Solved

Windows Server 2012 R2 (TS) connection lost (idle time) after exactly 8 Hours

Posted on 2016-10-19
3
73 Views
Last Modified: 2016-11-09
Dear Experts,

After a lot of googling i am here to ask the experts for this anoying problem regarding session time outs on a specific terminal server.
I have several terminal servers, a connection broker and a remote desktop gateway and offcourse a Domain controller with defined group policy. At first i thought this defined policy was causing the issue.

Set time limit for active but idle Remote Desktop Services sessions = 8 Hours

Which is also configured on the other terminal servers. and dont cause any problem.

I removed this policy, did a gpupdate /force and restarted the terminal server because its a computer policy obviously. :).

Still weird because the user in question is not idle at the time the event takes place.
The event : User gets  logged off after exactly 8 hours. With the notification "session timed out, idle time exceeded"

I have checked the folowing options

- NPS settings on the Remote Desktop Gateway (where no idle time is defined)
- Remote Desktop Gateway Manager, where no policy is defined nor policy folder is visible.
- Local GPedit.msc where the policy is not configured.

I have no idea where to start.

The event viewer shows the following error when the event takes place (exactly 8 hours from start of login)

"Cached User logon fails when LSASRV event 45058 indicates FIFO deletion of cached credential"

Which is quite normal for a terminal server event viewer.

I also created a policy "Configure keep-alive connection interval" keep alive interval = 10

Still i get the disconnects after exact 8 hours...

Any suggestions where to start looking further?
0
Comment
Question by:jav_sevenofnine
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 25

Accepted Solution

by:
Coralon earned 500 total points (awarded by participants)
ID: 41851302
You do not need to restart the server..   This is generally a machine level setting on the listener.  The important piece of this is that the setting takes effect only at logon.  If you have set the policy after the fact (while someone is online), it does not affect them.  It only affects the *new* connections.

However, there are user settings for the same thing.  The more restrictive settings will take effect (just a matter of which one hits first).  

So,  your first thing to do is run a gpresult for the user on the server.. look and see what policies are taking effect.
Then also, delete the user's profile to make sure it starts clean (or create a new user and test with that).  

Another possibility would be to run procmon in the user's session.. but try to do it when the server is very lightly used (or possibly just have it isolated for just the one user - you don't want to sift through *too* much data)..

Coralon
0
 

Author Comment

by:jav_sevenofnine
ID: 41853351
Hi Carolon,

Thanks for your reply.
As mentioned above i removed the GPO in question. gpupdated the servers and rebooted the terminal server.

But i didn't know the users profile needs to be renewed.
I can try that offcourse.

Thanks i will try and come back at you.
0
 
LVL 25

Expert Comment

by:Coralon
ID: 41880247
No response from user, seems likely that this will have resolved her situation.
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Issue: One Windows 2008 R2 64bit server on the network unable to connect to a buffalo Device (Linkstation) with firmware version 1.56. There are a total of four servers on the network this being one of them. Troubleshooting Steps: Connect via h…
This article will review the basic installation and configuration for Windows Software Update Services (WSUS) in a Windows 2012 R2 environment.  WSUS is a Microsoft tool that allows administrators to manage and control updates to be approved and ins…
In this Micro Tutorial viewers will learn how they can get their files copied out from their unbootable system without need to use recovery services. As an example non-bootable Windows 2012R2 installation is used which has boot problems.
This tutorial will walk an individual through the process of configuring basic necessities in order to use the 2010 version of Data Protection Manager. These include storage, agents, and protection jobs. Launch Data Protection Manager from the deskt…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question