Solved

Windows Server 2012 R2 (TS) connection lost (idle time) after exactly 8 Hours

Posted on 2016-10-19
3
23 Views
Last Modified: 2016-11-09
Dear Experts,

After a lot of googling i am here to ask the experts for this anoying problem regarding session time outs on a specific terminal server.
I have several terminal servers, a connection broker and a remote desktop gateway and offcourse a Domain controller with defined group policy. At first i thought this defined policy was causing the issue.

Set time limit for active but idle Remote Desktop Services sessions = 8 Hours

Which is also configured on the other terminal servers. and dont cause any problem.

I removed this policy, did a gpupdate /force and restarted the terminal server because its a computer policy obviously. :).

Still weird because the user in question is not idle at the time the event takes place.
The event : User gets  logged off after exactly 8 hours. With the notification "session timed out, idle time exceeded"

I have checked the folowing options

- NPS settings on the Remote Desktop Gateway (where no idle time is defined)
- Remote Desktop Gateway Manager, where no policy is defined nor policy folder is visible.
- Local GPedit.msc where the policy is not configured.

I have no idea where to start.

The event viewer shows the following error when the event takes place (exactly 8 hours from start of login)

"Cached User logon fails when LSASRV event 45058 indicates FIFO deletion of cached credential"

Which is quite normal for a terminal server event viewer.

I also created a policy "Configure keep-alive connection interval" keep alive interval = 10

Still i get the disconnects after exact 8 hours...

Any suggestions where to start looking further?
0
Comment
Question by:jav_sevenofnine
  • 2
3 Comments
 
LVL 23

Accepted Solution

by:
Coralon earned 500 total points (awarded by participants)
Comment Utility
You do not need to restart the server..   This is generally a machine level setting on the listener.  The important piece of this is that the setting takes effect only at logon.  If you have set the policy after the fact (while someone is online), it does not affect them.  It only affects the *new* connections.

However, there are user settings for the same thing.  The more restrictive settings will take effect (just a matter of which one hits first).  

So,  your first thing to do is run a gpresult for the user on the server.. look and see what policies are taking effect.
Then also, delete the user's profile to make sure it starts clean (or create a new user and test with that).  

Another possibility would be to run procmon in the user's session.. but try to do it when the server is very lightly used (or possibly just have it isolated for just the one user - you don't want to sift through *too* much data)..

Coralon
0
 

Author Comment

by:jav_sevenofnine
Comment Utility
Hi Carolon,

Thanks for your reply.
As mentioned above i removed the GPO in question. gpupdated the servers and rebooted the terminal server.

But i didn't know the users profile needs to be renewed.
I can try that offcourse.

Thanks i will try and come back at you.
0
 
LVL 23

Expert Comment

by:Coralon
Comment Utility
No response from user, seems likely that this will have resolved her situation.
0

Featured Post

Do email signature updates give you a headache?

Do you feel like you are constantly making changes to email signatures? Are the images not formatting how you want them to? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today.

Join & Write a Comment

Recently, I was assigned the task of performing a hardware refresh in the datacenter. The previous Windows 2008 systems were connected to the SAN via fiber channel HBA’s and among other thing, had PowerPath installed in order to provide sufficient f…
You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
In this Micro Tutorial viewers will learn how to use Windows Server Backup to create full image of their system. Tutorial shows how to install Windows Server Backup Feature on Windows 2012R2 and how to configure scheduled Bare Metal Recovery backup.…
In this Micro Tutorial viewers will learn how to restore their server from Bare Metal Backup image created with Windows Server Backup feature. As an example Windows 2012R2 is used.

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now