Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 7764
  • Last Modified:

Unable to install Remote Desktop Session Host on Server 2012

We have the same problem on two otherwise totally unrelated servers.  After choosing to add roles and features, then selecting Remote Desktop Session Host (it's the same if you choose a role-based installation and select the option manually, or the Remote Desktop Services installation option) the server does the first part as expected then asks for a reboot.  Here's what happens next:

1. "Configuring Windows features" (as expected), plus automatic reboot.
2. "Configuring Windows updates"
3. "Failure configuring Windows updates, reverting changes", reboot.
4. "Failure configuring Windows updates, reverting changes", reboot.
5. "Failure configuring Windows updates, reverting changes", reboot.

Then you finally get back to being able to log on, at which point you're back where you started with no Remote Desktop Session Host.

I was able to install Remote Desktop Licensing fine on each server, but only by itself (normally you just tick both and install at the same time, right?).

Both servers are running Server 2012 standard, they're on different domains, one is physical (HP Proliant ML310e Gen8), the other virtual (running in Amazon Web Services).

My guess is that if I hadn't installed any Windows updates before attempting to add Remote Desktop services, it wouldn't be a problem.  The only other configuration I've done is to install AV (only on one of the servers though), configure the keyboard and regional settings to UK English, and join the relevant domain.

Relevant application log entries I can find are pasted in below.  These three events appear during each of the "reverting changes" reboots.  How can I get Remote Desktop Session Host successfully installed?  Thanks in advance for any advice.

Source: Winlogon
Event ID: 6004
The winlogon notification subscriber <TrustedInstaller> failed a critical notification event.

Source: Windows Error Reporting
Event ID: 1001
Fault bucket , type 0
Event Name: WindowsWcpOtherFailure3
Response: Not available
Cab Id: 0

Problem signature:
P1: 6.2.9200
P2: componentstore\com\advancedinstallers.cpp
P3: LoadHandlerDll
P4: 177
P5: 8007007e
P6: 0x39c6e321
P7:
P8:
P9:
P10:

Attached files:
C:\Windows\Logs\CBS\CBS.log
C:\Windows\Logs\CBS\CbsPersist_20130625114434.log
C:\Windows\Logs\CBS\CbsPersist_20130624175057.log
C:\Windows\Logs\CBS\CbsPersist_20130624161337.log
C:\Windows\Logs\CBS\CbsPersist_20130624160145.log
C:\Windows\Logs\CBS\CbsPersist_20130621162819.log
C:\Windows\servicing\Sessions\Sessions.xml
C:\Windows\WinSxS\pending.xml
C:\Windows\WinSxS\poqexec.log
C:\Windows\System32\LogFiles\Scm\SCM.EVM
C:\Windows\Logs\CBS\FilterList.log
These files may be available here:
Analysis symbol:
Rechecking for solution: 0
Report ID: 44af7062-dd8d-11e2-944c-0e3288e13d8d
Report Status: 262144
Hashed bucket:

Source: Windows Error Reporting
Event ID: 1001
Fault bucket , type 0
Event Name: WindowsWcpOtherFailure3
Response: Not available
Cab Id: 0

Problem signature:
P1: 6.2.9200
P2: componentstore\com\advancedinstallers.cpp
P3: LoadHandlerDll
P4: 177
P5: 8007007e
P6: 0x39c6e321
P7:
P8:
P9:
P10:

Attached files:

These files may be available here:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Critical_6.2.9200_567334a349b518f8bb4abacbfc8d448c2be7e84_0a14445f

Analysis symbol:
Rechecking for solution: 0
Report ID: 44af7062-dd8d-11e2-944c-0e3288e13d8d
Report Status: 4
Hashed bucket:
0
David Haycox
Asked:
David Haycox
  • 9
  • 4
  • 2
1 Solution
 
dheiertCommented:
Actually sounds like some kind of authentication issue.  Have you tried as local admin?
0
 
David HaycoxAuthor Commented:
Was using domain admin account, trying as local admin now....  

