I couldn’t find any way to contact the moderator so I started the new thread. Sorry. Please reopen the case http://social.technet.microsoft.com/Forums/windowsserver/en-US/2a2757a8-ca36-42be-8a1b-61796c601fdf/eventid-7011-a-timeout-30000-milliseconds-was-reached-while-waiting-for-a-transaction-response?forum=winserverTS and then delete this thread.

Thank you

Hello!

I have a problem with Outlook 2010 and Exchange 2010 on the MS Windows Server 2008 R2 RDS (RD Session Host) with users sessions IP-Virtualization. Outlook does not detect username (and email address) when user launch Outlook first time. If user manually enter all user parameters then Outlook works fine, but Outlook must do it automatically (Outlook_unable_detect_username.jpg). Without IP-Virtualization on the RD Session Host Outlook 2010 successfully detect username when first launched (Outlook_success_detect_username.jpg).

DHCP-server - Cisco Catalist Switch 3750.

Help me, please, with this problem.

Thanks,

Andrew.

P.S. I unable attach the images to request

hello,

we use remote app on a 2008 R2 Server and since last update, the print preference dialog are in front. If you logon direct an terminal server it works fine. If you use a app the dialog can be closed

Chris

Everyone knows that certificate are most important for RDS server connections. Whenever we deploy the Server environment, servers need certificate for trusts. Whenever we are browsing any https site, it requests the certificate information. After getting trusted by the certificate, it’s getting access to browse sites. When we browse RD Web site, it also needs certificate.

Generally in production environment, we use wild card certificate or SAN certificate and use a Self-Signed Certificate only for testing and evaluation purposes. We can obtain certificate bygenerating and submitting a certificate request to obtain a certificate from a stand-alone or an enterprise certification authority (CA) or purchase certificate from one of trusted public CAs that participate in the Microsoft Root Certificate Program Members program. When we buy a certificate from a public provider, the Root and Intermediate certificates are already located in the computers Certificate Store. (Trusted Root Certification Authorities). Which means that the computer already trusts the provider of the certificate and therefore your certificate is also trusted. But this does not the case with Self-Signed certificate and thus we can’t use it in production environment and only used for testing.

Suppose we brought Wildcard certificate with RDS farm name “*.it.com”. It means that it can be used for “abc.it.com, xyz.it.com, etc.” for all different RDS roles (RDCB, RDG, RDWA). However, when we create a self-signed certificate, it only can use specific names such as “abc.it.com”. Therefore, with Wildcard certificate, we can manage the production RDS server environment with single certificate.

When we need to test or evaluate RDS, we can use a Self-Signed certificate. We can create it during the configuration for certificate of RDS server and we can also create the Self-Signed certificate from IIS manager. Here, we will introduce how to create a Self-Signed certificate from IIS manager and then how to use for RDS environment.

Please follow the following steps:

1. Click on Search and type IIS Manager (Figure 1)

Figure 1

2. It will open IIS Manager Dialog Box (Figure 2)

Figure 2: IIS Manager

3. In Features view, double-click Server Certificates. (Figure 3)

Figure 3: Server Certificate

4. In the Actions pane, click Create Self-Signed Certificate. (Figure 4)

Figure 4: Select option for creating certificate

5. On the Create Self-Signed Certificate page, type a friendly name for the certificate in the “Specify a friendly name for the certificate” box. For the RDS setup “Specify the certificate store as “Personal” and then click OK. (Figure 5). Because the certificate must be stored under “Local Computer\personal certificate Store”.

Figure 5: Specify Friendly Name

6. After creating the certificate, we need to export the certificate and then, we will assign it to RDS deployment. We can export with the help of Export option as per below image. (Figure 6)

Figure 6: Export

7. Specify the path where you want to export the certificate. Please remember that certificate is exported in .pfx file format. (Figure 7)

Figure 7: Specify the path

8. When we export the certificate, we need to provide a password for your certificate (Figure 8).

Figure 8: Export Certificate Procedure

9. Exported Certificate (Figure 9)

Figure 9: Exported Certificate

10. Before applying to the RDS deployment, we need to check whether the certificate is stored under Trusted Root certification Authorities.

Open MMC > Add\Remove Snap in > Certificate > Add it and specify the path and we can see below display page. Where we can see the certificate is listed under “Trusted Root certification Authorities” with its private key (Figure 10). Please make sure that the certificate has attached private key.

