Hello!

I had configured custom RDP certificate as it is written in this post: (http://blogs.msdn.com/b/rds/archive/2010/04/09/configuring-remote-desktop-certificates.aspx).

I used certificte template propagation via group policy editor in my AD domain.

Certificate configured to use "Server Authentication" Application Policy.

After session host computer applies new policy, when I try to connect to the server under Windows Server 2012, client throws "This computer can't connect to the remote computer. Try connecting again... or contact your administrator".

I tried to connect either from win2012 or win 7 clients and they are getting this same error.

All clients has installed RDP 8.0

on client EventViewer I see theese TerminalServices-ClientActiveXCore Information records:

Event ID 1026 - "RDP ClientActiveX has been disconnected (Reason= 2308)"

Event ID 1105 - "The multi-transport connection has been disconnected."

Event ID 1026 - "RDP ClientActiveX has been disconnected (Reason= 8199)"

Event ID 1105 - "The multi-transport connection has been disconnected."

on server System Log i see theese SChannel Erros:

Event ID 36888 - "A fatal error was generated and sent to the remote endpoint. This may result in termination of the connection. the TLS protocol defined a fatal error code is 40. The Windows SChannel error state is 1205."

Event ID 36874 - "An  TLS 1.2 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by server. the ssl connection request has failed."

Event ID 36888 - "A fatal error was generated and sent to the remote endpoint. This may result in termination of the connection. the TLS protocol defined a fatal error code is 40. The Windows SChannel error state is 1205."

Event ID 36874 - "An  TLS 1.2 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by server. the ssl connection request has failed."

How to resolve this problem? Any ideas?

Dmitry K/

Hi,

to set correct locale and activate desktop guest Windows before rollback snapshot, I issued an unattended sysprep file.

It basically has settings for all Windows welcome screens, key, and commands to use KMS and activate.

Sysprep itself runs correctly using this file. If I power up template then, it will do all the configurations and start working. 

But when I create collection off it (I don't use unattend.xml at this step!), creation halts displaying "press ctrl-alt-del" on the VDI's console.

Logging in, out, rebooting didn't help. Desktop creation doesn't continue. 

If I don't use sysprep file, then it works, but I get wrong system-wide locale for non-unicode programs for all desktops, which is not acceptable.

Can anyone please help!

Also, is there any unattended sysprep file on RDCB, which is used during desktop creation (where it is located)?

What settings are required by desktop creation service?

Thank you!

Lee

Hi everyone,

We have Windows Server 2008 R2 Terminal Services Server. There are 100 clients (ThinClient HP t5550 with Windows XP Embeded Edition) connects to this TS. We can remote control connected users from Terminal Server exept  Windows 7 o.s. clients (thinclient and workstation). Please help me ....

I am currently building a farm of RDSH Computers running Windows 2008 R2.  Due to auditing requirements I need to have traceability for any web browsing conducted on these systems.  Our Web Filtering Service only logs and audits via the source IP address of the web request and therefore cannot differentiate between user sessions on the same computer by default.

I thought I could get arouind this by using IP Address Virtualization, but it isn't working as expected.  The Remote Desktop Session Host successfully allocates the Virtual IPs to each user session as expected (I have the pools configured statically within the registry of each RDSH as I cannot put a DHCP Server on the LAN the User Session are presented over).  However, when I check IE usage using TCPMon and our Web Filtering service, all traffic is using the statically-assigned IP Address of the User session NIC and not the assigned virtual IP.

OK, to help you all out and hopefully come to an answer, here's my configuration:

First and foremost, the RDSH are physical tin and I do not have any Teaming Software in use.

I have two interfaces on each RDSH: one for User Session connections and a back-end one onto the Data Centre LAN.

The Data Centre LAN has the DNS Server adresses added, but no Default Gateway and registers the host's DNS record.

The User Session Interface has the Default Gateway defined but no DNS servers, and it is this one that has IP Address Virtualization.

I'm using a Connection Broker and Load-balancing via DNS Round-Robin.

The network configuration is otherwise good and I'm getting excellent responses to all requests, considering I only have 1 Gb of network bandwidth to play with and I've load tested the system up to 100 connections so far.   I need the second interface as I will have to use App-V on the systems; we have a broad swathe of end-user applications, some of which cannot co-exist on the same Operating System installation and I don't want to go down the road of Departmental RDSH silos.

I've tried the latest NIC Driver (and then the previous one) from the manufacturer as suggested in several other posts, and followed various recommendations.  However, from what I can see on all the other posts, others appear to be getting the issue that a Virtual IP Address isn't being assigned.  I'm getting the address assigned, it's just that IE isn't using it.

Does anyone have any ideas how to get around this?

We have the following setup for our RemoteFX prototype:

Server: DELL C1100

Processor: Intel Xeon X5650 @ 2.67 Ghz ( VT-d and VT-x enabled on BIOS )

RAM: 48 GB ECC DDR3 @ 1333 Mhz ( 6 x 8GB Modules - tri-channel configuration )

Primary Storage: 6 x 300 GB Seagate 10k RPM ( RAID 10 )

GPU Enclosure: DELL C410X

GPU(s): 2 x Nvidia Tesla M2070Q 6GB

As you can see our setup is a decent setup but we aren't getting the performance we were hoping for.

