Solved

RDS users are getting denied connections

Posted on 2013-01-24
8
739 Views
Last Modified: 2013-03-03
I have a set of users that either remote in (via RDP) from outside locations or user thin clients inside of the office. They have a Windows Server 2008 R2 server acting as the DC and RDS server (I know I know, don't get me started on that). There are only a total of 15 users inside and out for this location, and only 12 remote in. When more users try to login, they get the following error:

"another user is connected to the server forcing a disconnect of current users."

There are 12 Windows Server 2012 USER licenses installed. RDS is running in a per user mode, and the licensing role does not report any thing wrong in diagnostics. The license server is published in AD. The license server NSA is a member of the TSLS group in AD.

The one red flag (or yellow exclamation in windows) is that it is not registered as a service connection point in AD. Hitting Register as SCP results in "the Remote Desktop license server could not be registered as a service connection point (SCP) in Active Directory Domain Services (AD DS). Ensure that there is network connectivity between the license server and AD DS." I followed a guide on technet about doing it manually, but everything was already done, so I'm not sure what this error is about and if it's the cause of the problem.

User report shows 10 of the 12 user licenses are used, so the 2 other users we're looking to connect should work fine.

Any ideas where to start with this?
0
Comment
Question by:Casey Weaver
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 31

Expert Comment

by:Henrik Johansson
ID: 38814873
Check the setting for 'Maximum connections' in tsconfig -> RDP-Tcp Properties -> 'Network Adapter'-tab
Ít sounds like the setting is configured to only allow 10 connections at the same time.
0
 
LVL 7

Author Comment

by:Casey Weaver
ID: 38814959
The server is currently set to Unlimited connections. Thanks though!
0
 
LVL 31

Expert Comment

by:Henrik Johansson
ID: 38834862
I'm currently out of ideas for the moment.
I used request attention to get the moderators to call for some others to look on it.
0
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

 
LVL 7

Accepted Solution

by:
Casey Weaver earned 0 total points
ID: 38837050
I just found out this morning that there may be a licensing discrepency on the account. I'm waiting for a call back from their license reseller to find out what they actually purchased.

Thanks so far henjoh09!
0
 
LVL 77

Assisted Solution

by:Rob Williams
Rob Williams earned 500 total points
ID: 38838198
>>""another user is connected to the server forcing a disconnect of current users"
Is that the exact error message or a paraphrase or translation?  It doesn't sound quite familiar.

Also you mention the licensing server shows 10 or 12 USER licenses used.  That sounds odd as in per user mode licenses are not tracked, it is strictly an honor system.  Might they be device CAL's in which case if a user connects from a second device, at any time, another CAL is used and you could easily exceed your limit?
0
 
LVL 15

Expert Comment

by:joharder
ID: 38851489
Are the users that can't access members of the Remote Desktop Users group?
0
 
LVL 7

Author Closing Comment

by:Casey Weaver
ID: 38946859
The issue did turn out to be improper licensing on the server. Robwill, your suggestion was good advice for straightening out the licensing.

-Casey
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question