0 0 I am having issues with domain-joined client computers connecting to a RemoteApp or Remote Desktop session via the internet. I have the feed set up so that the shortcuts appear in a start menu folder. When the client (Win 10 or 8.1) is on our internal network, the shortcuts to RemoteApps and Desktops work immediately without the user being challenged for credentials. However, when connecting from the internet, the user is challenged for credentials. External access is via a Windows Server 2012 R2 machine running the Web Application Proxy role. The RD web interface is published via the web application proxy using pass-though. The gateway, web access and broker roles are all installed on the same Server 2016 Standard box. There are 2 distinct problems when clients try to connect externally: 1) On Win 8.1 the client can enter their credentials and connect. We want them to not be prompted - the user experience should be the same both within the internal network and externally. 2) On Windows 10, the client enters their credentials, which are then rejected - the user cannot access the RemoteApp or desktop externally, the credentials dialogue box simply opens again. I have implemented group policies on the clients to enable caching of credentials and automatic pass through authentication. These policies include: "Allow delegating default credentials" for our terminal servers the"Set RD Gateway authentication method" policy set to "Use locally logged-on credentials". I can't see anything logged on the broker/gateway to indicate why auth is failing on the Win 10 clients, either in the Security logs or the Remote Desktop specific Applications and Services Logs. Is there something I can enable to log and audit this information and help get to the bottom of this? Thanks in advance! Matt Nock 0 0 Hello, We have setup an RDS environment for remote app and remote desktops. For internal addresses, we are bypassing the Gateway. People who need to use the app from home, need to startup a VPN session so that they are connected to the local network. This seems to work but NOT all the time. Sometimes, the Gateway is not bypassed and we get the error that access is not authorized. What could be the reason for this? What would also help is to know how RDS detects if the connection is local or not (some very general info is there on the web like: "the client will check if it can reach the target system" -> How?) Is there some logging available where we can see what goes wrong? Thanks, 0 0 I have configured the RDS role and issues CAL on a user basis on our Windows Server 2008 R2 and it has been running without problem for a little over five (5) years now. So it came as a shock to me when a month ago I got a message about some type of grace period expiring. I ignored because I assumed I was safe. But since then it has become impossible to connect to the system through RDS. This is the message I get when I go to the Remote Licensing Manager>All Servers>"Server Name"> Review Configuration and then I click on "Register as SCP". The ensuing message is : "The remote desktop license server could not be registered as a service connection point (SCP) in Active Directory Domain Services (AD DS). Ensure there is network connectivity between the license server and AD DS". PLEASE HELP 0 0 Hi, I recently installed Windows Server 2019 on our company's server machine (PC A). The purpose is to have multiple users who have Win 10/7 Home/Professional to log on PC A to use software installed on it. The schematic diagram of what I'd like and the current situation can be seen below. However, I could not set the RD licensing manager (after activation succeeded) to issue the licenses. Here are what I have done: I purchased the RD CALs (5 per device CALs) and installed the manager on PC A. See below for the running status. I did some search online but the answers vary themselves. I realized that the first problem is that, I could not find the RD Session Host Role in the Server Manager->"Add roles and features", as many were advising installing from many blogs I found, see below Many people's screenshot is different than mine. So I tried to do the "Remote Desktop Services Installation", which gives me these errors (one if I do quick, one if I do standard installation): That's where I feel confused. I searched again and realized that my configuration is a "Workgroup" mode, not the "domain" mode, and I don't know how to convert this standalone-server PC A to a domain host. Any advice will be appreciated! 