Solved

Microsoft Remote Desktop Client - Mac and MSTSC Windows XP with RDS 2012

Posted on 2014-03-28
14
5,762 Views
Last Modified: 2014-04-03
Hello all,

I've recently deployed a RDS environment, with a fairly simple setup:
DMZ: RD Gateway / Connection Broker / RD WebAccess
RDS Server: Session Host.

I have also published Remote Apps, and all is well there, at least on Windows 7, and Windows 8.

The problem is in two places however:
Windows XP: I can't for the life of me get Remote Apps to work, or even a normal RD Gateway connection to work. With that one, I invariably get the message that the RD Gateway server  is temporarily unavailable.
In my research, it sounds like it may be possible that Windows XP SP3 may simply not support RemoteApp. However, it should support at least a normal RDP connection.

I have turned off NLA on both the collection, as well as the RD gateway to support legacy clients.
Any thoughts on that?

The second problem is Macs. From all my reading, it seems like the Macs should be able to launch remote apps from the Resources, as well as connect to an remote session via the RD Gateway with no issues. However, every time I try to connect, I get the following error:

"The gateway failed to connect with the message: 503 RPC Error: 6ba"

I'm not sure why I'm getting that, given that all my other clients work just fine, even when connecting to a published RemoteApp.

I could not find anything googling this, and most issues that I found that are remotely close are related to SBS servers. I'm running Standalone Windows 2012 servers. Any thoughts?

Thanks!
0
Comment
Question by:cvservices
  • 7
  • 5
  • 2
14 Comments
 
LVL 38

Expert Comment

by:Hypercat (Deb)
Comment Utility
In order to connect to a Windows 2012 RDS server, you need Remote Desktop Client v. 8.0.  This is available for Windows 7 as an upgrade and is built into Windows 8, but as far as I know it isn't possible to install this client version on Windows XP. You might be able to get it to work if you update the XP machine to at least desktop client v. 7.

There are also compatibility issues with Macs as far as I can tell. I've not tested it, but I have tested the 2012 remote app function with browsers other than IE on a Windows 7 platform, and I haven't even been able to get that to work.
0
 
LVL 38

Assisted Solution

by:Hypercat (Deb)
Hypercat (Deb) earned 250 total points
Comment Utility
P.S. - Just as a further clarification, I'm not sure how familiar you are with the Remote App function, but in fact what it does is open a regular remote desktop session in the background.  Therefore if you don't have a compatible browser version AND a compatible remote desktop client version, it won't work.
0
 
LVL 17

Assisted Solution

by:Brad Bouchard
Brad Bouchard earned 250 total points
Comment Utility
In order to connect to a Windows 2012 RDS server, you need Remote Desktop Client v. 8.0.  This is available for Windows 7 as an upgrade and is built into Windows 8, but as far as I know it isn't possible to install this client version on Windows XP.

This is true.  Windows XP doesn't support a high enough version to support the Remote App setup.  As far as the simple RDP to a server you may be limited by XP again there too.
0
 
LVL 1

Author Comment

by:cvservices
Comment Utility
Thanks guys, (and lady, I think :) )

Regarding XP. I'm aware that there is a limitation, so I'm not expecting RemoteApp to work, but after upgrading to RDP 7.0 Client, and enabling the CredSSP. So I'm still looking to get Windows XP to work, even if I have to manually distribute the RDP files for the app. I'm pretty sure that part's possible.

As far as the Macs. I am aware that there is some lack of support in that client. I am using the latest Microsoft Remote Desktop Client, however, and if I connect to another environment via the gateway, it connects without a problem. in this case, I'm not talking about launching a remote app, but rather connecting to a full RDP session via the RD gateway. So the fact that I'm getting through to one environment, and not the other from the Mac, tells me that there is some configuration issue that I'm missing on my RD Gateway that's causing that RPC error.

Any other thoughts?
0
 
LVL 17

Expert Comment

by:Brad Bouchard
Comment Utility
Have you seen this?

http://stealthpuppy.com/remoteapp-for-windows-xp-and-windows-vista-the-missing-pieces/

The bottom section describes distributing.

As far as the RD Gateway error, do you have a 3rd party SSL and not a self signed one?  And, have you allowed the specified users access to the groups needed to be in the Remote Desktop Gateway policy?
0
 
LVL 1

Author Comment

by:cvservices
Comment Utility
Of all the articles I've read, I don't think I stumbled on that one Brad :) So let me check that out.

Regarding the error. Yes, I do have a wild card cert in place. (not self-signed).
If you're referring to CAP and RAP, yes, for the time being, I have domain users, and domain computers setup.
0
 
LVL 17

Expert Comment

by:Brad Bouchard
Comment Utility
Ok, good on the CAP and RAP groups.  The wildcard might be the issue as I think I may have seen an issue in 2008 R2 with a wildcard instead of using a regular SSL.  I'd look into that.  

