Solved

Remote Desktop Disconnecting from Servers after inactivity in Active Directory Domain

Posted on 2014-12-23
5
299 Views
Last Modified: 2015-01-14
The remote desktop connection in our domain servers disconnect sessions after a few minutes in inactivity.

I disabled these options on the default domain controllers and default domain policy:

Computer Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Session Time Limits

User Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Session Time Limits
RemoteDesktopSettings.PNG
0
Comment
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 24

Expert Comment

by:VB ITS
ID: 40514933
Without knowing more about how your OUs are structured and which servers are experiencing this issue, I can only suggest you try disabling the time limits on the servers themselves via Administrative ToolsRemote Desktop ServicesRemote Desktop Host Configuration > right click on RDP-Tcp in the Connections box > PropertiesSessions tab > make sure End a disconnected session is set to Never

It's probably best you separate out these settings into a new policy, that way you can check using RSoP or gpresult to see whether the policy is applying or not. If you need a hand with RSoP you can do some reading here: http://technet.microsoft.com/en-us/library/cc736424(v=ws.10).aspx
0
 
LVL 17

Accepted Solution

by:
Spike99 earned 500 total points
ID: 40515380
We had this issue a few years ago on Server 2003 for users connecting over to our servers using TSGateway over a regular internet connection. After much googling & investigation by the networking team, we finally figured out that cause was a particular type of firewall that was cutting off the connections after only a few minutes of inactivity.  Some users actually had been disconnected because of internet issues on their end, but the servers failed to recognize that fact & displayed those sessions as "active." So, when those users tried to reconnect, they were put into a duplicate session instead of being reconnected to their previous session.

The solution we found was to enable the "KeepAliveEnable" policy in our Terminal Server GPO.

This not only kept actively connected users from getting disconnected, it also gave us a more accurate picture of which users were connected or disconnected so if a user was disconnected, the server would show them as disconnected.

Although, you should keep in mind that MS has found an issue when manually stopping the RDP service with the KeepAliveEnable policy enabled: it can put the server into an unstable state.

Read this article about that:
http://support.microsoft.com/kb/2507353

I hope this helps.

Alicia
0
 

Author Comment

by:Stephen Weber - MCSE, CCNA
ID: 40533620
Alicia,

Thanks for the recommendation.  This is all on the local lan and applies to all our servers using a direct RDT Connection. I setup the group policy not to time out. All the workstations will not time out, its just the servers.

thanks
Steve
0
 
LVL 17

Expert Comment

by:Spike99
ID: 40533742
Our problem was caused by a known issue with the the settings on the particular brand of firewall we had, but that's not the only cause of that type of issue.    I would still give the KeepAliveEnable setting a try, do you have a test server you could try it out on?
0
 

Author Comment

by:Stephen Weber - MCSE, CCNA
ID: 40534114
Thank you,.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question