Shadow Error when trying to shadow user on RDS server

Shadow Error when trying to shadow user on RDS server

Not sure why it got deleted when it was not resolved. Please help


https://www.experts-exchange.com/questions/29076580/Shadow-Error-when-trying-to-shadow-user-on-RDS-server.html?anchor=a42494075¬ificationFollowed=204942726#a42494075
jyoung127Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

jyoung127Author Commented:
Microsoft Windows [Version 6.3.9600]
(c) 2013 Microsoft Corporation. All rights reserved.

C:\Windows\system32>systeminfo

Host Name:                 "Server Name"
OS Name:                   Microsoft Windows Server 2012 R2 Standard
OS Version:                6.3.9600 N/A Build 9600
OS Manufacturer:           Microsoft Corporation
OS Configuration:          Member Server
OS Build Type:             Multiprocessor Free
Registered Owner:          "owner Name"
Registered Organization:   "Org name"
Product ID:                00252-60271-71809-AA708
Original Install Date:     3/30/2015, 11:37:16 AM
System Boot Time:          3/5/2018, 11:24:45 AM
System Manufacturer:       Red Hat
System Model:              KVM
System Type:               x64-based PC
Processor(s):              1 Processor(s) Installed.
                           [01]: Intel64 Family 15 Model 6 Stepping 1 GenuineInt
el ~2100 Mhz
BIOS Version:              Seabios 0.5.1, 1/1/2011
Windows Directory:         C:\Windows
System Directory:          C:\Windows\system32
Boot Device:               \Device\HarddiskVolume1
System Locale:             en-us;English (United States)
Input Locale:              en-us;English (United States)
Time Zone:                 (UTC-06:00) Central Time (US & Canada)
Total Physical Memory:     8,192 MB
Available Physical Memory: 5,721 MB
Virtual Memory: Max Size:  9,472 MB
Virtual Memory: Available: 6,549 MB
Virtual Memory: In Use:    2,923 MB
Page File Location(s):     C:\pagefile.sys
Domain:                    "Company Name here"
Logon Server:              \\"Servername here"
Hotfix(s):                 261 Hotfix(s) Installed.
                           [01]: KB2959936
                           [02]: KB2894852
                           [03]: KB2894856
                           [04]: KB2896496
                           [05]: KB2919355
                           [06]: KB2920189
                           [07]: KB2928120
                           [08]: KB2933826
                           [09]: KB2934520
                           [10]: KB2938066
                           [11]: KB2938772
                           [12]: KB2949621
                           [13]: KB2954879
                           [14]: KB2955164
                           [15]: KB2965500
                           [16]: KB2966407
                           [17]: KB2966826
                           [18]: KB2966828
                           [19]: KB2967917
                           [20]: KB2968296
                           [21]: KB2971203
                           [22]: KB2972103
                           [23]: KB2973351
                           [24]: KB2973448
                           [25]: KB2975061
                           [26]: KB2975719
                           [27]: KB2976627
                           [28]: KB2977629
                           [29]: KB2977765
                           [30]: KB2978041
                           [31]: KB2978126
                           [32]: KB2984006
                           [33]: KB2987107
                           [34]: KB2989647
                           [35]: KB2989930
                           [36]: KB2993100
                           [37]: KB2995004
                           [38]: KB2995388
                           [39]: KB2998174
                           [40]: KB2999226
                           [41]: KB3000483
                           [42]: KB3000850
                           [43]: KB3003057
                           [44]: KB3004361
                           [45]: KB3004365
                           [46]: KB3004545
                           [47]: KB3012199
                           [48]: KB3012235
                           [49]: KB3012702
                           [50]: KB3013172
                           [51]: KB3013531
                           [52]: KB3013538
                           [53]: KB3013769
                           [54]: KB3013791
                           [55]: KB3013816
                           [56]: KB3014442
                           [57]: KB3015696
                           [58]: KB3018133
                           [59]: KB3019978
                           [60]: KB3021910
                           [61]: KB3022345
                           [62]: KB3023219
                           [63]: KB3023222
                           [64]: KB3023266
                           [65]: KB3024751
                           [66]: KB3024755
                           [67]: KB3029603
                           [68]: KB3030377
                           [69]: KB3030947
                           [70]: KB3031044
                           [71]: KB3032359
                           [72]: KB3032663
                           [73]: KB3033446
                           [74]: KB3034348
                           [75]: KB3035126
                           [76]: KB3036612
                           [77]: KB3037576
                           [78]: KB3037579
                           [79]: KB3037924
                           [80]: KB3038002
                           [81]: KB3038314
                           [82]: KB3038701
                           [83]: KB3042085
                           [84]: KB3044374
                           [85]: KB3044673
                           [86]: KB3045634
                           [87]: KB3045685
                           [88]: KB3045717
                           [89]: KB3045719
                           [90]: KB3045755
                           [91]: KB3045999
                           [92]: KB3046017
                           [93]: KB3046737
                           [94]: KB3048043
                           [95]: KB3049563
                           [96]: KB3050267
                           [97]: KB3054169
                           [98]: KB3054203
                           [99]: KB3054256
                           [100]: KB3054464
                           [101]: KB3055323
                           [102]: KB3055343
                           [103]: KB3055642
                           [104]: KB3058515
                           [105]: KB3059317
                           [106]: KB3060681
