You cannot shadow a session with multiple monitors enabled in Windows Server 2008 R2

April 19, 2012, 7:27 am

≫ Next: Remote control not working in Terminal Services

≪ Previous: How can I direct my Terminal Server users to print to a second dedicated Windows2003 Print Server.

$

0

0

Searching through the forums (and according to KB2484290) it appears that there is no solution to this problem.  We are rolling out thin clients that are using dual monitors exclusively and we were very surprised to find out that we couldn't shadow sessions with dual monitors (which to us means that we can't shadow ANY sessions).  This now completely changes our approach to managing these devices. 

We are running Windows Server 2008 R2 SP1 with Remote Desktop Services installed.  The thin clients are running Windows Embedded Standard 7 with the latest updates / RDP client. All steps have been followed to ensure that the apropriate settings and permissions have been set up to allow access into the session.  We tested by unchecking the RDP setting “use all my monitors for the remote session”, with that setting disabled shadowing worked

Questions:

1. KB2484290 is from Dec 2010 - It's now April 2012, is there a workaround / hotfix for this issue that will allow us to shadow sessions using the native Microsoft tools?

2. Are there any recommended alternatives (software)?  Free/Paid - doesn't matter we just need something that will work.  I'm sure there are a few options out there but I am looking for suggestions for what people have used in the past that worked best for them to help us narrow down the choices.

---

Remote control not working in Terminal Services

October 19, 2012, 10:48 am

≫ Next: RDC for MAC cannot connect to TS server with error message "You were disconnected from the Windows-based computer because of problems during the licensing protocol".

≪ Previous: You cannot shadow a session with multiple monitors enabled in Windows Server 2008 R2

$

0

0

Hi,

I have a Windows 2008 R2 Terminal Services server that once i could do a remote control of a user's session and see their desktop. For some reason when I try to right click a user and choose "Remote Control" in Terminal Services Manager, the screen goes completely black for a few minutes and eventually gives me a message that says "Access Denied"

There has been no changes made to the server other than monthly patches. Has anybody come across this or does anybody know how to correct this problem?

Thanks,

MC

RDC for MAC cannot connect to TS server with error message "You were disconnected from the Windows-based computer because of problems during the licensing protocol".

November 9, 2011, 2:53 pm

≫ Next: RemoteApp on Start Menu & GPO

≪ Previous: Remote control not working in Terminal Services

$

0

0

the mac clients are running RDC for mac version 2.1 and they cannot connect to Windows 2008 R2 TS server. They get the error "You were disconnected from the Windows-based computer because of problems during the licensing protocol".

really appreciated if someone have a fix for this.

 

thanks,

/dan

 

RemoteApp on Start Menu & GPO

October 19, 2012, 10:22 am

≫ Next: No Remote Desktop License Server is available?

≪ Previous: RDC for MAC cannot connect to TS server with error message "You were disconnected from the Windows-based computer because of problems during the licensing protocol".

$

0

0

Hi,

I found a few article but none that really answers my question if there's a GPO setting to automatically deliver the Connection URL for the users. Found nothing in the Deploying RemoteApp Programs to the Start Menu by Using RemoteApp and Desktop Connection Step-by-Step Guide.doc either.

The setting I'm talking about is in the image below.

Thoughts?

No Remote Desktop License Server is available?

October 19, 2012, 1:24 pm

≫ Next: RDS Can´t create New Certificate

≪ Previous: RemoteApp on Start Menu & GPO

$

0

0

Non-admin users are getting this error:  http://i.imgur.com/t8j2b.jpg when they log into a 2008 R2 Terminal Server. Remote Desktop Services will top working in 82 days etc.

A RDS Licensing Server is setup on the network with 38 RDS User CALs and has been activated.

On the Terminal Server, under Remote Desktop Session Host Configuration, the licensing server and mode are specified.  Under Licensing Diagnosis, it sees the 38 User CALs, the license server and says "no problems to report"

Any ideas?

RDS Can´t create New Certificate

October 19, 2012, 1:42 pm

≫ Next: WinSvr 2012 Hyper-V VDI Error: Remote Desktop Virtualization Host failed to set zeroconfig information from the virtual machine

≪ Previous: No Remote Desktop License Server is available?

$

0

0

Any help will be highly appreciated since this RDS 2012 it´s driving me mad. RDS 2008 was so nice and solid.

