Certificate Mismatch RDS Session Host

Similar Messages

• Windows 2012 RDS - Session Host servers High Availability

  Hello Windows/Terminal server Champs,
  I am new middle of implementing RDS environment for one of my customer, Hope you could help me out.
  My customer has asked for HA for RDS session host where applications are published, and i have prepared below plan for server point of view.
   2 Session Host server, 1 webaccess, 1 License/connection
  Broker & 1 Gateway (DMZ).
   In first Phase, we are planning to target internal user
  who connect to Session host HA where these 2 servers will have application installed and internal user will use RDP to access these application.
  In second Phase we will be dealing with external Party who connect from external network where we are planning to integrate with NetIQ => gateway
  => Webaccess/Session host
   I have successfully installed and configured 2 Session
  Host, 1 license/Broker. 1 webAccess & 1 Gateway. But my main concern to have session Host High Available as it is hosting the application and most of the internal user going to use it. to configure it i am following http://technet.microsoft.com/en-us/library/cc753891.aspx  
  However most of the Architecture is change in RDS 2012. can you please help me out to setup the Session Host HA.
  Note: we can have only 1 Connection broker /Licensing server , 1 webacess server & 1 Gateway server, we cannot increase more server due to cost
  factor.
   thanks in advance.

  Yes, absolutely no problem in just using one connection broker in your environment as long as your customer understands the SPOF.
  the session hosts however aren't really what you would class HA - but to set them up so youhave reduancy you would use either Windows NLB, an external NLB device or windows dns round robin. My preferred option when using the connection broker is DNS round
  robin - where you give each server in the farm the same farm name dns entry - the connection broker then decides which server to allocate the session too.
  You must ensure your session host servers are identical in terms of software though - same software installed in the same paths on all the session host servers.
  if you use the 2012 deployment wizard through server manager roles the majority of the config is done for you.
  Regards,
  Denis Cooper
  MCITP EA - MCT
  Help keep the forums tidy, if this has helped please mark it as an answer
  My Blog
  LinkedIn:

• Username or Password is incorrect when logging into 2008r2 standard RDS sessions host

  Hello there TechNet forums,
  I recently finished setting up a Windows 2008r2 RDS sessions host.  The licensing server is a Windows Server 2012 server with 5 per user 2012 RDS licenses.  The Windows 2008r2 server is pointed to the 2012 server correctly.  
  When I do a remote desktop connection from a third computer,  I am not able to log in.  I receive "Username or Password is incorrect."  The accounts are in the remote desktop users group (both in the domain and on the local group
  for the server).  I have tried to use domain\username, \domain\username, \domain\username\. None work. I am able to log onto the console with the same username and password I am trying for a remote session.
  I am unsure where to look moving forward.  Any suggestions are appreciated and welcome.  If you need more information, please let me know, I will provide what I can.

  Hi,
  Thank you for posting in Windows Server Forum.
  Does this issue happens for single user or all users and on single machine? Did you try from other system?
  What’s your client OS and RDP version? I suggest to have RDP v8.1 for better functionality. Also see whether you can ping the server.
  In addition, for a try please disable firewall and check whether you can access the remote server. Also clear the server name from below registry on client machine, reboot and check the result.
  HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\
  Additional information.
  http://support.microsoft.com/kb/2477176
  Hope it helps!
  Thanks.
  Dharmesh Solanki
  TechNet Community Support

• Office 2013 document with Czech spell check lags by save and close on Windows Server 2012R2 RDS session host

  On our Win Srv 2012R2 RDS session host server (terminal server) I have bad problem. Office 2013 documents with Czech spell checking lags (1-2 min) when I close and save document. When I change spell checking on English everything works OK. On Windows 8.1
  works OK both spell checking.
  I tried to investigate with process explorer, and when winword.exe lags, active thread is wwlib.dll!DllGetClassObject with Stack:
  KERNELBASE.dll!ReadFile+0x3
  MSGR2CZ.DLL!GramGetError+0x3ffeb
  MSGR2CZ.DLL!GramGetError+0x4045f
  MSGR2CZ.DLL!GramGetError+0x47c7f
  MSGR2CZ.DLL!GramGetError+0x10e17
  MSGR2CZ.DLL!GramGetError+0x125c2
  MSGR2CZ.DLL!GramOpenMdt+0x189
  wwlib.dll!wdCommandDispatch+0x251ce8
  wwlib.dll!DllGetLCID+0x31ef72
  wwlib.dll!DllGetClassObject+0x10887a
  wwlib.dll!DllGetClassObject+0x108535
  wwlib.dll!DllGetClassObject+0x107bc6
  wwlib.dll!DllGetClassObject+0x1030c1
  wwlib.dll!DllGetClassObject+0x1077df
  ntdll.dll!RtlInitializeExceptionChain+0x84
  ntdll.dll!RtlInitializeExceptionChain+0x5a
  MSGR2CZ.DLL is Czech language checker.
  Any idea?