0 0 Hello I have : 3 x physical Server 2016 as hyper V host Last week I create a new user and he can't get his new UPD working. When I choose my VM template (Wich work well since long time) I get the error : could not retrieve the virtual desktop template details for MasterW10cI enable log, and searcg with Dbgview : Composant RdmsUI : Exception occurred in IsMasterVMPrerequisiteSatisfied for VM MasterW10c, VMHost CLOUD2.cxxat.com. Exception details: System.IO.FileNotFoundException: à System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo) à System.Management.ManagementObject.InvokeMethod(String methodName, ManagementBaseObject inParameters, InvokeMethodOptions options) à Microsoft.RemoteDesktopServices.Common.TsVm.QueryOfflineInformation(String& Build, String& CurrentVersion, String& EditionId, Boolean& fIsRdvIcInstalled, Boolean& fIsVmbusCapable, String& InstallationType, Int32& ProcArch, String& SysPrepImageState, String& SysPrepMode)à Microsoft.RemoteDesktopServices.RDManagement.Model.ExternalApiProvider.GetOfflineVmInformation(String vmName, String hostName) à Microsoft.RemoteDesktopServices.RDManagement.ViewModel.Collections.MasterVirtualMachineViewModel.IsMasterVMPrerequisiteSatisfied(VMDescriptor masterVM)I can't post processmon sreenshot because my account is not verified but search "could not retrieve the virtual desktop template details for" on G00GLE and i post it on first spiceworks result I try to deploy from any of my 3 Host -> same problem I don't know when this problem appear (I found it when i add a new user. One of our last change is installation of Acronis Backup to backup some VM/shared drive. I uninstall Acronis from all our machine and nothing change. I do some Windows Update. Thanks 0 0 If I put the IP address in of the Remote Session Host server (there is only one) it works.It connects through the gateway and then connects and authenticates successfully to the server. Also if I connect to another internal PC remotely on the network through the rd gateway using DNS name it also works fine. Finally if I connect from outside the office network using hot spot it will resolve both the remote session host and remote PC by DNS name. If I switch it back to the LAN it reverts to orignal behavior. I have seen this at multiple places. There must be a different way it is connecting on one network than on the other network that causes this odd behavior. Also Remote apps through RD Web will not open after successfully authenticating through gateway ut will work outside of network. 0 0 Hello, We were doing some experimenting with the latest RD Client for an iOS device and accessing a 2016 RDS Host. What we noticed is that while we had the "Always prompt for password upon connection" enabled on the RDS host and if the correct password was cached in the RD Client on an iOS device, the server responded as expected with the "The server's authentication policy does not allow connection requests using saved credentials" Is this the expected behavior or is this a bug? It seems kinda of pointless if the bad password is cached and yet it allows the badpwdcount to increment. Kinda a DoS attack vector. 0 0 Hello, We run Windows server 2016 on our host machines, and we connect to our hosts through an remote desktop gateway, we have run into an issue where users who remote in through the gateway are getting disconnected for about 5-10 seconds and then their session is restored. This happens about once every 30-60 minutes. Event viewer is throwing the following errors Disconnect trace:CUMRDPConnection Disconnect trace:'calling spGfxPlugin->PreDisconnect()' in CUMRDPConnection::PreDisconnect at 4726 err=[0xc], Error code:0xC 'Failed GetConnectionProperty' in CUMRDPConnection::QueryProperty at 3015 err=[0x80004001] I get flooded with these events about 100 times a minute, (not each event, just a collection of related events in one minute). I'm looking for a way to disable remotefx so the host will not allow the client computers to use remotefx anymore. I tried a few things such as HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations The DWORD above is not on any of my host machines, I was concidering adding it and setting the value to zero, but I'm not sure if this will do the job. I also tried to disable this in group policy,by disabling everything remoteFX related other than the remotefx entry related to compression algorithms. Has anyone delt with this before? I would greatly appreciate any guidance. 0 0 I hope someone can help with this issue as Microsoft support will not assist me with licensing questions and issues unless we pay for support, even though the CALS have been purchased which is madness. We have two RDS 2016 Servers in a workgroup environment so had to use per device CALS. Server1 (WORKGROUP) RD Session Host Licensing Server Installed and Activated (10 Device CALS installed) Server 2 (WORKGROUP) RD Session Host Connects to Server1 licensing server 1. When an Administrator logs in to administer the server they're assigned a device CAL. I was under the assumption that two concurrent Administrators can logon to a server without using any CALS, so why are they being assigned? 2. The next issue is that two of the administrator users are being assigned 2 device CALS for a single computer, when I run the license server report they're appearing as the same computer name but with different hardware ID so now two administrator users who are administering the server have used up 4 licenses. |