Figure 10: Trusted Root certification Authorities

11. Now, we can assign the created certificate under RDS deployment by Edit Deployment properties (Figure 11)

Figure 11: Deployment Properties

12. In the certificate tab, we can manage our RDS certificate. In this demo, we choose “Select existing Certificate”. (Figure 12)

Figure 12: Select Certificate

13. After selecting that option, one dialog box will appear and we need to specify the path where certificate is stored, specify the password. We know that it is signed by trusted root but still need to select the checkbox for allowing the certificate to store under trusted root certification authority. (Figure 13)

Figure 13: Specify path and password for certificate

14. Select the certificate and click Apply. It will display “Ready to apply” (Figure 14)

Figure 14: Applying Certificate to RDS

15. After selecting certificate and applying, we can see that it’s assigned to RDCB. In the same manner, we need to select the same certificate for all the Role Services by selecting “Selecting existing certificate” option (Figure 15)

Figure 15: Certificate assigned to RDCB-Enable Single Sign

16. After performing all the required steps, we have done with certificate works on server side. However, Remote Desktop Services clients also must have the certificate from an enterprise certification authority (CA) that issued the server certificate in their Trusted Root Certification Authorities store. Therefore, if we create a self-signed certificate, we must copy the certificate to the client computer (or to a network share that can be accessed from the client computer) and then install the certificate in the Trusted Root Certification Authorities store on the client computer.

In addition to this, you can refer to following articles for more information on certificates for RDS. RD Gateway also needs SSL certificate signed by trusted authority to connect internal networks through RD Gateway.

RDS: The RD Gateway server must be configured to use a valid SSL certificate

Certificate Requirements for Windows 2008 R2 and Windows 2012 Remote Desktop Services

Minimum Certificate Requirements for Typical RDS implementation

Please click to vote if the post helps you. This can be beneficial to other community members reading the thread.

GoodDay

I have installed WindowsMultipoint2012Premiumand I use Direct-Video-Conetedstation.
When I want to use Dashboard, it worksfine, but when I want to"TakeControl"- it appears the following error message;

"The Take Control Failed action.Multipoint can not connect tothe session "

Same if I use the"Project":error messageis:

"Project failed.Unable to connect tosession"

Ido not usevirtual machine.I do not useWMP2012virtual.
It is installedas the operating systemonan Inteli7with16GBRAM.ConnectionusingNVIDIAQuadro440 (and/or Nvidia Quadro nvs 295)+USB HUB+monitorandthe second Config. (connection)is aZeroClientHPT 200.
I reinstalledWMP2012several times.Tackecontrolsometimesworkedand sometimes not.I do not knowwhy.

Pleasehelp me,
What should I do?

Thanks
Patrasescu.marinica@yahoo.ro

As you can see.  The icon and title are out of alignment.  This just  happened a couple of weeks ago.  Any ideas?

I have an RDS farm with select users running an app for their session, I use the following GPO:

http://i.imgur.com/DaKpW76.jpg

This works great, however, I also want an on screen keyboard to load with it as well... This setting disables most login scripts I have tried. 

Hello,

Scenario: a user from USER-PC connects to Remote desktop Windows 2008 R2 server SERVER-01. In SERVER-01 for that user %CLIENTNAME% is USER-PC. After that inside this remote session he starts to work with RemoteApp from another terminal Windows Server 2008 R2 SERVER-02. And in SERVER-02 for that user %CLIENTNAME% is SERVER-01. I understand, that it should be so, but is there a way to get original %CLIENTNAME% (USER-PC) from that nested session in SERVER-02?

May be is there a way to change %CLIENTNAME% environment variable? I tried "setenv" utility, but seems it does not work with Windows 7/Windows 2008. SetX does not work with volatile environment variables.

I have setup RDS on our internal network, everything is working fine – now I need to make it available on the internet. How should I setup NIC’s for communicating back to the internal network, below are some options, I think we have to go with option 1 but I’m not 100% sure – any recommendations for best practice will be great! All server are 2012 R2, We have a Firewall in-between the internal and DMZ network, there’s no AD DS in the DMZ.  

1 - RD Gateway                DMZ Network (joined to domain)

                                     2 x NIC’s – 10.x.x.x (Internal IP) 192.168.x.x (DMZ IP)

                                     External URL pointing to Public IP -----> Public IP translated to DMZ IP ------>  Internal IP communicates with internal network

2 - RD Gateway                 DMZ Network (not joined to domain) does it have to be joined to the domain?

                                      2 x NIC’s – 192.168.10.x DMZ external IP talking to the external network - 192.168.11.x DMZ internal IP, talking to the internal network (Ports to be opened on Firewall)

                                              External URL pointing to Public IP (DNS) -----> Public IP translated to DMZ external IP (translated by Firewall)

                                              DMZ internal IP talking back in to the internal network (Ports to be opened on Firewall)

Servers

- Server1.contoso.com                  Internal Network

RD Session Host

- Server2.contoso.com                  Internal Network

RD Session Host

- Server3.contoso.com                  Internal Network

RD Connection Broker, RD Licensing, RD Web Access

- Server4.contoso.com                  DMZ Network

                RD Gateway

Hello,

I've been having a recurring issue with a remote app. It involves a dialog box and a number of frustrating hours trying to solve the problem. Which brings me here. The problem is as follows: 

The user is in their remote application and needs to either save a file or open a file. When the open/save dialog box appears the remote app is closed, there are no error messages so I can't say that it crashed.

