RDP 2016 Single user per session host only
My RDS 2016 is configured and working with 3 session hosts. Users are directed to the session hosts in a load balanced way and the experience is rich with no errors.
Once there's a user on each session host the next connection comes in and a user on an existing session is asked to allow user DOMAIN\USER to connect. If the user clicks ok they are disconnected to allow the next user to connect.
This limits each session host to 1 user each. Each host has the user limit set to 10,000 in the local GP. The servers have been rebooted for this to take effect.
I have 110 user cals and all are registering fine without issues.
Event Viewer is clear of errors. The disconnections are showing at code 5 which is a manual disconnection. This is correct as users are accepting to disconnect to allow another connection.
This is a real problem and I'm at a loss. Has anyone seen this on 2012 or 2016 server?
Once there's a user on each session host the next connection comes in and a user on an existing session is asked to allow user DOMAIN\USER to connect. If the user clicks ok they are disconnected to allow the next user to connect.
This limits each session host to 1 user each. Each host has the user limit set to 10,000 in the local GP. The servers have been rebooted for this to take effect.
I have 110 user cals and all are registering fine without issues.
Event Viewer is clear of errors. The disconnections are showing at code 5 which is a manual disconnection. This is correct as users are accepting to disconnect to allow another connection.
This is a real problem and I'm at a loss. Has anyone seen this on 2012 or 2016 server?
Cliff Galiher
Does easier have their own account? Or are you trying to share acxounts? When you say you have CALs, did you get RDS CALs? Or just Windows CALs? Did you install the RDSH role on each host? Or just the licensng server?
ASKER
Session host role is on the 3 session hosts. Gateway, web access and the broker is on another server.
I used our education agreement for the 110 RDS User CALs. I'll have to have another look tomorrow at the type of CALs in more detail.
Each user is part of Domain. The user is part of staff group and the staff group is in the allowed login in the remote users dialog on each local session host.
I've also enabled allow login through Remote Desktop Services under local security policy user rights assignment
It's really got me this one
I used our education agreement for the 110 RDS User CALs. I'll have to have another look tomorrow at the type of CALs in more detail.
Each user is part of Domain. The user is part of staff group and the staff group is in the allowed login in the remote users dialog on each local session host.
I've also enabled allow login through Remote Desktop Services under local security policy user rights assignment
It's really got me this one
How are you load balancing? How did you set up RDS at first? How long ago? What do the event logs say?
ASKER
The gateway is set to load balance the collection equally over the 3 session hosts. Each session host is weighted at 100. I've dropped sessions from unlimited to 10000 per host. We're only expecting 100 concurrent connections at the minute.
Event viewer is clear. Under Remote Desktop services and windows logs. Everything looks fine. Only events are expected events.
I setup 4 servers. I picked a gateway. I added all the servers in server manager. I then started the RDS deployment from the gateway server. This server installed all the roles to the other servers.
Event viewer is clear. Under Remote Desktop services and windows logs. Everything looks fine. Only events are expected events.
I setup 4 servers. I picked a gateway. I added all the servers in server manager. I then started the RDS deployment from the gateway server. This server installed all the roles to the other servers.
RDGW has no load balancing capabilities. None. So depending on how you forced/hacked that, i am guessing you have users connecting alunder the administrative session. Which is limited to one concurrent connection. Have you defined a collection?
ASKER
That setting is under the collection properties. It says Load Balancing and it gives option of weight and session limits per host. This is RDS 2016.
Aware.l this is 2016. But that set of settig are not changing the gateway. That's the broker. You said you had the gateway load balancing. These differences matter, especially when things aren't working. I can't assume you meant something different than what you said otherwise it'd all be working and you wouldn't be here.
How, SPECIFICALLY, are users connecting?
ASKER
I apologise it is the broker and not the gateway. Users browse to the web access server and login. They download the RDP file and connect. This RDP has the gateway details in it.
I've setup split dns so everyone uses RDS.server.com. This works well for web access and users do connect fine internally and externally.
I'll be able to take a look again this morning and send more event log information.
I've setup split dns so everyone uses RDS.server.com. This works well for web access and users do connect fine internally and externally.
I'll be able to take a look again this morning and send more event log information.
ASKER
My users are using Microsoft Remote Desktop for Mac the latest version. Were not using Network Level Authentication and this is disabled on the collection.
I have just removed the collection and re-created it. The session hosts failed to add to the new collection. After a few googles i found that this was a bug and i followed this > http://blog.ronnypot.nl/?p=1041 and the session hosts now add fine. The issue is Group Policies cannot be added to the Session Hosts until after their linked to a collection. I removed the GPO and then added them fine.
I was hopeful with the new connection but then a user connected and i was asked to disconnect to allow them to connect. One active user is still where were at. Even after setting the collection and session host to allow 10,000 active users per session host.
I now have no GPO's set on the Session Hosts i am relying on the collection settings to issue the properties.
Not sure where to go from here
I have just removed the collection and re-created it. The session hosts failed to add to the new collection. After a few googles i found that this was a bug and i followed this > http://blog.ronnypot.nl/?p=1041 and the session hosts now add fine. The issue is Group Policies cannot be added to the Session Hosts until after their linked to a collection. I removed the GPO and then added them fine.
I was hopeful with the new connection but then a user connected and i was asked to disconnect to allow them to connect. One active user is still where were at. Even after setting the collection and session host to allow 10,000 active users per session host.
I now have no GPO's set on the Session Hosts i am relying on the collection settings to issue the properties.
Not sure where to go from here
ASKER
I have removed All GPO's then removed the Session Host Role from one of the SH servers. I reinstalled the Session Hot Role on this server then checked licensing. Licensing said no licensing configured. I added the session host to the RDS deployment. I then rebooted the server and checked licensing again. Licensing is showing as fully configured in Per User mode. I then deleted my collection and created a new collection with this server only.
I opened the collection properties and disable require clients to use Network Level Authentication and applied this.
After 10 minutes of users trying to connect i saw only one active session amongst the connection attempts. Other users are still asked to disconnect to allow another session.
The users see the error
Remote Desktop Connection
Do you want to allow DOMAIN\USER to connect to this machine?
Click OK to disconnect your session immediately or click Cancel to stay connected.
No action will disconnect your session in 30 seconds.
I opened the collection properties and disable require clients to use Network Level Authentication and applied this.
After 10 minutes of users trying to connect i saw only one active session amongst the connection attempts. Other users are still asked to disconnect to allow another session.
The users see the error
Remote Desktop Connection
Do you want to allow DOMAIN\USER to connect to this machine?
Click OK to disconnect your session immediately or click Cancel to stay connected.
No action will disconnect your session in 30 seconds.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
This worked!!!!!
RemoteFX was only allowing one active session. Ill learn more about RemoteFX and DDA as i really want Graphics capabilities
Thank you for your efforts and time
Im not sure how to award the points so ill accept the solution above and maybe a moderator will help out if it looks unfair
RemoteFX was only allowing one active session. Ill learn more about RemoteFX and DDA as i really want Graphics capabilities
Thank you for your efforts and time
Im not sure how to award the points so ill accept the solution above and maybe a moderator will help out if it looks unfair
ASKER
This is the exact issue we had and this link is what lead me to solve my issue