Alas, same problem again.  Thanks anyway.  Any other ideas?
0
 
dheiertCommented:
Sounds like it is something MS frowns upon, but this looks like an answer:
I have found a simple solution to this issue that I also believe to have no security implications for AD. If anyone thinks this is not the case, please tell.
The problem is that Network Service does not have access rights to WID. So why don't we give it those rights?
Do the following:

1) Connect to \\.\pipe\MICROSOFT##WID\tsql\query using SQL Management Studio.
2) Under Security\Logins, add a new login.
    On the General page:
    Login name: NT AUTHORITY\NETWORK SERVICE
    Default database: RDCms
    On the User Mapping page:
    Check RDCms, select the entry and check db_owner.
   
That's it. All services should start fine now.
Update:
After this step, create a new login for NT AUTHORITY\SYSTEM. You will see a message that the login already exists, however it will add NT AUTHORITY\SYSTEM to the list of users. Following a reboot of the machine, everything will work as expected.
If you omit this last step, you will run into said "Object reference is not set to an instance of an object" error. ResolutoR and I could both verify that these steps make a setup of RD Connection Broker on a Domain Controller possible.
WARNING: Please be aware that the setup of a DC and RDCB on one server is entirely unsupported. The above steps can make it work in some extend, but that's it. Also be aware that RD Gateway won't work this way.

YOU SHOULD NEVER RUN THIS ON A PRODUCTION SERVER.
USE THIS FOR EVALUATION PURPOSES ONLY.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
David HaycoxAuthor Commented:
Thanks for that. I may snapshot the machine and give it a try, but as you suggest it's not a good idea on a production server.  I think I'll be giving Microsoft a call...
0
 
dheiertCommented:
Well, I agree with the posters on that board.  MS is claiming to centralize computing and then says not to do RDP??  WTF?
0
 
David HaycoxAuthor Commented:
Just spoke to Microsoft, seems like it's a known issue is caused by KB2821895.  Once installed it can't be removed (currently - they're working on a fix for this) and RD Session Host (and possibly other RD features) cannot be added or removed.

If you have added the RD features before installing the update, there's no problem (unless you want to remove them).

The solution is one of the following:
1. Roll back by any available method to before the update was installed, then add the features.
2. Perform a clean installation of Server 2012 and add the features before updating.
3. Wait for Microsoft to release a fix.

Annoying, but at least I now know I'm not going mad!
0
 
dheiertCommented:
That's just f'in ridiculous!
0
 
David HaycoxAuthor Commented:
Yes, you would have hoped the update had been tested before release.  Still, they gave me a straight answer, apologised, didn't charge me for the support request, and promised to inform me when the fix is available.
0
 
David HaycoxAuthor Commented:
I've requested that this question be closed as follows:

Accepted answer: 0 points for DavidOHaycox's comment #a39281179

for the following reason:

Answered own question.
0
 
PatrickNanceCommented:
I have the same issue on a production server.  I would prefer this not be closed until there is a solution either a workaround that is reasonable for a production server or notification here that Microsoft released a fix.
0
 
David HaycoxAuthor Commented:
Fair enough - it will serve as a reminder to me to post a link to the fix, when it comes.
0
 
David HaycoxAuthor Commented:
Answered own question.  Moderator suggests question should be closed.
0
 
PatrickNanceCommented:
0
 
David HaycoxAuthor Commented:
Microsoft sent me a tested (but not yet public update) which appears to have fixed the problem (Windows8-RT-KB2821895-v2-x64.msu).

I can post it if anyone would like, but of course it's at your own risk; I would advise obtaining it from Microsoft directly just to be certain, and they will be publishing it soon I would imagine.
0
 
David HaycoxAuthor Commented:
Just had notification from Microsoft that they now have a publicly available version of this:

http://support.microsoft.com/kb/2871777/EN-US
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

  • 9
  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now