If the same user is connected through rdp, executes the application in an rdp session, and tries to open/save something the dialog box appears and everyone is happy. 

This really is only limited to remote app and it occurs quite frequently though not every session. 

Any advice?

Hi,

Sorry if I am in the wrong forum but this has happened whilst configuring RDS hence I thought I will post it here.

I am  trying to configure RDS in my lab I have all the roles installed on my RDS server apart from licensing server which is installed on DC. I don't have clue why is this happening and at what stage of RDS configuration this appears. When I initially configured the DNS it was just with the server name e.g. SERVER1 somewhere in configuring the RDS DNS server name changed to SERVER1.sco.local (sco.local is the domain name).

Does anyone why is happening or what is causing it to happen 

Afternoon everyone, hope you're all having a great day! Very interesting issue here, hope you guys can help me out.

I have a user that moves timezone very frequently, 4-5 times a month. So, to help him keep his bearings, we set his Outlook 2010 calendar up to show two time zones on the let, the primary being "Calgary" with a timezone of  Mountain Time (MST - USA & Canada -7:00 GMT) and the secondary is "Toronto" with a timezone of Atlantic Time (Canada -4:00 GMT).

Here's the frustrating part. Every time this user logs out of his terminal server session his "primary" Calendar time zone resets itself to Central America time (-6:00 GMT)! Then, all of his appointments get pushed up 6 hours as if the time that the appointment was scheduled was GMT and the appointment time is now being based off that. If he schedules an appointment at 8:30am while he was in a Mountain Time area with the correct calendar times showing, logs off terminal server, and logs back on the calendar will show this 8:30am appointment as being at 4:30pm. This is also completely wrong in itself as Central America and Mountain Time are only an hour off... Secondary timezone is not effected, it still stays at Atlantic Time or whatever time I fill in. But no matter what timezone I put in as the primary, it reverts itself back to Central America time 100% of the time on log off.

Going back in and setting his primary timezone back to Mountain Time moves all of his appointments back to their correct time, it is just more than annoying to have to do that 2-3 times a day. Any help would be greatly appreciated. Terminal Server issues are always hard but I will hope for the best!

Wonder if you can help, I'm looking to put together a proof of concept environment and want to offer desktop access from a web page. The usage will be minimal (E.G. 10 users concurrent max) and would need to provide web based access to the desktops (E.G. web rdp).

Reading various documents available I get the feeling a session based/virtual desktop environment is possible but am not sure what or more specifically how many servers would be required. I think I would need a Terminal Services Server and a Domain/DNS server, would I need an additional server if I were to go with VDI to host the desktop sessions or can that be co-hosted on the TS server. I'm assuming with the VDI I wouldn't need to be 'running a PC' as this would be managed within the TS server.

Would I also have web access with VDI, I know with TS/remote desktop you can but couldn't see if there were any limitations with VDI at all.

Apologies if these are all stupid/obvious questions but thought it would be better to ask than assume.

Any help would be appreciated.

Many Thanks

James

Hello,

First sorry for my bad english :)

I have a problem with my server 2012 when publishing remoteapp program. This error shows with every program i want to publish? Can you please help me.

Error when trying to publish remote app: Failed: Coul not create a published application instance on the server: ......

error in event viewer under Microsoft\windows\RDMS-UI\ Admin log

Event ID 16393

Publishing Failed for RDSH Collection - RemoteApp name: Excel 2013  Collection name: ........ Failure: Could not create a published application instance on the server .......

Please i googled it and didnot find any solutions can someone help me?

We migrated our Remote desktop licensing from server 2012 to server 2012 R2. We have 2003, 2008, and 2012 licenses installed. The migration was smooth with no issues. I usedhttps://activate.microsoft.com as I have before. 

The new license server has been up and running for a few weeks and all seems good. The License server is issuing temporary licenses for all OS'es (server 2003, 2008, and 2012).

When I go into the licensing console, I see that the 2008 and 2012 licenses are being upgraded to permanent and this is verified in the event viewer by Event ID 82 ( The "Temporary"  Windows Server 2008 or Windows Server 2008 R2 : TS or RDS Per Device CAL belonging to computer "XX-XXXXX" has been upgraded to "Permanent" Windows Server 2008 or Windows Server 2008 R2 : TS or RDS Per Device CAL.)