                           [107]: KB3060793
                           [108]: KB3061512
                           [109]: KB3063843
                           [110]: KB3064209
                           [111]: KB3065822
                           [112]: KB3065988
                           [113]: KB3068708
                           [114]: KB3071756
                           [115]: KB3072307
                           [116]: KB3074228
                           [117]: KB3074545
                           [118]: KB3074548
                           [119]: KB3075220
                           [120]: KB3075853
                           [121]: KB3076949
                           [122]: KB3077715
                           [123]: KB3078071
                           [124]: KB3078405
                           [125]: KB3078676
                           [126]: KB3080042
                           [127]: KB3080149
                           [128]: KB3082089
                           [129]: KB3083325
                           [130]: KB3083711
                           [131]: KB3084135
                           [132]: KB3084905
                           [133]: KB3086255
                           [134]: KB3087038
                           [135]: KB3087041
                           [136]: KB3087137
                           [137]: KB3091297
                           [138]: KB3093983
                           [139]: KB3094486
                           [140]: KB3095701
                           [141]: KB3097992
                           [142]: KB3097997
                           [143]: KB3098779
                           [144]: KB3099834
                           [145]: KB3100473
                           [146]: KB3100773
                           [147]: KB3102429
                           [148]: KB3102467
                           [149]: KB3102812
                           [150]: KB3103616
                           [151]: KB3103688
                           [152]: KB3103696
                           [153]: KB3103709
                           [154]: KB3108326
                           [155]: KB3109103
                           [156]: KB3109560
                           [157]: KB3109976
                           [158]: KB3110329
                           [159]: KB3112148
                           [160]: KB3112336
                           [161]: KB3115224
                           [162]: KB3118401
                           [163]: KB3121261
                           [164]: KB3121461
                           [165]: KB3122654
                           [166]: KB3123245
                           [167]: KB3124275
                           [168]: KB3124280
                           [169]: KB3126434
                           [170]: KB3126587
                           [171]: KB3126593
                           [172]: KB3127222
                           [173]: KB3127226
                           [174]: KB3128650
                           [175]: KB3132080
                           [176]: KB3132372
                           [177]: KB3133043
                           [178]: KB3133431
                           [179]: KB3133690
                           [180]: KB3134179
                           [181]: KB3134814
                           [182]: KB3134815
                           [183]: KB3135449
                           [184]: KB3135782
                           [185]: KB3137728
                           [186]: KB3138378
                           [187]: KB3138602
                           [188]: KB3138615
                           [189]: KB3138910
                           [190]: KB3138962
                           [191]: KB3139164
                           [192]: KB3139398
                           [193]: KB3139914
                           [194]: KB3139929
                           [195]: KB3140219
                           [196]: KB3140234
                           [197]: KB3141092
                           [198]: KB3144756
                           [199]: KB3145384
                           [200]: KB3145432
                           [201]: KB3146604
                           [202]: KB3146723
                           [203]: KB3146751
                           [204]: KB3147071
                           [205]: KB3149157
                           [206]: KB3154070
                           [207]: KB3154132
                           [208]: KB3155784
                           [209]: KB3156059
                           [210]: KB3156418
                           [211]: KB3157993
                           [212]: KB3159398
                           [213]: KB3160005
                           [214]: KB3161606
                           [215]: KB3161949
                           [216]: KB3161958
                           [217]: KB3162343
                           [218]: KB3162835
                           [219]: KB3163207
                           [220]: KB3167685
                           [221]: KB3170106
                           [222]: KB3172614
                           [223]: KB3172729
                           [224]: KB3173424
                           [225]: KB3174060
                           [226]: KB3175024
                           [227]: KB3175443
                           [228]: KB3178539
                           [229]: KB3179574
                           [230]: KB3179948
                           [231]: KB3185319
                           [232]: KB3186539
                           [233]: KB3188128
                           [234]: KB3195387
                           [235]: KB3202790
                           [236]: KB3210135
                           [237]: KB3214628
                           [238]: KB4010250
                           [239]: KB4014505
                           [240]: KB4014510
                           [241]: KB4014551
                           [242]: KB4014598
                           [243]: KB4014604
                           [244]: KB4018483
                           [245]: KB4020821
                           [246
Network Card(s):           1 NIC(s) Installed.
                           [01]: Red Hat VirtIO Ethernet Adapter
                                 Connection Name: Ethernet
                                 DHCP Enabled:    No
                                 IP address(es)
                                 [01]:
                                 [02]:
Hyper-V Requirements:      A hypervisor has been detected. Features required for
 Hyper-V will not be displayed.

