Solved

2K8R2 drain mode, cannot chglogon /drain, should we change

Posted on 2014-08-01
4
742 Views
Last Modified: 2014-08-02
Hi,

I'd like to activate drain mode on our terminal servers: http://blogs.msdn.com/b/rds/archive/2007/06/15/introducing-terminal-services-server-drain-mode.aspx

But my policy won't let me to, if I do chglogon /drain it says "connections are currently ENABLED by group policy ... unable to change".

I can set the policy to not configured but I am not eager to, I don't want to impact users.

 located in Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Connections -> "Allow users to connect remotely using Remote Desktop Services" –

Have you configured it too and it works correctly?

Pls advise.
J.
0
Comment
Question by:janhoedt
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 15

Expert Comment

by:joharder
ID: 40235567
In order to drain a server, new connections must be disabled .  Otherwise, the two policies would counter each other.

Typically, you would drain a subset of servers at any given time, not all servers.  Thus, users could still logon and do their work, but not on the draining servers.
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 40235778
You must be having enabled RDP protocol on RD session host servers in system\remote settings and also must be added required users \ groups in Remote Desktop users local group on same server.
So in reality you need to make "Allow users to connect remotely using Remote Desktop Services" GPO setting mentioned in question to "Not Configured"
Then run gpupdate /force on terminal server and run change logon command from elevated command prompt, it should work.
If you do not configure this policy setting, Remote Desktop Services uses the Remote Desktop setting on the target computer to determine whether the remote connection is allowed. This setting is found on the Remote tab in the System properties sheet.
Taken from GPO setting description.
0
 

Author Comment

by:janhoedt
ID: 40236098
So changing this policy to not configured won t impact production servers (terminal servers and their connections€ not at all?
Don t get it since the policy need to be there to make terminal services work at all.
0
 
LVL 37

Accepted Solution

by:
Mahesh earned 500 total points
ID: 40236341
U need to ensure that Remote Desktop is enabled on all RD Session Host Servers and  required users (Domain users built-in group) is added in Remote Desktop Users local group on each server
Then above GPO setting is not required
0

Featured Post

Turn Insights into Action

Communication across every corner of your business is essential to increase the velocity of your application delivery and support pipeline. Automate, standardize, and contextualize your communication processes with xMatters.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question