Solved

strange problem connecting to terminalserver 2008

Posted on 2014-11-13
20
206 Views
Last Modified: 2014-11-25
Hi, have a Windows 2008 R2 terminal server. The users is on a Windows 2008 R2 AD/domain server. Have multiple UPN Suffixes to simplifies user logon name

Domain name= Domain.local
UPN Suffix=company.no

User = Bob Norman
User logon name = bob@company.no
User logon name (pre-Windows 2000) = domain\bob_norman

I can logon to the Terminalserver with bob@company.no, but if i then close the session and wait so the mstsc close and then try to connect again it say that the user dont exist. The same if i use bob_norman@domain.local, it works once. If i use domain\bob_norman it works every time but i want to use bob@company.no
0
Comment
Question by:per-w
  • 9
  • 4
  • 3
  • +2
20 Comments
 
LVL 5

Expert Comment

by:A Karelin
ID: 40439724
Did you look for errors, warnings in event viewer?
0
 
LVL 78

Expert Comment

by:David Johnson, CD, MVP
ID: 40439732
what is your reconnection policy?  how long is the timeout period?  Here we allow 15 minutes to reconnect to the same session.. This helps in a lost connection or if a user closes the session (rdp window) accidentally
0
 
LVL 24

Expert Comment

by:VB ITS
ID: 40439753
I can logon to the Terminalserver with bob@company.no, but if i then close the session and wait so the mstsc close and then try to connect again it say that the user dont exist.
When you say you close the session, do you mean you are simply disconnecting from the session then attempting to reconnect or do you mean you are logging off completely?
0
 
LVL 6

Expert Comment

by:Rob G
ID: 40441087
Do you have multiple domain controllers, and how do you have group policy configured when it comes to stale accounts in terminal services?
0
 

Author Comment

by:per-w
ID: 40441159
Its nothing in the error log on the server(s)
Its one domaincontroller with multiple UPN Suffix so its possible for users to use there own email address as username
As long as i use the "domain\pre-windows 2000 username" its ok, but when using a username@......... (both there mail domain name and domain.local) its nok ok after the first login. If i logof and login before the timeout then its ok, if i wait to after timeout or end the mstsc process on the client pc its not ok to login again. I will look into it more tomorrow, but it looks like after a restart of the rd-gateway then the users could login one more time but not after they then close there session. It looks like the problem only is with rdp connection made with the .msi files that is made in the remoteapp manager, if i make a rdp connection from scratch its looks to be ok, but i will test that more tomorrow too.
0
 

Author Comment

by:per-w
ID: 40446635
When using the .msi file to install the rdp/icon, where is the settings stored? Since its working ok with .rdp file but not when installing the .msi file i think there must be something with the settings, could i see them somewhere?
0
 
LVL 24

Expert Comment

by:VB ITS
ID: 40446950
How did you go with native RDP? That's one vital piece of information to leave out - that the users were logging in via a RemoteApp. Please elaborate on how the RemoteApp file was created.
0
 

Author Comment

by:per-w
ID: 40446966
The .msi file was made on the rd session server in the remoteapp manager and then installed on the clients. The .rdp file is made from the rdp program on the client.
0
 
LVL 24

Expert Comment

by:VB ITS
ID: 40446992
Sorry, what I meant to ask is what is the RemoteApp publishing to the end user? Are you publishing the entire Desktop of the RD Session Host to the users or just a program?
0
 

Author Comment

by:per-w
ID: 40447030
I'm publishing just the programs and then let the remote app manager make the windows installer file (.msi) for each program and then install that files on the clients.
0
The curse of the end user strikes again      

You’ve updated all your end user’s email signatures. Hooray! But guess what? They’re playing around with the HTML, adding stupid taglines and ruining the imagery. Find out how you can save your signatures from end users today.

 
LVL 78

Expert Comment

by:David Johnson, CD, MVP
ID: 40447338
you will notice that the .msi is really small.. since it really doesn't contain much other than an .rdp file.
0
 

Author Comment

by:per-w
ID: 40447446
I know its small, but is it possible to see the settings on the rdp connection that msi file make? A normal rdp connection can be opened with notepad to see all settings, but not the one that is installed with the msi file.
0
 
LVL 78

Expert Comment

by:David Johnson, CD, MVP
ID: 40447838
no since it is a remoteapp not a normal rtp file.
0
 
LVL 6

Expert Comment

by:Rob G
ID: 40447844
Just out of curiosity,
You mention you are publishing the connection via MSI file..
But what are you creating the MSI from? and where are you sending it?
Because if you create it in 2k3 and try to launch it on windows 7, you will run into the issue with compatibility.. I wonder if you are using a newer, or older version in the package, vs what is installed on the client. (RDC vs RDP)
0
 

Author Comment

by:per-w
ID: 40449187
The MSI file is created on the  terminalserver that is Windows 2008 R2-64bit and the clients are Windows 7 pro 64-bit.
0
 
LVL 6

Accepted Solution

by:
Rob G earned 500 total points
ID: 40449701
Are they both running "kb2592687"?
http://support.microsoft.com/kb/2592687
0
 

Author Comment

by:per-w
ID: 40451668
Not on the server and its not enabled on the client. But isnt that only for the clients that should connect to a 2012 server?
0
 

Assisted Solution

by:per-w
per-w earned 0 total points
ID: 40454867
it looks like this two updates has something to do with it.
KB2994023
KB2984981
I removed them and then it looks like the problem is gone

Another fine thing is that when i did finde out this i also removed them on other clients/pc that did have another problem like Windows 7 clients couldnt connect to Windows 2012 R2 with RDP. On one place i did have 4 Windows 2012 R2 servers and the Windows 7 client could connect to all four, but 2 weeks ago they couldnt connect to two of them. I then removed KB2994023 and KB2984981 and then they work :-) I tried to remove only one but both must be removed. As soon as i try to install one of them or both they cant RDP in to some of the Windows 2012 R2 serveres.
0
 
LVL 6

Expert Comment

by:Rob G
ID: 40454999
Good find!
0
 

Author Closing Comment

by:per-w
ID: 40464137
Rob G put me on the track, when searching on info for the kb2592687 i started to remove/reinstall updates and it seems like the problem is solved for now.
0

Featured Post

Do email signature updates give you a headache?

Do you feel like you are constantly making changes to email signatures? Are the images not formatting how you want them to? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today.

Join & Write a Comment

I was asked if I could set up a fax machine so that incoming faxes were delivered to people's Exchange inboxes and so that they could send faxes from their desktops without needing to print the document first.  I knew it was possible but I had no id…
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now