We have users that use AutoCad (Revit, Civil3d, etc) and also SektchUp(openGL only).  We were hoping using RemoteFX was going to give us the ability to virtual their desktops but it seems not viable from the results we are getting.

When the mouse hits a 3D environment such as the drawing pane of AutoCad we get lots of mouse lag.  We also do not get the framerate we would expect in 3d games such as Battlefield, World of Warcraft and Starcraft II.  The mouse in the first two games mentioned also is "weird" as it jumps around making the games unplayable.

Aero mode works, it seems RemoteFX is running but it doesnt seem its utilizing the beefy video cards.

We ran some tests with 3D mark and the video card memory showed only 71mb  (Im guessing its forcing only 71mb because thats what it needs for one monitor?)

The results for the 3dmark were horrible:

3DMark Score: 2244 3DMarks

SM2.0 Score: 612 

HDR/SM3.0 Score: 1010 

CPU Score: 2286 

GT1 - Return To Proxycon: 6 FPS

GT2 - Firefly Forest: 3 FPS

HDR1 - Canyon Flight: 7 FPS

http://3dmark.com/3dm06/15863976

I think I can get the above 3DMark score with a Tandy 1000

The Desktop experience is better than a standard RDP but I was really hoping we could throw the beefy video cards at the server to get our 3D modeling folks onboard VDI,

My thoughts were this setup would be much better than a standard PC with a $150 GPU but im not feeling it is.  What can we test to make sure everything is running like its suppose to?  Has anyone tried doing a similar setup for AutoCAD/Sketchup? Any help would be greatly appreciated.

I had a fairly basic question around SSL certificates and using a wild card.  RDS was fairly straight forward to setup but SSL certificates are always confusing so I wanted to ensure I set this up correctly.

We have 4 servers (Broker, Gateway, Host and Web) setup for RDS and we would like Single Sign On to work both internally and externally over the WAN. How does authentication work?  Will just a normal SSL certificate work? I readwe need to use a wild card SSL certificate?  Then add the names of each of the internal RDS servers and the external/WAN domain name to the certificate?  Or is the setup different?

Something like this?  Does the $200 dollar one work?

http://www.sslshopper.com/best-ssl-wildcard-certificate.html 

Hello. I have an x64 Windows Server 2008 Terminal Server running Office 2007 Professional. When my users try to send a fax it points them to the Windows Contacts folder and not the Outlook Address Book. Outlook is set to the default for everything in Default Programs. Ths feature works fine on our Vista machines, just not on this server.

Any help would be greatly appreciated.

Aloha all,

I have a Windows Server 2008 R2 Remote Desktop Services server. I am connecting to it from a Windows 7 machine via RDP. We have RDP licenses - per user. I can run my programs just fine - no issues. When I try to print to a redirected printer (via Remote Desktop Easy Print) - event the "Print a Test Page" option in Printer Properties - I see that the file goes to the spooler then immediately gets the status "Deleting". I get no errors in the event viewer. I can't seem to figure out why that is happening. Oh, yeah - GP to "Use Remote Desktop Easy Print printer driver first" is set to "Enable".

I do have some pretty restrictive GPs but I checked to see if any of them would cause this problem and I can't see that there is any.

Mahalo for your help.

A brief explanation of our setup:

RDS Farm with 6 RDS servers (RDS1 - 6) load-balanced via round robin in DNS

2 RD Gateway Servers (RDG1 - 2) load-balanced via round robin in DNS; both of which have the RD Connection Broker service installed and running

Clients connect to rdsfarm.domain.com via rdg.domain.com

I am new to the company as a system administrator and trying to improve the availability of our RDS Farm for our remote users; the vast majority of the company's employees use RDS to gain access to the resources internal to the network.  One of the things I am noticing is that in the RD Session Host Configuration for each of the RDS Farm member servers is that while they are properly setup to join a Farm via the FQDN of rdsfarm.domain.com, they are all pointed to a single RD Connection Broker server (rdg1.domain.com).  I would think that the RD Connection Broker server specification would be similar to the Farm server specification in which you use the FQDN of the Connection Broker farm vice a single connection broker.

I could experiment by changing this setting on a couple of RDS servers, however, being the new guy, I don't want to change something and end up breaking it when this is a critical business resource for the company; I would like to keep my job.  So looking to see if anyone else has experience with a setup similar to ours (load-balanced Gateway/Connection Brokers PLUS load-balanced RDS Server Farm) and what the correct configuration should be for the Connection Broker server in the Session Host Configuration for each of the RDS servers.

I have searched the net high and low and have found plenty of information from Microsoft and other forums on how to setup and configure a load-balanced farm but I have yet to find anything that describes a load-balanced Gateway/Connection Broker setup.

Your help and responses is much appreciated in advance.  Thank you.

