Hello Everyone,

This is going to sound like a dumb question and I feel stupid even asking it, but am sufficiently confused now that I have no choice. LOL!
We have 2 new servers that the vendor team needs to work on to install products etc.
I was asked to purchase two Remote Desktop CALS so they can connect and did so through a reseller.
See item below
I then  started looking for a way to integrate these so they can be used. Eventually I read about needing an RDS server and that is when the confusion began. We recently updated our AD with two new 2016 DC and bought the 400+ User CALS required. However, I never came upon anything that stated that I needed to install licensing servers, etc. nor did any vendor tech helping us out ever mention it and we do not have one installed. So is the RDS server merely for the Remote Desktop and is it a feature installed on the two servers the vendor needs access to, or am I missing a serious piece of the AD puzzle that will eventually cripple us?
Thanks in advance for all insights.

Monitor Alert Notification
Hi AEM Support
An alert was triggered for a monitor configured for site (customer) on device (Terminal Server)
The monitor is as follows:
Performance monitor for Status to alert if Offline for 10 mins
The alert was triggered at: 2019-02-27 14:46:13 EST
Device went Offline (Offline for 10 mins)

Can anyone help with this one?  Currently we have a customer who is running load balancing between 2 terminal servers.   Occasionally one of the 2 terminal servers will simply report as offline, where RDP no longer works and the terminal server is no longer pingable.  

However the server can be UNC'ed to from another server such as the DC.  You can \\terminalserver\ and it pops up.  

Here is the current specs of the server.
Operating System: Microsoft Windows Server 2008 R2 Standard 6.1.7601
Service Pack: 1
Architecture: 64-Bit
Hyper-V Version: 6.1.7601.17514
.NET Version: 4.7.03062

Processor: Intel(R) Xeon(R) CPU E5620 @ 2.40GHz
Physical Cores: 4
Memory: 18 GB
Display Adapter:
ShoreTel Desktop Sharing Accelerator
LogMeIn Mirror Driver
ATI ES1000
Monitors:
Default Monitor (null x null)
Generic Non-PnP Monitor (null x null)
BIOS Name: Default System BIOS
BIOS Version: W07
BIOS Release Date: 2011-01-28
Power Rating: 350 Watts

HP NC326i PCIe Dual Port Gigabit Server Adapter (Setup for Load balancing)

The machine currently remains on and in CTRL ALT DEL mode.   You can log into it from the local …

Environment:  Windows 2012R2, and W2016; auto updates.  Business Application hasn't been updated in 4months. - happening on more than one site.
Tsplus is the RDP server application.

Problem:  Time of problem varies from site to site 3wks to 1 yr,  Application generates .pdf documents; e.g. invoices, quotes, statements either singularly or in a batch process, current fault happens in all pdf generated process'.
A Process, e.g. Invoices runs; create a 0kb .pdf, no errors displayed, then emails the .pdf to the customer; usually only found when the email receipient of the .pdf says can't open it.
Tried removing all .tmp files,    appdata\local\temp & appdata\roaming\"any rdp session files not deleted".
Stop Print Spooler / Remove any files in windows\system32\spool\printer\*.* / Start print spooler.
Sometimes allows the correct generation pf the .pdf file; occassionally works - mostly not.
If user logs out of the Application and RDP Session, (back to the PC desktop) login to Server via RDP then application and perform the print - works everytime.


My summation but can't grasp the answer, is: Logging out of the Session obviously terminates a process that is affecting the "Printing"

Does anyone have any suggestions as to how to identify the process &  recitification.

Thank you for reading this.

We have newly deployed Xenapp 7.15 LTSR CU3 on Windows 2016 OS. While launching published applications through Storefront from Win 2016 VDA, our session stuck on Windows Sign in prompt. We are not getting user id & password option. We do have RDS security policy is in place “Always prompt for password upon connection”.
But while launching published desktops, we are getting prompt to enter userid & password options. Does anyone has seen this issue?
We are using NetScaler VPX.
We identified the Issue: We do have RDS security policy is in place “Always prompt for password upon connection”.
If we disabled this policy, issues has been resolved.
But as per security team, this policy is must.
Do we have any Citrix article where it confirmed that, this policy has to disable?

Hi,

I have a question regarding Windows Terminal Services.

Where do I install a remote app? On the Remote Gateway Server or on the Remote Desktop Server?

Thank you in advance.

Bernhard

I have the InfoSec team who would like to have Remote Desktop access to all machines of the domain. But, i have a group of software engineers, with regular accounts who would like to have RDP access to certain servers. I am kinda stuck on here. Let me lay out for what i have:

I have this GPO called CORP_RDP_SEC_AllServers linked into Domain.com domain, this GPO enables the InfoSec team to RDP into any machine in the domain by adding the InfoSec team into the "Remote Desktop Users" on every computer in the domain

Ok, so it looks like certain domain users,  need to have RDP access into some servers under the Servers OU. How do i allow those users to have RDP access knowing the fact I have already the GPO "CORP_RDP_SEC_AllServers" for the InfoSec team ?

CORP_RDP_SwEng_Servers this gpo contains all the users to have to have RDP access into the Servers OU.

See attachment. Thanks for your help

Client computers receive "Do you trust the publisher of this remote connection" when attempting to connect to Connection Broker.

I have a Windows 2016, 4-server terminal services system configured as follows (NOTE: There is no Gateway configured)

Server 1 = Connection Broker, Licensing, and Web Access.
Server 2 = Session Host
Server 3 = Session Host
Server 4 = Profile host

A wildcard certificate *.domain.local has been issued by an Internal CA and installed on all servers. The certificate has been imported into RDS binding with all roles as shown in screenshot. Created certificate using https://dilanweerasinghe.wordpress.com/2015/01/24/creating-a-wild-card-certificate-for-remote-desktop-services/


The .RDP file has been signed with the Thumbprint (Sha1) of the certificate.

I have populated the following GPO with the cert's thumbprint and have verified that client computers have been successfully updated.  Computer Configuration\Administrative Templates\Windows Desktop Services\Remote Desktop Connection Client.

WE allowed our RDP  license to expire and now cannot get in , it there a way to get in to the server to allow us to apply a license ?
RDPPPPPPCapture.PNG

From time to time we get this error when connecting to our RDS server


I am not sure to understand where this is coming from (it can even show up when... nobody is connected to the session host server !!).

1. our RDS CAL licensing is ok (at least as far as the assessment tool can tell us)
2. there is no GPO I am aware of that would limit the number of sessions (where should I check ?)
3. there is no limitation in the RDS deployment (set to 9999 sessions)
4. there is nothing logged in the event log when this happens

Any suggestion / pointer most welcome

Sometimes it seems like if I am still RDPed into a server after my LOCAL PC that I was using for RDP had a power outage/etc then my WEEKEND Windows Update cannot automatically reboot.

 1. Does anyone else have the same issue ?

 2. What script/etc can I run to find out if I am still RDPed into ANY servers without having to manually login to each of my 20+ Windows Server 2012 VMWare VMs ?