1) Server Manager -> RDS -> Overview -> Edit Deployment properties -> Certificates -> Create new certificate

2) Cannot end the creation process coming with an error saying the file does not exist as if it was trying load an existing one (nice bug)

3) Precise error is Event ID 20480 - Property Page: Manage certificates update failed. Could not find the file "c:\certificate.px"

4) I was able to create it once, but I made a typo in the name, so second it does not allow me too

Thanks in advance.

WinSvr 2012 Hyper-V VDI Error: Remote Desktop Virtualization Host failed to set zeroconfig information from the virtual machine

October 19, 2012, 2:08 pm

≫ Next: Configure dedicated redirectors

≪ Previous: RDS Can´t create New Certificate

$

0

0

I'm trying to setup a proof-of-concept using a lab implementation of the new Windows Server 2012 VDI capabilities. At this point, I believe I've got everything configured properly, and now I'm trying to create a Personalized VDI collection with only a single, existing Windows 8 VM. The VM was setup directly with Hyper-V and works fine when connecting to it directly. Then I shut it down, and add it to my new collection and assign it to myself.

When I access RdWeb, I can see the collection available, and when I click on it to initiate the RDP connection, it gets stuck at "Loading the virtual machine..." status.

When I view the events in Server Manager, I can see a warning that says "Remote Desktop Virtualization Host failed to set zeroconfig information from the virtual machine [MYSERVERNAME]". In the Virtual Desktops area of my collection, I can now see that the VM has spun up to the "Running" state, but any connection attempt through RdWeb results in the same thing - stuck at "Loading the virtual machine...".

Any idea what the error message regarding zeroconfig (no space in error message) might mean?

Thanks in advance!

---

Chris

Configure dedicated redirectors

April 21, 2010, 4:30 am

≫ Next: windows 2008 r2, Servicios de escritorio remoto; no se registra el servidor de licencias de escritorio remoto como punto de conexión de servicio SCP

≪ Previous: WinSvr 2012 Hyper-V VDI Error: Remote Desktop Virtualization Host failed to set zeroconfig information from the virtual machine

$

0

0

I want follow the instructions to setup dedicated redirectors, but I don't understand step 2.  When I deny logons to a terminal server in a loadbalanced farm , i would expect to get an error message like "No login is possible". 

Configure dedicated redirectors (optional)

When you register the IP address of each terminal server in the farm to a single terminal server farm name in DNS, incoming Terminal Services clients will try to connect to the first IP address for the farm name that is returned by DNS. The terminal server that receives this initial connection request acts as the redirector.

To increase session redirection performance in a large terminal server farm, you can configure terminal servers to be dedicated redirectors. These servers will process incoming requests, but will not accept user sessions. To configure dedicated redirectors, you must do the following:

1.   Create DNS round robin entries for the terminal servers that you want to use as dedicated redirectors. When you do so, you must map the IP address of each terminal server that you are using as a dedicated redirector to the terminal server farm name in DNS. (The farm name is the virtual name that clients will use to connect to the terminal server farm.) The farm name must not match an existing server name in AD DS.

2.   Configure the servers to deny new user logons. For more information about how to deny new user logons, see Deny logons to a terminal server in a load-balanced farm.

Because these dedicated redirectors have no user sessions, they do not require roaming profiles or any installed programs. This enables a faster logon experience, and makes the server easier to manage and more reliable.

The following diagram provides a more detailed representation of the traffic flow. In the diagrammed scenario, two terminal servers are deployed as dedicated redirectors. (In a large terminal server farm, you may want to have more than two dedicated redirectors.) The terminal servers will redirect initial connection requests, but will not host any sessions (that is, they are configured to deny new user logons). Only the two redirectors have host resource records in DNS that map to the terminal server farm name. All terminal servers in the farm (including the redirectors) are configured to use the same farm in TS Session Broker (in the Terminal Services Configuration settings).

Configure dedicated redirectors (optional)

When you register the IP address of each terminal server in the farm to a single terminal server farm name in DNS, incoming Terminal Services clients will try to connect to the first IP address for the farm name that is returned by DNS. The terminal server that receives this initial connection request acts as the redirector.

