Server 2019 is making it’s appearance and of course we needed to enable Remote Desktop. Things change in time and of course so must Windows. The config option is not in it’s normal place.
I am not making a post at this time and I did find a very good writeup on this….
I had a request for a list of people who accessed a terminal server. Basically, an argument over use.
There is a log file which could help in such matters. Bring up Computer Management and drill your way down to it. The path is:
System Tools/Event Viewer/Applications and Services Logs/Microsoft/Windows/TerminalServices-LocalSessionManager
The log you need is called Operational. When you access it, it will be trough the Event Viewer. This is ok for a quick check or simply seeing the last time logged in. More detail would require using the LOG file. Not going to do that at this time as this was a “Quick and Dirty” need. If there is a need for a better report, I will update this….
Company acquisitions bring new challenges to environments. Such was the case with two servers which are used to test McAfee with the companies product. These servers were moved from a public area to a hardened site. They used to walk up and login when needed but now they could only use remote desktop. They reported the servers were down.
The McAfee fire was setup with a basic configuration and blocked ICMP and but did not block remote desktop.
Ping was enabled and on further review port 3389 needed to be enabled for TCP.
Remote Desktop is one of things administrators use throughout their day. It’s very useful and greatly missed when it does not work.
A user reported he had lost access to a 2012 server running remote desktop services. The server pinged and I was able to get to the hidden share. However, when I attempted a Remote Desktop Connection; I received:
The remote session was disconnected because there are no Remote Desktop License Servers available to provide a license. Please contact the server administrator.
Most likely the Remote Desktop Service had been running in trial mode and the grace period had expired. This server was located in another building and I was not interested in driving over.
Many people don’t know or simply forget there is a command line ability for remote desktop. You can by pass the licensing problem and get access by running the following from the Run command:
mstsc /admin
This will disable licensing for the session. Basically; you are accessing the server through administrative mode only.
For more command line information, you can look at this.
Server 2012 changed many things. It changed the way you manage Remote Desktop Services. Previously, you would simply go to administrative tools and bring up the services manager or session host configuration. Now, you only get RD Licensing Diagnoser.
I ran it and a message which caught my attention was about licensing not being configuration for either Device or User. There were also messages about license servers not getting accessed but I was interested in the configuration used during setup. The problem was where to configure this? Especially since, Remote Desktop Session Host Configuration no longer exists.
Server 2012 is an attempt to be more virtual and cloud like so the management tools are geared for that. If you simply want a server to run Remote Desktop Service and use your license servers, you may configure the needed options through the local computer policy. Start the editor:
gpedit.msc
Work your way through:
Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Licensing
There you will find your two needed options:
Use the specified RD license servers
Set the Remote Desktop licensing mode
Enable them and enter your license server(s) and the user or device mode.
Close out and give the server a reboot and you should have access to the server.
One of the most annoying things is a server which is hung up and won’t allow you to access it remotely. Especially, if it requires driving to get to the server.
Such was the case of a trouble call from a user trying to access a server. He would try remote desktop and received the following message:
Please wait for the System Event Notification Service…
The login process would remain at this point.
Remote Reboot failed but the system would ping and I could mount a hidden drive.
I needed remote desktop to work so I could look into this problem.
The System Event Notification Service as described from an article in the Microsoft Developer Network states:
Applications designed for use by mobile users require a unique set of connectivity functions and notifications. In the past these individual applications were required to implement these features internally. The System Event Notification Service (SENS) now provides these capabilities in the operating system, creating a uniform connectivity and notification interface for applications. Using SENS developers can determine connection bandwidth and latency information from within their application and optimize the application’s operation based on those conditions.
It sounds like something that is not needed, but it wasn’t the time to make this call when there was an annoyed user waiting for the server. I suspected we could at least kill the process and see if Remote Desktop would work again. Time to use the useful SC command:
sc \\servername queryex SENS
This returned:
SERVICE_NAME: sens
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 4 RUNNING
(STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x0
PID : 976
FLAGS :
Using the PID; I could attempt a taskkill of the sens process.
taskkill /S <servername> /PID 976 /F
This made the login session continue and I had access to the server.
Checking the Net; there are a several situations which could cause this condition. It ranged from removing Live Messenger (which was not installed), registry changes (which didn’t work or didn’t apply) to removing an update (which was not installed).
I had to log out and found the error was back. I used the same taskkill steps and was able to access the server again.
Not seeing the obvious; I figured I would try the “fix most things Microsoft” solution and rebooted.
The error went away.
Sometimes a reboot is all that is needed.
Windows Server 2012 can be a little disconcerting due to the new look and layout.
