Solved

RDP users cannot logon

Posted on 2014-12-12
6
146 Views
Last Modified: 2015-06-03
Good morning,

I am trying to deploy my first Terminalserver outside my test lab.  For this I am running Windows Server 2012 R2 Standard in VMware.  The license server resides on another host (the DC, also 2012R2, also VMware), all the other RD roles are installed locally.  Web Access etc. are not required.  

On my first try, I installed the RDP session host role itself without using the RDP rollout wizard in System manager.  There I received on every user logon the message that no licensing host was configured.  I did not find any means to configure a licensing host.

So I tried again, removed the role and started over using the system manager tools that are meant for running RDP.  I installed the RDP gateway, the session broker and all the rest of it to this host, rebootet twice and I received message that all is well.
Now I cannot connect to this host at all anymore (except via mstsc /admin).  The RDP client asks for credentials and denies access if the credentials are false.  On correct credentials the client seems to connect up to "configuring remote session" - then it fails and I get something like  "the client cannot connect - retry or contact your system administrator".
What really gets me, though, is that I am receiving no messages in eventlog - nothing at all.  Security log shows successful login and logoff for the user, all the rest is void of any information.  This happens on domain users as well as local system administrator user.

I  have assigned  the license server in System Manager and set the licensing mode to "User" which matches the installed and activated CALs.  I did not find any place to grant access privileges to certain users.  

What am I missing?

Thanks,
Ralph
0
Comment
Question by:Ralph Scharping
  • 4
  • 2
6 Comments
 
LVL 18

Expert Comment

by:Peter Hutchison
Comment Utility
Load Server Manager, Configuration, Users and Groups and add the Domain Users group to the Remote Desktop users group to allow users to remote onto the server.
0
 
LVL 2

Author Comment

by:Ralph Scharping
Comment Utility
Do you mean the local group "Remote Desktop Users"?  The Domain-Users-Group is already a member.  But that would have resulted in a proper error message saying that the user is missing privileges, wouldn't it?
I am receiving no error at all - at least not on the server side.
0
 
LVL 18

Expert Comment

by:Peter Hutchison
Comment Utility
You mentioned Host Licensing is missing. This is a requirement for Remote Destkop services for client CALs. It can be installed via Server Manager as a component of Remote Desktop Services. See picture, you may also want the Connection Broker installed for clients to reconnect to their session.

See picture.
Remote Desktop licensing
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 2

Author Comment

by:Ralph Scharping
Comment Utility
That is at least not what I meant to say.

On my first try, I did not find means to tell the RDS-Server where to find it's licensing host.  Then I tried over, installed all the roles and was now successful in configuring the licensing host.  Licensing service resides on the DC, that is another VM.
0
 
LVL 2

Accepted Solution

by:
Ralph Scharping earned 0 total points
Comment Utility
It turns out that some options that are configured in GUI are not read under all circumstances.  It seems that they need to be set using policies:


Local Computer Policy -> Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Licensing

“Use the specified RD license servers” = myservername

“Set the Remote Desktop licensing mode” = Per User


That fixed the issue.
0
 
LVL 2

Author Closing Comment

by:Ralph Scharping
Comment Utility
Took some research...
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

In my previous 24 VMware Articles (http://www.experts-exchange.com/ARTH_1864316.html?arthOrderBy=3&arthSort=1#arth), most featured Intermediate VMware Topics. My next series of articles concentrated on topics for the VMware Novice;   If you would…
My GPO's made for 2008 R2 servers were not allowing me to RDP into a new 2012 server by default.  That’s why I tried to allow RDP via Powershell, because I could log into a remote shell without further configuration. Below I will describe how I wen…
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now