To increase session redirection performance in a large terminal server farm, you can configure terminal servers to be dedicated redirectors. These servers will process incoming requests, but will not accept user sessions. To configure dedicated redirectors, you must do the following:

1.   Create DNS round robin entries for the terminal servers that you want to use as dedicated redirectors. When you do so, you must map the IP address of each terminal server that you are using as a dedicated redirector to the terminal server farm name in DNS. (The farm name is the virtual name that clients will use to connect to the terminal server farm.) The farm name must not match an existing server name in AD DS.

2.   Configure the servers to deny new user logons. For more information about how to deny new user logons, see Deny logons to a terminal server in a load-balanced farm.

Because these dedicated redirectors have no user sessions, they do not require roaming profiles or any installed programs. This enables a faster logon experience, and makes the server easier to manage and more reliable.

The following diagram provides a more detailed representation of the traffic flow. In the diagrammed scenario, two terminal servers are deployed as dedicated redirectors. (In a large terminal server farm, you may want to have more than two dedicated redirectors.) The terminal servers will redirect initial connection requests, but will not host any sessions (that is, they are configured to deny new user logons). Only the two redirectors have host resource records in DNS that map to the terminal server farm name. All terminal servers in the farm (including the redirectors) are configured to use the same farm in TS Session Broker (in the Terminal Services Configuration settings).

---

windows 2008 r2, Servicios de escritorio remoto; no se registra el servidor de licencias de escritorio remoto como punto de conexión de servicio SCP

October 19, 2012, 4:50 pm

≫ Next: Using a Custom Credential Provider with Remote Desktop NLA enabled.

≪ Previous: Configure dedicated redirectors

$

0

0

Estimados

tengo windows server 2008 r2 standar,  + licencias de escritorio remoto, el problema pasa  no registra el servidor de  licencias de  escritorio remoto como punto de conexión de servicio SCP

lo extraño, es  que  se  adquirieron 2  servidores  con windows server    + licencias de escritorio remoto, pero solo  1  dio problemas, el otro  funciono bien a la primera,  revise la configuración pero hasta ahora no he encontrado diferencias,  espero me puedan ayudar, gracias

el primero mensaje  dice:

este servidor de licencias no esta registrado como punto de  conexión de  servicio (SCP) en los servicios de dominio  de active directory. el servidor de licencias no aparecerá en la  lista de  servidores de licencias conocidos de la herramienta configuración del servidor host de  sesión de  escritorio remoto

al presionar  el botón registrar como SCP; arroja el siguiente mensaje

no se pudo registrar el servidor de licencias de  escritorio remoto como punto de  conexión de servicio (SCP) en los servicios de dominio de active directory (AD DS). compruebe que existe conectividad de  red entre el servidor de licencias  y AD DS

el mensaje  al tratar  de entrar  con un usuario  de escritorio remoto convencional sin privilegios de administrador, pero si con usuarios de escritorio remoto, arroja el siguiente mensaje:

Para iniciar sesión en este equipo remoto, debe contar con el derecho de permitir inicio de sesión a través de Terminal Services. Los miembros del grupo de administradores tienen este derecho de manera predeterminada. Si no es miembro del grupo administradores  o de algún otro grupo que tenga derecho, o si el grupo administradores no lo tiene, se le deberá conceder de manera manual.

espero vuestra respuesta, gracias

Cristian P.

Using a Custom Credential Provider with Remote Desktop NLA enabled.

October 14, 2012, 7:28 pm

≫ Next: Folder Redirection

≪ Previous: windows 2008 r2, Servicios de escritorio remoto; no se registra el servidor de licencias de escritorio remoto como punto de conexión de servicio SCP

$

0

0

I have written my own Credential Provider and Credential Provider Filter to be used on a Windows Server 2008 R2 server.  My Credential Provider firstly authenticate the user against an AAA directory server, and if authorised creates or updates the user’s account on the Windows server for new and existing users respectively.

A problem occurs when using Remote Desktop for new users.  In version 6.1 of RDP, Windows uses by default Network Level Authentication (NLA) to firstly authenticate the user, however because for new users the user doesn’t exist on the Windows server (until my CP creates it) it fails before establishing a remote desktop connection.

I am working in a relatively secure environment so I don’t foresee any heighten security risks in disabling NLA.  Alternatively, if I leave NLA enabled, is there any support by Windows to wrap, customise, or replace the Windows CredSSP assuming it is this DLL which provided the NLA support on the server side?  Also, on the client side is there any way to off load the NLA authentication to another server – example to my AAA directory server?  I assume the latter option would mean installing software on each client that needs to connect to the Windows server which I would like to avoid if at all possible.

