Windows Server 2012 R2 (TS) connection lost (idle time) after exactly 8 Hours

Dear Experts,

After a lot of googling i am here to ask the experts for this anoying problem regarding session time outs on a specific terminal server.
I have several terminal servers, a connection broker and a remote desktop gateway and offcourse a Domain controller with defined group policy. At first i thought this defined policy was causing the issue.

Set time limit for active but idle Remote Desktop Services sessions = 8 Hours

Which is also configured on the other terminal servers. and dont cause any problem.

I removed this policy, did a gpupdate /force and restarted the terminal server because its a computer policy obviously. :).

Still weird because the user in question is not idle at the time the event takes place.
The event : User gets  logged off after exactly 8 hours. With the notification "session timed out, idle time exceeded"

I have checked the folowing options

- NPS settings on the Remote Desktop Gateway (where no idle time is defined)
- Remote Desktop Gateway Manager, where no policy is defined nor policy folder is visible.
- Local GPedit.msc where the policy is not configured.

I have no idea where to start.

The event viewer shows the following error when the event takes place (exactly 8 hours from start of login)

"Cached User logon fails when LSASRV event 45058 indicates FIFO deletion of cached credential"

Which is quite normal for a terminal server event viewer.

I also created a policy "Configure keep-alive connection interval" keep alive interval = 10

Still i get the disconnects after exact 8 hours...

Any suggestions where to start looking further?
jav_sevenofnineAsked:
Who is Participating?
 
CoralonConnect With a Mentor Commented:
You do not need to restart the server..   This is generally a machine level setting on the listener.  The important piece of this is that the setting takes effect only at logon.  If you have set the policy after the fact (while someone is online), it does not affect them.  It only affects the *new* connections.

However, there are user settings for the same thing.  The more restrictive settings will take effect (just a matter of which one hits first).  

So,  your first thing to do is run a gpresult for the user on the server.. look and see what policies are taking effect.
Then also, delete the user's profile to make sure it starts clean (or create a new user and test with that).  

Another possibility would be to run procmon in the user's session.. but try to do it when the server is very lightly used (or possibly just have it isolated for just the one user - you don't want to sift through *too* much data)..

Coralon
0
 
jav_sevenofnineAuthor Commented:
Hi Carolon,

Thanks for your reply.
As mentioned above i removed the GPO in question. gpupdated the servers and rebooted the terminal server.

But i didn't know the users profile needs to be renewed.
I can try that offcourse.

Thanks i will try and come back at you.
0
 
CoralonCommented:
No response from user, seems likely that this will have resolved her situation.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.