Solved

Troubleshooting Remote Desktop Services Connectivity - Windows Server 2012 R2

Posted on 2014-03-28
12
242 Views
Last Modified: 2015-02-09
I have a number of users who connect to Published Applications over the internet. (Workers work from home). On any given day, user A can stay connected to the remote app with no disconnections for 8 hours, no problem. On the same day, user B may be disconnected 10-15 times during the exact same time period.

This is oversimplifying a good deal - there are many users who are fine, and many users with disconnections at different times of the day. (If everyone got disconnected at the same time, I could wrap my head around the idea of it being an issue on the server/our network).

My question is: how does one go about troubleshooting this? Their computers are all company provided. However, users are responsible for their own router/firewall/internet providers. They of course will call their internet provider, who will in turn "test their connection", and they'll be told that their connection is fine.

I need to be able to show WHAT is happening (both to the user and to myself), so that I can then troubleshoot further.

I've toyed with the idea of running Network Monitor/Wireshark, but honestly, I'm not real sure WHAT I'm looking for.

Anyone have any troubleshooting tips/tricks to share?
0
Comment
Question by:dday515
  • 7
  • 5
12 Comments
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 39961726
I wouldn't use Wireshark just yet.  I'd start in the Event Viewer of the RDS server.  I had the exact same issue awhile back, and one thing that we had to do was to turn Windows Firewall off.  So, I'd start there.

Next, I'd look in the event logs and see if you can see the disconnects; they should say something about the stream getting disconnected (sorry for the vague description, I just don't remember the exact phrase.)  You'll know it when you see it, please repost it here so we can evaluate it.
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 39961732
A few other things to check on:

1)  Your licensing situation; how does it look?  Do you have enough and are licenses being used up and you are running out?
2)  How many users are accessing this server/remote app at one time?  If it's 30 or more you might have the issue nailed down right there.

Anyway, get back to me when you can and we'll troubleshoot further.
0
 

Author Comment

by:dday515
ID: 39961776
Approximately 20 users. (Never more than 30).

We are getting some licensing errors in the event log (Licensing role is on same server, not a DC):

The Remote Desktop license server cannot update the license attributes for user "XXX" in the Active Directory Domain "XXX". Ensure that the computer account for the license server is a member of Terminal Server License Servers group in Active Directory domain "XXX".
If the license server is installed on a domain controller, the Network Service account also needs to be a member of the Terminal Server License Servers group.
If the license server is installed on a domain controller, after you have added the appropriate accounts to the Terminal Server License Servers group, you must restart the Remote Desktop Licensing service to track or report the usage of RDS Per User CALs.
Win32 error code: 0x80070005


I'm not seeing any further events in the event logs that show my disconnections. Maybe I need to turn on some additional auditing?
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 39961816
This article references 2008, but the groups are the same.  Have a look at the 2nd post and let me know your thoughts:

http://social.technet.microsoft.com/Forums/en-US/4084188d-b979-440f-b81a-29cc08162f38/the-remote-desktop-license-server-cannot-update-the-license-attributes?forum=winserverTS
0
 

Author Comment

by:dday515
ID: 39961924
I believe I have that resolved, but it should be noted that the above error occurs on Logon, not on disconnect.
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 39961959
The next thing I would look at then, is Internet connection speed on your end and potential dropped packets as referenced in your original post and wanting to use Wireshark.


What sort of connection (download/upload speed) do you have coming into your datacenter/server?  What is in between (firewalls, switches, etc.) the server and your Internet connection?
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Comment

by:dday515
ID: 39961994
50 Mbps up and down. (which is overkill for us, honestly).

There is a single Router/Firewall, and maybe 2 switches between the server and the external internet connection.
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 39962043
Very good.

The first spot I would look is to the router/firewall to see what might be happening around the time people are getting kicked off, so that will require a little detective work from you; perhaps if you had an individual that would report to you when they get kicked off then you could go look at the firewall logs/events to determine if something in common is happening.

What model of firewall is it?  I have experience with many vendors and may be able to help further on that.

If you check all of this and it's still ok, then I would resort to Wireshark and filter for packets that are specific to RDP.
0
 

Author Comment

by:dday515
ID: 39962050
Its a Cisco 2821 ISR (Integrated Service Router). Combo Firewall/Router/Call Processor.
0
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 39962070
Can you launch the web based GUI for that?  I'm not familiar with the ISR line, more on the ASA, 800 series, PIX, etc.
0
 

Author Comment

by:dday515
ID: 39962409
You can manage it some with SDM (a java based GUI).
0
 
LVL 17

Accepted Solution

by:
Brad Bouchard earned 500 total points
ID: 39962596
That's right I forgot about SDM.  Give the logs a look and see if you can see anything that corresponds.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Join & Write a Comment

I don't know if many of you have made the great mistake of using the Cisco Thin Client model with the management software VXC. If you have then you are probably more then familiar with the incredibly clunky interface, the numerous work arounds, and …
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through the process of configuring basic necessities in order to use the 2010 version of Data Protection Manager. These include storage, agents, and protection jobs. Launch Data Protection Manager from the deskt…
This tutorial will walk an individual through the process of installing of Data Protection Manager on a server running Windows Server 2012 R2, including the prerequisites. Microsoft .Net 3.5 is required. To install this feature, go to Server Manager…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now