Also, let me know how the article goes.
0
Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

 
LVL 1

Author Comment

by:cvservices
Comment Utility
Brad,
the article doesn't seem to be relevant in this case. This is instruction to publish a remote app from Windows XP. I just want to have Windows XP working as a client, connecting to a Windows 2012 RDS instance.

Regarding the certificates, everywhere I've read seems to say that wildcard certs are in fact supported in RDS 2012, the environment where things are working, is in fact using a wildcard cert as well.

I did find this article:
http://gallery.technet.microsoft.com/Change-published-FQDN-for-2a029b80

Running the Powershell script did fix an oddball issue I was having when connecting from inside my firewall, but still did not fix access from XP, or from the Mac RDP client.
0
 
LVL 1

Author Comment

by:cvservices
Comment Utility
Ok . so to add to my research regarding the mac connectivity.
Event logs on the RD Gateway show absolutely nothing when the connectivity fails. So, that tells me that something is happening on the IIS proxy level before it even gets a chance to register a windows event. So, in checking the IIS logs, I saw the following, which seem weird, though I can't find anything online on how to interpret them or fix the issue... ? ... do these logs mean anything to anyone?

2014-03-29 05:34:19 10.10.0.100 RPC_IN_DATA /rpc/rpcproxy.dll localhost:3388 443 HOSTED\testuser xxx.xxx.xxx.xxx MSRPC - 200 0 0 99
2014-03-29 05:39:05 10.10.0.100 RPC_IN_DATA /rpc/rpcproxy.dll localhost:3388 443 - xxx.xxx.xxx.xxx MSRPC - 401 2 5 41
2014-03-29 05:39:05 10.10.0.100 RPC_OUT_DATA /rpc/rpcproxy.dll localhost:3388 443 - xxx.xxx.xxx.xxx MSRPC - 401 2 5 44
2014-03-29 05:39:05 10.10.0.100 RPC_IN_DATA /rpc/rpcproxy.dll localhost:3388 443 - xxx.xxx.xxx.xxx MSRPC - 401 1 2148074254 42
2014-03-29 05:39:05 10.10.0.100 RPC_OUT_DATA /rpc/rpcproxy.dll localhost:3388 443 - xxx.xxx.xxx.xxx MSRPC - 401 1 2148074254 43
2014-03-29 05:39:05 10.10.0.100 RPC_IN_DATA /rpc/rpcproxy.dll localhost:3388 443 - xxx.xxx.xxx.xxx MSRPC - 401 1 2148074252 67
2014-03-29 05:39:05 10.10.0.100 RPC_OUT_DATA /rpc/rpcproxy.dll localhost:3388 443 - xxx.xxx.xxx.xxx MSRPC - 401 1 2148074252 48
2014-03-29 05:39:05 10.10.0.100 RPC_IN_DATA /rpc/rpcproxy.dll localhost:3388 443 - xxx.xxx.xxx.xxx MSRPC - 401 1 2148074254 42
2014-03-29 05:39:05 10.10.0.100 RPC_OUT_DATA /rpc/rpcproxy.dll localhost:3388 443 - xxx.xxx.xxx.xxx MSRPC - 401 1 2148074254 43
2014-03-29 05:39:05 10.10.0.100 RPC_IN_DATA /rpc/rpcproxy.dll localhost:3388 443 - xxx.xxx.xxx.xxx MSRPC - 401 1 2148074252 63
2014-03-29 05:39:05 10.10.0.100 RPC_OUT_DATA /rpc/rpcproxy.dll localhost:3388 443 - xxx.xxx.xxx.xxx MSRPC - 401 1 2148074252 70
2014-03-29 05:39:14 10.10.0.100 RPC_IN_DATA /rpc/rpcproxy.dll localhost:3388 443 - xxx.xxx.xxx.xxx MSRPC - 401 1 2148074254 50
2014-03-29 05:39:14 10.10.0.100 RPC_OUT_DATA /rpc/rpcproxy.dll localhost:3388 443 - xxx.xxx.xxx.xxx MSRPC - 401 1 2148074254 49
2014-03-29 05:39:14 10.10.0.100 RPC_IN_DATA /rpc/rpcproxy.dll localhost:3388 443 hosted\testuser xxx.xxx.xxx.xxx MSRPC - 200 0 0 45
2014-03-29 05:39:14 10.10.0.100 RPC_OUT_DATA /rpc/rpcproxy.dll localhost:3388 443 hosted\testuser xxx.xxx.xxx.xxx MSRPC - 200 0 0 48
2014-03-29 05:40:30 10.10.0.100 RPC_OUT_DATA /rpc/rpcproxy.dll localhost:3388 443 - xxx.xxx.xxx.xxx MSRPC - 401 2 5 42
2014-03-29 05:40:30 10.10.0.100 RPC_IN_DATA /rpc/rpcproxy.dll localhost:3388 443 - xxx.xxx.xxx.xxx MSRPC - 401 2 5 47
2014-03-29 05:40:30 10.10.0.100 RPC_OUT_DATA /rpc/rpcproxy.dll localhost:3388 443 - xxx.xxx.xxx.xxx MSRPC - 401 1 2148074254 41
2014-03-29 05:40:30 10.10.0.100 RPC_IN_DATA /rpc/rpcproxy.dll localhost:3388 443 - xxx.xxx.xxx.xxx MSRPC - 401 1 2148074254 48
2014-03-29 05:40:30 10.10.0.100 RPC_OUT_DATA /rpc/rpcproxy.dll localhost:3388 443 - xxx.xxx.xxx.xxx MSRPC - 401 1 2148074252 57
2014-03-29 05:40:30 10.10.0.100 RPC_IN_DATA /rpc/rpcproxy.dll localhost:3388 443 - xxx.xxx.xxx.xxx MSRPC - 401 1 2148074252 49
2014-03-29 05:40:30 10.10.0.100 RPC_OUT_DATA /rpc/rpcproxy.dll localhost:3388 443 - xxx.xxx.xxx.xxx MSRPC - 401 1 2148074254 42
2014-03-29 05:40:30 10.10.0.100 RPC_IN_DATA /rpc/rpcproxy.dll localhost:3388 443 - xxx.xxx.xxx.xxx MSRPC - 401 1 2148074254 49
2014-03-29 05:40:30 10.10.0.100 RPC_OUT_DATA /rpc/rpcproxy.dll localhost:3388 443 - xxx.xxx.xxx.xxx MSRPC - 401 1 2148074252 44
2014-03-29 05:40:30 10.10.0.100 RPC_IN_DATA /rpc/rpcproxy.dll localhost:3388 443 - xxx.xxx.xxx.xxx MSRPC - 401 1 2148074252 50
2014-03-29 05:40:35 10.10.0.100 RPC_OUT_DATA /rpc/rpcproxy.dll localhost:3388 443 - xxx.xxx.xxx.xxx MSRPC - 401 1 2148074254 43
2014-03-29 05:40:35 10.10.0.100 RPC_IN_DATA /rpc/rpcproxy.dll localhost:3388 443 - xxx.xxx.xxx.xxx MSRPC - 401 1 2148074254 49
2014-03-29 05:40:35 10.10.0.100 RPC_OUT_DATA /rpc/rpcproxy.dll localhost:3388 443 hosted\testuser xxx.xxx.xxx.xxx MSRPC - 200 0 0 45
2014-03-29 05:40:35 10.10.0.100 RPC_IN_DATA /rpc/rpcproxy.dll localhost:3388 443 hosted\testuser xxx.xxx.xxx.xxx MSRPC - 200 0 0 57