C:\Windows\system32>

FYI
I have removed all updates going back as far as last year but did not work. I  updated this server last week hoping that MS fixed issue but nope still have issue.
0
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
Can you provide any additional information concerning the error message?  Does it display as 'Shadow Error'?  (Or is it an 'Unspecified Error'?)  Did the user being shadowed get a dialog allowing them to consent to be shadowed, or is the error displayed before it gets to that point?  Can the user/machine attempting to shadow initiate a normal RD connection to the server?
0
jyoung127Author Commented:
Can you provide any additional information concerning the error message?  Does it display as 'Shadow Error'? yes
does not matter with consent or without consent still does not work.
Can the user/machine attempting to shadow initiate a normal RD connection to the server? Yes only happens when trying to shadow a user that in RDS session.

This was working back in December 2017.

I have looked and looked for answers but everything points to windows updates that does not seem to be my issue.  GPO is set to allow Full control without users permission.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
When you "updated this server last week hoping that MS fixed issue but nope still have issue." did you confirm that it did pick up the latest rollups?  I ask because, as of January 2018, the functional antivirus on the system needs to update a registry setting before any further updates will be provided (to prove that the Antivirus is compatible.)  The last update I see on the list in the comment above is from May 2017...
From TechNet, what you describe appears to have been a known issue.  However, it was also reported in that forum that optional update KB4057401 fixes this issue.  (Specifically folks were pointing to the entry for:
Addresses issue originally called out in KB4056895 where calling CoInitializeSecurity with the authentication parameter set to RPC_C_AUTHN_LEVEL_NONE resulted in the error STATUS_BAD_IMPERSONATION_LEVEL.

... as the fix to this issue.)
0
jyoung127Author Commented:
I tried installing KB4057401 update manually but says did not apply to my system.  its not on my list of updates. Going to try this again and will report back.
0
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
If you are not running any antivirus program, or an antivirus program compatible with the January 2018 updates, that would be consistent with having the update not apply to your system.
https://support.microsoft.com/en-us/help/4072699/windows-security-updates-and-antivirus-software
0
jyoung127Author Commented:
I had removed the AV on my testing machine  and I just checked Key="HKEY_LOCAL_MACHINE" Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat" Value="cadca5fe-87d3-4b96-b7fb-a231484277cc" Type="REG_DWORD”

Data="0x00000000”

Its set correctly

But  on my live machine I am going to try an update KB4057401 this evening once all users are out. (reason i have done so much changes to test machine)

Will report back Monday.
Capture.PNG
0
jyoung127Author Commented:
Update: After trying all the updates that were pending one of my machines that had issues resolved itself.  I still have issue with one of RDS server.

