Solved

Unable to install Remote Desktop Session Host on Server 2012

Posted on 2013-06-25
16
7,142 Views
Last Modified: 2013-09-27
We have the same problem on two otherwise totally unrelated servers.  After choosing to add roles and features, then selecting Remote Desktop Session Host (it's the same if you choose a role-based installation and select the option manually, or the Remote Desktop Services installation option) the server does the first part as expected then asks for a reboot.  Here's what happens next:

1. "Configuring Windows features" (as expected), plus automatic reboot.
2. "Configuring Windows updates"
3. "Failure configuring Windows updates, reverting changes", reboot.
4. "Failure configuring Windows updates, reverting changes", reboot.
5. "Failure configuring Windows updates, reverting changes", reboot.

Then you finally get back to being able to log on, at which point you're back where you started with no Remote Desktop Session Host.

I was able to install Remote Desktop Licensing fine on each server, but only by itself (normally you just tick both and install at the same time, right?).

Both servers are running Server 2012 standard, they're on different domains, one is physical (HP Proliant ML310e Gen8), the other virtual (running in Amazon Web Services).

My guess is that if I hadn't installed any Windows updates before attempting to add Remote Desktop services, it wouldn't be a problem.  The only other configuration I've done is to install AV (only on one of the servers though), configure the keyboard and regional settings to UK English, and join the relevant domain.

Relevant application log entries I can find are pasted in below.  These three events appear during each of the "reverting changes" reboots.  How can I get Remote Desktop Session Host successfully installed?  Thanks in advance for any advice.

Source: Winlogon
Event ID: 6004
The winlogon notification subscriber <TrustedInstaller> failed a critical notification event.

Source: Windows Error Reporting
Event ID: 1001
Fault bucket , type 0
Event Name: WindowsWcpOtherFailure3
Response: Not available
Cab Id: 0

Problem signature:
P1: 6.2.9200
P2: componentstore\com\advancedinstallers.cpp
P3: LoadHandlerDll
P4: 177
P5: 8007007e
P6: 0x39c6e321
P7:
P8:
P9:
P10:

Attached files:
C:\Windows\Logs\CBS\CBS.log
C:\Windows\Logs\CBS\CbsPersist_20130625114434.log
C:\Windows\Logs\CBS\CbsPersist_20130624175057.log
C:\Windows\Logs\CBS\CbsPersist_20130624161337.log
C:\Windows\Logs\CBS\CbsPersist_20130624160145.log
C:\Windows\Logs\CBS\CbsPersist_20130621162819.log
C:\Windows\servicing\Sessions\Sessions.xml
C:\Windows\WinSxS\pending.xml
C:\Windows\WinSxS\poqexec.log
C:\Windows\System32\LogFiles\Scm\SCM.EVM
C:\Windows\Logs\CBS\FilterList.log
These files may be available here:
Analysis symbol:
Rechecking for solution: 0
Report ID: 44af7062-dd8d-11e2-944c-0e3288e13d8d
Report Status: 262144
Hashed bucket:

Source: Windows Error Reporting
Event ID: 1001
Fault bucket , type 0
Event Name: WindowsWcpOtherFailure3
Response: Not available
Cab Id: 0

Problem signature:
P1: 6.2.9200
P2: componentstore\com\advancedinstallers.cpp
P3: LoadHandlerDll
P4: 177
P5: 8007007e
P6: 0x39c6e321
P7:
P8:
P9:
P10:

Attached files:

These files may be available here:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Critical_6.2.9200_567334a349b518f8bb4abacbfc8d448c2be7e84_0a14445f

Analysis symbol:
Rechecking for solution: 0
Report ID: 44af7062-dd8d-11e2-944c-0e3288e13d8d
Report Status: 4
Hashed bucket:
0
Comment
Question by:David Haycox
  • 9
  • 4
  • 2
16 Comments
 
LVL 3

Expert Comment

by:dheiert
ID: 39274506
Actually sounds like some kind of authentication issue.  Have you tried as local admin?
0
 
LVL 1

Author Comment

by:David Haycox
ID: 39274568
Was using domain admin account, trying as local admin now....  

Alas, same problem again.  Thanks anyway.  Any other ideas?
0
 
LVL 3

Expert Comment

by:dheiert
ID: 39274578
Sounds like it is something MS frowns upon, but this looks like an answer:
I have found a simple solution to this issue that I also believe to have no security implications for AD. If anyone thinks this is not the case, please tell.
The problem is that Network Service does not have access rights to WID. So why don't we give it those rights?
Do the following:

1) Connect to \\.\pipe\MICROSOFT##WID\tsql\query using SQL Management Studio.
2) Under Security\Logins, add a new login.
    On the General page:
    Login name: NT AUTHORITY\NETWORK SERVICE
    Default database: RDCms
    On the User Mapping page:
    Check RDCms, select the entry and check db_owner.
   
