?
Solved

Remote Desktop Disconnecting from Servers after inactivity in Active Directory Domain

Posted on 2014-12-23
5
Medium Priority
?
309 Views
Last Modified: 2015-01-14
The remote desktop connection in our domain servers disconnect sessions after a few minutes in inactivity.

I disabled these options on the default domain controllers and default domain policy:

Computer Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Session Time Limits

User Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Session Time Limits
RemoteDesktopSettings.PNG
0
Comment
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 24

Expert Comment

by:VB ITS
ID: 40514933
Without knowing more about how your OUs are structured and which servers are experiencing this issue, I can only suggest you try disabling the time limits on the servers themselves via Administrative ToolsRemote Desktop ServicesRemote Desktop Host Configuration > right click on RDP-Tcp in the Connections box > PropertiesSessions tab > make sure End a disconnected session is set to Never

It's probably best you separate out these settings into a new policy, that way you can check using RSoP or gpresult to see whether the policy is applying or not. If you need a hand with RSoP you can do some reading here: http://technet.microsoft.com/en-us/library/cc736424(v=ws.10).aspx
0
 
LVL 17

Accepted Solution

by:
Spike99 earned 2000 total points
ID: 40515380
We had this issue a few years ago on Server 2003 for users connecting over to our servers using TSGateway over a regular internet connection. After much googling & investigation by the networking team, we finally figured out that cause was a particular type of firewall that was cutting off the connections after only a few minutes of inactivity.  Some users actually had been disconnected because of internet issues on their end, but the servers failed to recognize that fact & displayed those sessions as "active." So, when those users tried to reconnect, they were put into a duplicate session instead of being reconnected to their previous session.

The solution we found was to enable the "KeepAliveEnable" policy in our Terminal Server GPO.

This not only kept actively connected users from getting disconnected, it also gave us a more accurate picture of which users were connected or disconnected so if a user was disconnected, the server would show them as disconnected.

Although, you should keep in mind that MS has found an issue when manually stopping the RDP service with the KeepAliveEnable policy enabled: it can put the server into an unstable state.

Read this article about that:
http://support.microsoft.com/kb/2507353

I hope this helps.

Alicia
0
 

Author Comment

by:Stephen Weber - MCSE, CCNA
ID: 40533620
Alicia,

Thanks for the recommendation.  This is all on the local lan and applies to all our servers using a direct RDT Connection. I setup the group policy not to time out. All the workstations will not time out, its just the servers.

thanks
Steve
0
 
LVL 17

Expert Comment

by:Spike99
ID: 40533742
Our problem was caused by a known issue with the the settings on the particular brand of firewall we had, but that's not the only cause of that type of issue.    I would still give the KeepAliveEnable setting a try, do you have a test server you could try it out on?
0
 

Author Comment

by:Stephen Weber - MCSE, CCNA
ID: 40534114
Thank you,.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question