  Hi,
  It seems to be an Office related issue, I suggest asking the question in Office forums for help.
  http://social.technet.microsoft.com/Forums/office/en-US/home?category=officeitpro&filter=alltypes&sort=lastpostdesc
  Thanks for your understanding.
  Jeremy Wu
  TechNet Community Support

• Office 2013 document with Czech spell check lags when save and close on Windows Server 2012R2 RDS session host

  On our Win Srv 2012R2 RDS session host server (terminal server) I have bad problem. Office 2013 documents with Czech spell checking lags (1-2 min) when I close and save document. When I change spell checking on English everything works OK. On Windows 8.1 works
  both spell checking OK.
  I tried to investigate with process explorer, and when winword.exe lags, active thread is wwlib.dll!DllGetClassObject with Stack:
  KERNELBASE.dll!ReadFile+0x3
  MSGR2CZ.DLL!GramGetError+0x3ffeb
  MSGR2CZ.DLL!GramGetError+0x4045f
  MSGR2CZ.DLL!GramGetError+0x47c7f
  MSGR2CZ.DLL!GramGetError+0x10e17
  MSGR2CZ.DLL!GramGetError+0x125c2
  MSGR2CZ.DLL!GramOpenMdt+0x189
  wwlib.dll!wdCommandDispatch+0x251ce8
  wwlib.dll!DllGetLCID+0x31ef72
  wwlib.dll!DllGetClassObject+0x10887a
  wwlib.dll!DllGetClassObject+0x108535
  wwlib.dll!DllGetClassObject+0x107bc6
  wwlib.dll!DllGetClassObject+0x1030c1
  wwlib.dll!DllGetClassObject+0x1077df
  ntdll.dll!RtlInitializeExceptionChain+0x84
  ntdll.dll!RtlInitializeExceptionChain+0x5a
  MSGR2CZ.DLL is Czech language checker.
  Any idea?

  Hi,
  As the log, MSGR2CZ.DLL and wwlib.dll were both of the Microsoft libraries,not the third-party libraries. Thus, we need to analysis what happened with the dump file. But, it is beyond what we can do in the forum. I recommend you open a ticket with Microsoft
  engineer.
  Thanks,
  George Zhao
  Forum Support
  Come back and mark the replies as answers if they help and unmark them if they provide no help.
  If you have any feedback on our support, please click "[email protected]"

• Unable to install new RDS Session Hosts 2012R2

  We currently have an 2012R2 RDS environment running 8 farms across 12 session hosts from one connection broker. Recently I went to provision 2 new Session Hosts (one to a new farm and one to an existing) however they both fail with the following error in
  the Server Manager Wizard:
  Access is denied
  The term 'Get-LocalMachineFqdn' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
  I've also tried installing from PowerShell without success.
  Has anyone come across this before? I haven't been able to find anything in my searches on the web let alone find anything of use in the event viewer.
  Cheers,
  Ryan.