Sincerely,

Carey

Hy,

I can create an infrastructure with that.

1 Server WEBTS

--> 1 Server BROKER

-------> 1 Server RDS for One RemoteApp

My RDS is see by broker server and i see all RemoteApp on One WebTS SERVER.

But when i click on a RemoteApp i enter my authentification login/password -> ok but when i click on a second remoteapp i re-enter the authentification information.

How i pool authentification for all the RemoteApp Once?

Thanks for your help,

.Matt

Does anyone know an iPad app that can open RemoteApp on server 2012 (may be present icons in a similar way to the RD Web Access, where a user can pick one from the list) and that definitely works through RD Gateway 2012?

Thank you in advance

Hi all,

could you please tell me how often does remote desktop service in windows server 2008 r2 check with licensing server (local or on internet from Microsoft)?

I know for fact taht it does check to make sure that the license is valid, but for the life of me, I couldn 't remeber how often.

Thank in advance

Mohsen Almassud

Hi everyone,

We have RemoteApps working fine. Unfortunately, it also enables Remote Desktop Connections as well so the user who is supposed to ONLY use the RemoteApp directly from the .rdp file now can have access to full Remote Desktop. Is there a way to disable remote desktop but allow remote apps (.rdp files)?

Thanks

I have a client with 4 XP SP3 thin clients (HP t5740) that act as shipping stations.  They have a scale hooked up to the serial port used to weigh packages.  They RDP to a 2008 r2 server (with all the updates). 

Now, 2 of these thin clients are on the lan, and work just fine.  The other two come across a wan/vpn connection and the only thing that doesnt work is the serial port redirection.

The funny thing is that they (the wan and lan tc's) worked when they connected to a 2003 TS box (which we have not been able to decom. because of this).  All 4 thin clients are identical, have the latest firmware, etc etc.  The connection is a 10mbps down/2mbps up and we're using the same username to test all of them.  The only difference is the wan.

Is there some sort of latency requirement for serial port redirection or anything else causing this, usually in the past with issues like this it either works or it doesn't.  I've not had some working and some not working like this.  Thanks for any help!

Configuration

SBS 2011 Server 

Windows 2008 R2 server with Remote Desktop Services installed, License Manager installed.

WYSE WT3125SE thin clients with Windows CE 5

I setup the Windows 2008 with Remote Desktop Services and was able to successfully connect the Thin client.   Then I installed the License Manger and applied my Open license using User Cals.  Was able to login.  Next day I get the following error-"Because of a security error, the client could not connect to the remote computer.  Verify that you are logged onto the network and then try connecting again"    I still can connect fine from other machines even Windows Home Ed.   I remove license server and still was unable to connect.   Built a second Windows 2008 R2 server with RDS on it.  Was able to connect without issue.   Pointed it to the first RDS server license manager and have still been able to connect with the Thin Client.   The thin client can rdp to the SBS server without issue in admin mode, can connect to RDS2 server but not RDS1 with the license manger.    So my issue is with the license and so my question is what is it with the license server running on that server that is keeping thin client from connecting.  I even did a reload of RDS1 and tested connecting throughout the process and it worked up until I applied the license and then it stops. And then if I uninstall the license, rds, remove from domain still not able to connect.  Any help would be appreciated.

I am using Hyper-V 2012 core as host and WMS2012 as VM. I am unable to take RDP from host to guest. as per my understanding  Hyper-V 2012 Core doesn't come with RDP package, you need to use portableRDP and current portable RDP package doesn't support Hyper-V 2012. I tried to installed RDP  by copying files (mstsc.exe, msacm32.dll, d2d1.dll, mstscax.dll etc) to hyper-V 2012 core and got limited success i.e. able to launch RDP client UI but unable to get connect to VM.

Queries

1. Is there is any Hyper-V 2012 compatible "RDPPortable.exe " released by MS.

2. To get my workaround working what else steps i should do.

Sooooo, what happened to XP SP3 implementing network level authentication into the RDP Client?

I've been waiting for SP3 along with all of my users.  Finally it comes out and no NLA??

Windows Server 2008 remoteapp seems to have a bug where a user will connect in to a "RemoteApp" program, and no matter what they're doing, about ever 10 minutes it appears to lock the session and require them to re-enter their password.  Through tons of research and no answers I finally determined that it must be some sort of bug in the terminal server code that shows itself when NLA is turned off in the server (to accomodate XP SP2 users). 

So now, SP3 comes out, I install it, and turn on NLA on the remoteapp server...only to find out its not implemented in the XP client. 

It's not a screen saver issue, or a session time out, or a domain policy issue, or network layer issue.  The session literally locks (not as in hangs or freezes, but goes to the log in screen) and forces the user to put in their password againevery 10 minutes, and its fine, albeit, VERY annoying when someone's trying to work.

So perhaps someone has experienced this and knows a workaround, or knows how to get XP to support NLA, or at least knows when MS will own up to their original promise, to which i had not heard anything contrary since, that they would implement NLA into SP3.