I compared notes on what updates were on each machines and there is a major difference I think my next step is to make the updates the same for both servers.

Unless anyone has any other ideas?
0
AlanConsultantCommented:
Hi,

Unless there is some compelling reason not to do so, I would always prefer to have all my servers on the same updates, as it means there are no inconsistencies to keep track of.

Sometimes third-party software has issues with a given update, but if I do avoid one, I make sure to record it in the systems documentation so that others who might be troubleshooting (or me for that matter since I tend to forget) don't waste time finding it out.


So, yes - I see no harm in bringing them all to the same status.

I am assuming you have good solid backups that you know you can restore if something goes wrong, so the big picture risk is mitigated.


Alan.
0
jyoung127Author Commented:
Update: got both servers to have the same updates but still have issues on one server.
Not sure were to go from here.
0
AlanConsultantCommented:
Hi,

Are you logged in as a domain admin, and are you shadowing from the server that they are connecting to?

If not, please can you try using such credentials, and post back what happens (differently or the same).

Thanks,

Alan.
0
jyoung127Author Commented:
Yes logged in as domain admin who is also local administrator. Yes trying to Shadow from the server that I am connecting to.
0
AlanConsultantCommented:
Hi,

Rather than connecting remotely to the server you that they are connecting to, please can you try logging on to that server at the console, and see if you can shadow from there?

Thanks,

Alan.
0
jyoung127Author Commented:
Same issue when trying from console.
0
AlanConsultantCommented:
Hi,

Also from the console (and logged in as a domain admin), please can you see if you can shadow *any* user who remotes in to the server?


Alan.
0
jyoung127Author Commented:
Alan same issue
0
AlanConsultantCommented:
Hi,

Just checking that you have enabled 'remote control' for the user (or any user) in Active Directory Users & Computers?

Also, I seem to recall from last time I used this, that you cannot remote control from the console session - you have to do it from an RDP session, although that might be version dependent, or my memory might be failing me on that.

Alan.
0
jyoung127Author Commented:
yes remote control is enabled\.
0
AlanConsultantCommented:
And it makes no difference if you try to shadow from a remote session?

What is the exact error you get - can you screenshot it?

Thanks,

Alan.
0
jyoung127Author Commented:
Does not matter if I do it remotely or locally cannot shadow session.
Error attached
2018-04-05_9-46-57.png
0
AlanConsultantCommented:
Hi,

My suspicion is that something has 'broken' your Shadow setup - either third-party software or a windows update.

If Windows Updates, then I would consider one of these as the most likely culprits (depends on whether you have Server 2012 Standard or R2):

KB4057401
KB4057402

If you have one of those applied, you could try removing it, and seeing if that fixes the problem.  However, it is very possible that, even if one of them broke the shadow functionality, uninstalling won't actually fix it (since it won't undo damage that was unintentional).

If you are going to try that, make sure you have rock-solid backups before doing anything in case you need to wipe the server and restore the backup.

If that still doesn't work, then I am inclined to say that, if it were me, I would be tossing up how much I wanted to have shadowing available (probably alot if you are using it regularly), and how much I want to wipe the server and reinstall clean from scratch.

Maybe you could consider a wipe and clean install as an opportunity to clear out all the accumulated cruft - gotta look on the bright side :-)


Alan.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
jyoung127Author Commented:
Alan I have tired all the update route. I agree that the shadowing function is broke.  reinstalling the OS would mean I have to re do 150 users profiles connected to Application settings.

that is last resort.

I am starting to think clean boot might be the way to go but holding on to hope I can find other solution.
0
AlanConsultantCommented:
Hi jyoung127,

I totally understand your reluctance, and I agree, it would be a 'last resort' for me too.

If you are going down that route, make sure that all your documentation is fully up to date.  Nothing worse than finding you have no record of how something is configured, and having to image the partially setup machine, restore the old image, make notes, then restore the new partially built image.  If this is a VM, then not such a biggie, but still.....

Alan.
0
jyoung127Author Commented:
anyone else have any thing else I can Try? I like to use rebuilding the OS as last resort.
0
AlanConsultantCommented:
Hi jyoung127,

I think the only option (unless you prefer to live with it), is to rebuild the server.

Alan.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows OS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.