This was a connection from a mac, from my home connection to the RD Gateway, over the internet.
0
 
LVL 1

Accepted Solution

by:
cvservices earned 0 total points
Comment Utility
In looking further into the issue. I believe the problem lied somewhere in the rpcproxy.dll. I yanked everything out, and redeployed, and then applied the powershell script to change the name spaces of the external RD Gateway, and everything connected. Albeit still with the limitations that XP and OS X have.

(was able to even connect from iOS and Android).

Thanks for your help anyway.
0
 
LVL 1

Author Comment

by:cvservices
Comment Utility
By the way, just to clarify the issue with Windows XP:
As long as you're running RDP Client 7.0, with the CredSSP fix.
It is in fact possible to run a remote app, just not directly from the RD Web portal.

What I did was I setup a Remote Connection Resource on Windows 7, and grabbed the RDP file from there, and ran it on XP. It opened the RemoteApp like a charm.

It's too bad that MS decided to remove the ability to create an RDP and/or an MSI in Windows 2012!!

For the Mac, I was able to also run the Remote app, again, not from the portal, but setting up a Resource on the Microsoft Remote Desktop client launched the Remote App without any issues.
0
 
LVL 17

Expert Comment

by:Brad Bouchard
Comment Utility
By the way, just to clarify the issue with Windows XP:
As long as you're running RDP Client 7.0, with the CredSSP fix.
It is in fact possible to run a remote app, just not directly from the RD Web portal.

This is very good info, thanks for sharing.
0
 
LVL 17

Expert Comment

by:Brad Bouchard
Comment Utility
By the way, just to clarify the issue with Windows XP:
As long as you're running RDP Client 7.0, with the CredSSP fix.
It is in fact possible to run a remote app, just not directly from the RD Web portal.

This is very good info, thanks for sharing.
0
 
LVL 1

Author Closing Comment

by:cvservices
Comment Utility
Thanks all.
0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Join & Write a Comment

Understanding the various editions available is vital when you decide to purchase Windows Server 2012. You need to have a basic understanding of the features and limitations in each edition in order to make a well-informed decision that best suits y…
OfficeMate Freezes on login or does not load after login credentials are input.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now