However, the Server 2003 licenses are not being upgraded to permanent status, the event viewer shows no errors and the users are not reporting any issues.

Has anyone else seen this issue and know why the licenses are not being upgraded or know how to correct it? 

Russ

Hi all.

I have the next infrastracture:

1. DC on WS2008

2. New RDS Host on WS2012R2. Connection Broker and Licensing Server installed on same server. 

Sometimes (about every 10 days) connection issues occurs. Users try to login, pass authentication successfully, then they "freeze" when settings must apply. The same time logged users can work without any problem, after some time they get black screen, but server manager shows the sessions like active. I can connect via telnet to RDP-port, it looks like OK.

I solve the issue rebooting RDS Host till now. 

In event viewer I see that user group policy doesn't apply since the issue occurs. 

When we used WS2008 as Terminal Servers there was not the problem. 

Any ideas? 

We recently cutover our corporate RDS system the Windows 2012 version and it was pretty smooth, only  few issue that where resolved quickly.  In the last 3 weeks I nave had 4 differnet users working from home on personal WIndows 7 system that they use to connect to their computer in the office using Windows 2012 RDS telling me that they can't connect any longer.  Doing some basic troubleshooting I discovered that if they select the option on the RDS Webaccess page "This is a private computer' they can't connect to their computer in the office.  If they select "This is a public or shared computer" It works fine.

Anyone seen this before???

Joe Gomez

I am experiencing an issue connection to an RDS farm from another machine.  The client tries to connect then gets the generic error 'Remote Desktop can't connect to the remote computer for one of these reasons:' etc.

In the Microsoft-Windows-TerminalServices-RDPClient/Operational log I get the following message when the client does not connect:

Log Name:      Microsoft-Windows-TerminalServices-RDPClient/Operational
Source:        Microsoft-Windows-TerminalServices-ClientActiveXCore
Date:          6/9/2014 2:45:00 AM
Event ID:      226
Task Category: RDP State Transition
Level:         Warning
Keywords:      
User:          WBC\cwestwateradmin
Computer:      WBC-ITTS-01.wbc.local
Description:
RDPClient_TCP: An error was encountered when transitioning from TcpStateConnectingTransport to TcpStateDisconnected in response to 2 (error code 0x80004004).
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-TerminalServices-ClientActiveXCore" Guid="{28AA95BB-D444-4719-A36F-40462168127E}" />
    <EventID>226</EventID>
    <Version>0</Version>
    <Level>3</Level>
    <Task>104</Task>
    <Opcode>19</Opcode>
    <Keywords>0x4000000000000000</Keywords>
    <TimeCreated SystemTime="2014-06-09T07:45:00.622998100Z" />
    <EventRecordID>12199</EventRecordID>
    <Correlation ActivityID="{59A63189-0267-44C7-A459-39D8ED500000}" />
    <Execution ProcessID="3856" ThreadID="2180" />
    <Channel>Microsoft-Windows-TerminalServices-RDPClient/Operational</Channel>
    <Computer>WBC-ITTS-01.wbc.local</Computer>
    <Security UserID="S-1-5-21-720231234-2037568477-3582021324-4396" />
  </System>
  <EventData>
    <Data Name="StateTransitionName">RDPClient_TCP</Data>
    <Data Name="PreviousState">1</Data>
    <Data Name="PreviousStateName">TcpStateConnectingTransport</Data>
    <Data Name="NewState">11</Data>
    <Data Name="NewStateName">TcpStateDisconnected</Data>
    <Data Name="Event">2</Data>
    <Data Name="EventName">TcpEventConnectionTimeout</Data>
    <Data Name="Error Code">2147500036</Data>
  </EventData>
</Event>

It's an intermittent issue but I would say 80% of the time the connection fails.

Any help appreciated

Hello!

Currently we're using RDS without session broker. We have user accounts for specific purposes, i.e.  for users in the warehouse or general sales areas. These users are permitted to have multiple concurrent sessions. We imlemented this solution using tscon in a script. It checks for those users who only have permission to have one session, if there is a running one and connects automatically to it, if true.

Now we plan to build a RDS farm. During my tests, I had to find out, that you have to enable the single session mode on every RDS to have running sessions reconnect. Of course we do want to have this feature for all "normal" users. But we need those functional users as well.

Thus I'm lookin for a way to...

1. ...enable my script to find out whether there is a running session for those "normal" users within the whole farm and reconnect it (tscon only works within a single RDS), so I don't have to activate the single session mode and have those funtional users working like before.

OR 

2. ...any other way to solve my problem... ;)

I hope I explained the situation thoroughly. Unfortunately I'm out of ideas and google didn't help either...

Best regards,

Thies