That's it. All services should start fine now.
Update:
After this step, create a new login for NT AUTHORITY\SYSTEM. You will see a message that the login already exists, however it will add NT AUTHORITY\SYSTEM to the list of users. Following a reboot of the machine, everything will work as expected.
If you omit this last step, you will run into said "Object reference is not set to an instance of an object" error. ResolutoR and I could both verify that these steps make a setup of RD Connection Broker on a Domain Controller possible.
WARNING: Please be aware that the setup of a DC and RDCB on one server is entirely unsupported. The above steps can make it work in some extend, but that's it. Also be aware that RD Gateway won't work this way.

YOU SHOULD NEVER RUN THIS ON A PRODUCTION SERVER.
USE THIS FOR EVALUATION PURPOSES ONLY.
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 
LVL 1

Author Comment

by:David Haycox
ID: 39274689
Thanks for that. I may snapshot the machine and give it a try, but as you suggest it's not a good idea on a production server.  I think I'll be giving Microsoft a call...
0
 
LVL 3

Expert Comment

by:dheiert
ID: 39274694
Well, I agree with the posters on that board.  MS is claiming to centralize computing and then says not to do RDP??  WTF?
0
 
LVL 1

Accepted Solution

by:
David Haycox earned 0 total points
ID: 39281179
Just spoke to Microsoft, seems like it's a known issue is caused by KB2821895.  Once installed it can't be removed (currently - they're working on a fix for this) and RD Session Host (and possibly other RD features) cannot be added or removed.

If you have added the RD features before installing the update, there's no problem (unless you want to remove them).

The solution is one of the following:
1. Roll back by any available method to before the update was installed, then add the features.
2. Perform a clean installation of Server 2012 and add the features before updating.
3. Wait for Microsoft to release a fix.

Annoying, but at least I now know I'm not going mad!
0
 
LVL 3

Expert Comment

by:dheiert
ID: 39281218
That's just f'in ridiculous!
0
 
LVL 1

Author Comment

by:David Haycox
ID: 39281294
Yes, you would have hoped the update had been tested before release.  Still, they gave me a straight answer, apologised, didn't charge me for the support request, and promised to inform me when the fix is available.
0
 
LVL 1

Author Comment

by:David Haycox
ID: 39288236
I've requested that this question be closed as follows:

Accepted answer: 0 points for DavidOHaycox's comment #a39281179

for the following reason:

Answered own question.
0
 

Expert Comment

by:PatrickNance
ID: 39288237
I have the same issue on a production server.  I would prefer this not be closed until there is a solution either a workaround that is reasonable for a production server or notification here that Microsoft released a fix.
0
 
LVL 1

Author Comment

by:David Haycox
ID: 39289675
Fair enough - it will serve as a reminder to me to post a link to the fix, when it comes.
0
 
LVL 1

Author Closing Comment

by:David Haycox
ID: 39305057
Answered own question.  Moderator suggests question should be closed.
0
 

Expert Comment

by:PatrickNance
ID: 39318914
0
 
LVL 1

Author Comment

by:David Haycox
ID: 39414287
Microsoft sent me a tested (but not yet public update) which appears to have fixed the problem (Windows8-RT-KB2821895-v2-x64.msu).

I can post it if anyone would like, but of course it's at your own risk; I would advise obtaining it from Microsoft directly just to be certain, and they will be publishing it soon I would imagine.
0
 
LVL 1

Author Comment

by:David Haycox
ID: 39527233
Just had notification from Microsoft that they now have a publicly available version of this:

http://support.microsoft.com/kb/2871777/EN-US
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Recently, I was assigned the task of performing a hardware refresh in the datacenter. The previous Windows 2008 systems were connected to the SAN via fiber channel HBA’s and among other thing, had PowerPath installed in order to provide sufficient f…
This article will review the basic installation and configuration for Windows Software Update Services (WSUS) in a Windows 2012 R2 environment.  WSUS is a Microsoft tool that allows administrators to manage and control updates to be approved and ins…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring basic necessities in order to use the 2010 version of Data Protection Manager. These include storage, agents, and protection jobs. Launch Data Protection Manager from the deskt…

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question