Ross

---

Ross Clemens

Folder Redirection

October 19, 2012, 2:45 pm

≫ Next: Windows Server 2012 Session based VDI - Publish desktops (VMs) as session VDI

≪ Previous: Using a Custom Credential Provider with Remote Desktop NLA enabled.

$

0

0

System is 2008r2 Terminal Server, with a 2008r2 file server, and an Active Directory. All servers are hosted with VMWare
All systems are up todate with patches

Strange thing is we have another 2008r2 Terminal Server in the same environment and it works just fine. Different users, and separate GPO.
I have cut and pasted the GPO from the good to the BAD and still no luck. I have tried a zillion other things posted on the web to fix this issue and have come to my end.

I changed the GPO to not "Grant user exclusive rights" to all redirected folders. I have deleted and all profiles on the File Server and locally on the TS many times
Nothing seem to work. There are hundreds of posts out there and no one has solved this riddle yet

HELP Mr. Microsoft... I am fried, 28 years of dedication to this craft and I still feel like don't know a thing.

I get this messge from all redirected folders processes

INFO FROM THE EVENT LOG OF THE TERMINAL SERVER

Failed to apply policy and redirect folder "Start Menu" to "\\server\hidden$\users\username\Start Menu".

Redirection options=0x1001.

The following error occurred: "Failed to copy files from "\\server\hidden$\profile\username\AppData\Roaming\Microsoft\Windows\Start Menu" to "\\server\hidden$\profile\username\Start Menu"".

Error details: "Cannot create a file when that file already exists."

Windows Server 2012 Session based VDI - Publish desktops (VMs) as session VDI

October 16, 2012, 9:49 am

≫ Next: RemoteFX tested graphics cards for Hyper-V Server 2012?

≪ Previous: Folder Redirection

$

0

0

Hi,

I have setup where I want to publish VMs as part of windows server 2012 Session based VDI.

I have installed windows server 2012 Remote desktop services using standard deployment session based.

I have added my hyper-v host as RD session host so that I can publish the VMs running on it as virtual desktop. Unfortunately I am not getting the list of VMs when I pull the list (image attached) of applications available for publishing from RD session host (Hyper-v host in this case). I remember in Windows 2008 R2 we had a list of VMs. available as soon as hyper-v host is added as RD virtualization host. Do we have any separate method of publishing VMs as VDI in session based VDI in windows server 2012? or we can just publish RemoteApp in session based deployment?

I have another screen shot attached which I need clarity on. It says desktop will be unpublished if we publish Remote Apps....(pl.s see the attached screen shot).Can anyone tell me if we can just host either RemoteApp or Remote Desktop and not both at the same time?

Regards,

RemoteFX tested graphics cards for Hyper-V Server 2012?

October 20, 2012, 12:42 pm

≫ Next: How to set up remote desktop licensing mode in windows server 2012

≪ Previous: Windows Server 2012 Session based VDI - Publish desktops (VMs) as session VDI

$

0

0

Related questions have appeared on this forum before, but the information I'm seeking probably has updated answers.

Which graphics cards were tested with RemoteFX in Server 2012?

Which graphics cards have simple driver packages that will install in the Server Core or Hyper-V Server 2012 SKU?

And finally, which of these sets belong to a graphics vendor that claims to support this scenario?

If at all possible, it would be helpful to cite specific models and brands. 

Thanks!

How to set up remote desktop licensing mode in windows server 2012

September 5, 2012, 5:18 am

≫ Next: Publish Remote Desktop Session

≪ Previous: RemoteFX tested graphics cards for Hyper-V Server 2012?

$

0

0

Hi,

I've deployed yesterday a windows 2012 server (RTM) and set up the license server for my 10-CAL licenses. That's ok.

But I can not see a way to point my server to see the license server. Every time I log in, I receive a message that the RD services will expire in 119 days.

Using the diagnosis tool it says that licensing mode isn't set up.

Where I can find the tool to set up this licensing mode? In windows server 2008 this question was asked in the setup wizadr.

Thanks a lot!

