 server. I have a two server domain and would like to make the second member server an RDP server to host applications (Word, Excel, a medical software, etc.) where users from their windows 7 desktop will use the Remote Desktop Connection to connect to the server, create a session and do their work. When installing the role, I am prompted with two options:

1- Role-based or feature based installation

2- Remote Desktop services installation

I see the RDP install option in both cases.

1- Which one do I use?

2- What role services do I install? (Connection broker, Gateway, Licensing, Session Host, Virtualization host and Web access). I think I need the first four only.

3- When installing software after RDP, I use the Change user /install and Change user /execute commands. What happens to the software that is already installed? Can remote users use those?

Any help will be very much appreciated.

Thank You,

Victor.

 

dllhost.exe COM surrogate high cpu

August 14, 2013, 5:44 am
$
0
0

Hi forum,

We have terminal server running Win 2008 R2, and recently i have seen spikes in CPU usage. For example a user could be using 50% of the cpu.

When I took a closer look at the process causing high cpu it as listed as dllhost.exe COM Surrogate.

From my understanding this process is used to extract thumbnails when a user chose to preview the picture. This process also has been listed when using faulty codecs.

No my question is is there a patch or another way to tackle this issue. it is really annoying to be terminating process everyday.

I even tried to use a script that would do that job for me but I do no think it is the solutions.

Any advice, tips would help

Thank you

Using 2008 server with rdp licenses to access server 2012 essentials

January 21, 2014, 1:00 pm
$
0
0

Hi We have recently upgraded to server 2012 essentials and need to have more than 2 rdp connections to the server at any one time, at the time of the build we only needed 2 connections.

The question is we have our old server 2008 with rdp licensing and client licensing still in tact but not connected to the server 2012 domain, can we somehow use the 2008 server to be the rdp logon server instead of having to go and buy 2012 standard just to do this job ?

thanks

Remote Desktop Gateway Common Practices and NLB Question

January 24, 2014, 7:42 am
$
0
0

Greetings, 

We're looking to implement Remote Desktop Gateway as a means of which to connect to our RDP-enabled corporate desktops in lieu of an aging firewall performing just this single task. Our interest in utilizing this for Terminal Servers or Remote Desktop Hosts isn't much at the moment and we're really just looking to put in RDG functionality. 

The articles available are great, but just about each one assumes you're building infrastructure around RD Hosts and Terminal Services. 

My question should hopefully be a simple one: 

We want two RDG's load balanced between two sites. The NLB for these two RDG's within our perimeter network seems straightforward, but I'm a bit unsure as to if we need a Remote Desktop Connection Broker on the internal network to handle this, or if the connection broker is only needed for standard RDS/TS functionality. 

Additionally, would it make sense to setup and use RD Web Access on the same two RDG boxes? Or does the standard functionality of the RDG work fine in this regard? If so, how does the RD Web Access work between two boxes when load balanced? 

So would our eventual topology simply be two RDGs in our perimeter network, or two RDGs in the perimeter and a connection broker in the internal? After reading I'm inclined to believe the Connection Broker is needed if only to manage the two Remote Desktop Gateways in the perimeter. 

Thanks in advance for your time. 

JMHahn

JMHahn

Securing remote desktop login with 2-factor and 3:rd party radius server

January 27, 2014, 4:53 am
$
0
0
We have a 3:rd party radius server that is used for vpn logins with tokens. I'd like to use this also for securing the login to Windows servers with 2-factor authenticaion, is it possible? Is there some general radius agent that can be used in combination with remote desktop in this case?
Viewing all 7220 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>