Such was the case for a request of a 2012 server with Remote Desktop Services enabled. I installed the OS and added it to AD. I installed the requested applications and then I went through the wizard and installed the “Remote Desktop Session Host.”
I didn’t need the license server installed as I have a couple already in place.
When it came time to configure verify the setup; I went to Administrative Tools and looked at Remote Desktop Services and only found “RD Licensing Diagnoser”
Ok? Where do I configure the license servers? Oh wait! the Dashboard. I looked under that and found the same thing.
I reinstalled the role and found nothing changed.
I did get the warning about licenses and so I ran the diagnoser to see what was wrong. Two license servers were found but the problem was the missing license server had the licenses for 2012.
Time became an issue and I literally had the user panicking to use the server so I needed a quick resolution as this system was a short term “crash and burn” setup.
I decided to add the missing entry via the registry and reboot.
The license server list can be found here:
HKLM\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows NT\Terminal Services
The entry you need to modify is : LicenseServers
I added the missing license server to the list and rebooted.
The warning message about licenses went away and I verified multiple users could access the server.
Time to crack open the 2012 books and papers!
This was a strange problem. I have a simple Windows 2008 R2 server with remote desktop services installed. Everything was properly configured. Plenty of licenses and diagnostics reported the license server was available.
The problem? Can’t access the server through remote desktop. No errors in the logs and the only message available to me was the generic:
Did all the noob checks and I even reloaded Remote Desktop Services, removed and re-added the server to AD.
Still no access.
I installed tightvnc as I did not want to live at the machine and found I had remote access.
I checked the registry to see if port 3389 was configured and it was.
I used portqueryui to see if the port was in use and it reported:
TCP port 3389 (ms-wbt-server service): NOT LISTENING!
A quick telnet to port 3389 confirmed this.
The firewall was not running and there wasn’t a web server or any other process trying to use that port and thus block Remote Desktop Services. I was tempted to declare too much time debugging this and reload but I decided to dig around the Net a little more and stumbled on an old discussion on technet.
As mentioned in the post by itdoug; I found the hidden device driver called “remote desktop services security filter driver” disabled (You just bring up the Device Manager, select show hidden devices and look under Non-Plug and Play Drivers).
I tried to enable it and it failed. I then uninstalled it and rebooted.
Remote Desktop worked after that.
I was trying to debug a problem on a remote server through remote desktop.
I wanted to run a Windows File Protection scan (sfc) but was rewarded with:
You must be an administrator running a console session in order to use the sfc utility.
I looked at Microsoft and found this technote.
The resolution was was to run it locally as this was by design!!!!
I thought “Come on! I have to drive over to the machine!”
Then, I noticed “Applied To” and saw only Server 2000 listed.
Hmmm? Administrator?…..
What would happen if I started a command window as a local administrator (right click the menu option and select run as administrator)?
Success!
Lesson of the Day: Read the whole technote!
Every once in awhile I come on a workstation which only has “Logoff” or “Disconnect” through remote desktop.
What to do when you want to reboot or shutdown?
There are a few ways to do this:
1) You can use the Alt+F4 keys to bring up a shutdown window which has the options for restart and shutdown.
2) You can use the Ctrl+Alt+End keys to bring up the old Ctrl+Alt+Del menu where you can select shutdown or restart
3) You can enter: shutdown -s -t 10 to shutdown in 10 seconds or you can enter: shutdown -r -t 10 to restart in 10 seconds.
Keep in mind new operating systems will do things different such as the Ctrl+Alt+Del menu is different for windows 7.
One thing I find still works is the shutdown command.
Finally, I keep forgetting the Alt-F4 approach. I was reminded of it here.
I was setting up a new server and when it came time to test a few things; I received this nice message when I tried Remote Desktop:
The connection cannot be completed because the remote computer that was reached is not the one you specified. This could be caused by an outdated entry in the DNS cache. Try using the IP address of the computer instead of the name.
I checked the cache and DNS and found it was in order. Remote desktop would work with the IP address.
This was one of two machines with the same setup and the configuration matched the other machine. I checked the Microsoft site and found this.
All you need to do is:
After that; Remote Desktop by hostname works.
I can’t explain why this happened on one of two identically configured systems. I could go back and hunt for a reason if I had time which I never do of course….
*update*
Well now. While working on another issue; I found the problem. The hostname was misspelled on the host. DNS and AD managed to give functionality but other things like simply mounting the C drive \\host\C$ failed giving the error “The target account name is incorrect” A quick delete of the domain record, a reboot and the problem is solved.
techdork 