Ricardo Almeida

Publish Remote Desktop Session

October 20, 2012, 9:20 pm

≫ Next: Android RDS application can't authenticate

≪ Previous: How to set up remote desktop licensing mode in windows server 2012

$

0

0

Hello,

Sorry for the stupid question.   I have just installed Remote Desktop Services in Server 2012 and I can't find the check box to publish the remote desktop session servers to web app page.

I could use the connect to remote computer tab, but I liked how in 2008 R2 it was there in the remote apps section.

Thank you

---

Walter

---

Android RDS application can't authenticate

October 20, 2012, 4:50 pm

≫ Next: remote desktop

≪ Previous: Publish Remote Desktop Session

$

0

0

Hi Everyone,

I have used multiple RDP programs from Android app market but they all fail to connect to my server and are asking to re-enter my password. Could this be a CredSSP issue? or something else? Has anyone ever got any of the android apps to use either of RemoteApps or RDS?

I am assuming RemoteApp would be totally impossible because there is no ActiveX on Android and it's a must. Am I right with that assumption?

Thanks

remote desktop

October 9, 2012, 2:38 am

≫ Next: How to accelerate print spooling terminal server

≪ Previous: Android RDS application can't authenticate

$

0

0

how many users without admin rights can concurrently connect to windows 2008 R2 remotely ?

what should be the minimum configuration of the server ?

How to accelerate print spooling terminal server

October 10, 2012, 12:41 pm

≫ Next: Help with Certificates and SSO

≪ Previous: remote desktop

$

0

0

Hello. I am looking for a way to increase the performance of spooled documents in our 2008 R2 RDP environment. When printing word documents or PDF documents, the spooling of these jobs to the redirected printer seem to take longer than when printed on a local workstation. I understand that the document is spooled to a folder on the server and then sent to the redirected printer, so it will not be as fast as spooling on a workstation disk and then to a local printer. The actual spooling takes longer in the RDP environment. I saw suggestions of using a RAMdisk to help speed up the spooling, but wanted to see if that was a good option. On a similar note, when one of our end users spools a large multipage pdf document (ends up being 180 MB when spooled to the printer) the printer will print a few pages and then stop, and then after 5 seconds will print a few more and repeat the process. I assume that the printer has to wait for the data from the RDP server and is thus delayed while waiting for more information. This workstation is on the same LAN as the RDP server so I would not figure this to be an issue. Please advise. Thanks in advance for your knowledge and contribution.

Help with Certificates and SSO

October 12, 2012, 10:00 am

≫ Next: Configure Connection Broker to use Round Robin

≪ Previous: How to accelerate print spooling terminal server

$

0

0

Yes I have searched the forums on this topic but I am still confused. Here's my environment:

2x Windows 2008 SP2 session host servers

1x Windows 2008 R2 SP1 Session broker

The Farm is accessible to employees only (domain joined and disjoined computers) using the internal DNS name of TSFARM1.company.pri External employees (sales) access the farm via a VPN. The purpose is to allow users to have a full function desktop, so this is not for RemoteApp etc.

My users receive security warnings about the session broker server then again about the session host server when launching the RDP client. I would like to eliminate this. I also would like to have SSO enable to help speed the process and reduce the amount of log ins.

My questions are:

1. How do I request a CSR for my internal domain (which server is this generated from)? This way I can use it on multiple servers. I contacted Comodo and they said they can not issue a cert for the "*.company.pri" domain. On the forums I see many examples of this but they are usually for .com domains.

2. How do I then apply this to SSO. Just to have my expectation set. SSO means that I can create a rdp file that connects to the farm and not provide credentials on the rdp file. This will pass the logged in credentials of the computer to the farm correct? How will this behave with my non domain joined computers?

Thanks,

TKE402

Configure Connection Broker to use Round Robin

October 16, 2012, 8:32 am

≫ Next: Terminal Services program not working in windows XP, windows vista or windows 7 (Tsuserex.dll)

≪ Previous: Help with Certificates and SSO

$

0

0

We have an issue at the moment whereby a single server in the farm will get itself into a state where it wont complete logons (we are investigating this seperatly).  Because the failed server stops logging on new users it quickly becomes the least loaded server in the farm and soon all new server requests are sent to the failed server (called black hole from my Citrix days).

At the moment we have to put the failed server in drain mode - but this is not before lost of users have been impacted.

My question is if you can configure the connection broker to round robin connections rather than based on load?  this would prevent all new user connectsion being passed to the failed server...

Regards