  When attempting to view the certificates via PowerShell I receive the following error, despite having the correct permissions:
  PS C:\WINDOWS\system32> Get-RDCertificate -ConnectionBroker pv-rdcb02.ksgroup.com.au
  New-PSSession : Access is denied
  At C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\RemoteDesktop\Certificate.psm1:34 char:19
  +     $M3PSession = New-PSSession -ConfigurationName Microsoft.Windows.ServerManag ...
  + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      + CategoryInfo          : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], RemoteExc
     eption
      + FullyQualifiedErrorId : PSSessionOpenFailed
  Invoke-Command : Cannot validate argument on parameter 'Session'. The argument is null or empty. Provide an argument
  that is not null or empty, and then try the command again.
  At C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\RemoteDesktop\Certificate.psm1:36 char:40
  +     $RDCerts = Invoke-Command -Session $M3PSession -ArgumentList @($optionalPara ...
  +                                        ~~~~~~~~~~~
      + CategoryInfo          : InvalidData: (:) [Invoke-Command], ParameterBindingValidationException
      + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.PowerShell.Commands.InvokeCommandCommand
  New-Object : Cannot convert argument "6", with value: "", for "Certificate" to type
  "Microsoft.RemoteDesktopServices.Common.CertificateRole": "Cannot convert null to type
  "Microsoft.RemoteDesktopServices.Common.CertificateRole" due to enumeration values that are not valid. Specify one of
  the following enumeration values and try again. The possible enumeration values are "None, RDGateway, RDWebAccess,
  RDRedirector, RDPublishing"."
  At C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\RemoteDesktop\Certificate.psm1:96 char:9
  +         New-Object Microsoft.RemoteDesktopServices.Management.Certificate `
  +         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      + CategoryInfo          : InvalidOperation: (:) [New-Object], MethodException
      + FullyQualifiedErrorId : ConstructorInvokedThrowException,Microsoft.PowerShell.Commands.NewObjectCommand
  Does anyone have any thoughts?
  Cheers,
  Ryan.

• User profile images not persisting after log off on Server 2012 R2 RDS Session Hosts

  Hi,
  We have a 2012 R2 remote desktop deployment, with two session collections, a gateway server, and connection broker.
  We have set these session collections to use centralised user profile disks.
  What I am having an issue with, is that when a user sets their profile image through the server they have logged on to (I have the desktop experience pack installed so they are able to do this), they can see the user tile has been set with that image in
  settings and also on the start menu, but as soon as they log off the server and back on, their profile image has been reset to the default blank image.
  I have checked all of my group policy options, and cannot find any settings that could be impacting this.
  Does anyone have any ideas why these images are not persisting for users or admins?
  Thanks, Eds

  Please check that the user is not getting a temporary profile each time he logs in. Also, make sure that the RDP client is properly configured to display the Wallpaper: http://www.webapper.com/blog/index.php/2007/10/18/enabling-desktop-wallpaper-on-remote-desktop-terminal-services/
  This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
  Get Active Directory User Last Logon
  Create an Active Directory test domain similar to the production one
  Management of test accounts in an Active Directory production domain - Part I
  Management of test accounts in an Active Directory production domain - Part II
  Management of test accounts in an Active Directory production domain - Part III
  Reset Active Directory user password

• Server 2012 R2 RDS- Only want the Session Host, Connection Broker and Licensing Server!

  Hi all,
  Wondering if anyone has experience with implementing Remote Desktop Services (RDS) on Windows Server 2012 R2.
  I am doing an RDS design for a platform where we only need an RDS Session Host, Licensing Server and Connection Broker. We do not need web access as these servers will simply be jump boxes internally!
  However, implementing this correctly in our test environment has proved to be tricky. The options are:
  Use the Server Manager and do a traditional install via Roles and Features ( specifically add the Session Host, Licensing Server and Connection Broker). The installation process seems to go through ok in this scenario but when I head over to the Remote
  Desktop Services section of the Server Manager I simply get the message 'An RDS Deployment does not exist in the server pool. To create a deployment head to Roles and Features'.
  Use the specific ‘Remote Desktop Services installation’ option on the Server Manager and do a Session Based Desktop deployment and Quick Start. This installation process seems to go through correctly and the Remote Desktop Section seems to be working
  correctly via the Server Manager. However this process is ‘hard locked’ i.e. it installs the session host, web access and connection broker. I can then remove the web access component later from Roles/ Features.
  Is there a best practice (if any) for installation? i.e. Will there be any issues down the line if I remove RDS Web Access from my server while following method 2?
  There is a complete lack of documentation from Microsoft here so not sure what to do! Just need a basic RDS session based deployment.

  Hi,
  As I know from server 2012\R2 the best deployment skill is to perform via “Remote Desktop Services” installation mode with Standard deployment and don’t let single role to install. Because when we install through RDS mode, there are specific extra tools and
  services activated along with that deployment which you can’t find with single role installation. And that is for sure, when we install RDS role as of this, by default we will get install RDCB, RDSH and RDWA role installed.
  Sorry don’t have any option to try to remove that role as that role basically needed for RemoteApp and Desktop purpose. But if you want then you can try it with help of “Remove-RDServer”Powershell command.
  https://technet.microsoft.com/en-us/library/jj215506.aspx
  Hope it helps!
  Thanks.
  Dharmesh Solanki
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Using Windows Server 2012 per-User RDS CAL on Server 2008 R2 Session Host

  I have a Remote Desktop Licensing Server setup on my domain controller running Windows Server 2012 R2. I have installed a
  ’Windows Server 2012 Remote Desktop Services per-User CAL’ there and activated the licensing server already.
  Currently I use ONLY Windows Server 2008 R2 machines as RDS Session Hosts (in the future I plan to transition them to 2012 R2, hence the CAL I bought is
  already in the newest version).
  I have already configured my WS 2008 RDS Session Hosts: set
  Per-User licensing mode and specified license server address. The connectivity between my Session Host(s) and my License Server seems to be ok as the
  Remote Desktop Session Host Configuration window on the Session Host correctly lists the 2012 per-user
  license (CAL installed on server) from the license server.
  On the License Server I can also see event logs entries (in
  Microsoft-Windows-TerminalServices-Licensing/Admin), indicating that the user has been issued a license.
  The issue I am having is that the license being issued is
  2008 Per User CAL license (Build-in OverUsed - temporary) and not the 2012 Per User CAL license which is the only license installed on the server. According to the RDS CAL interoperability matrix at
  social.technet.microsoft.com/wiki/contents/articles/14988.rds-and-ts-cal-interoperability-matrix.aspx, I was expecting the 2012 license to be backward-compatible with 2008 client (and that
  in the absence of legacy licenses, the (only) 2012 license would be used for all clients connecting to the licensing server)
  Before I bought my license, I found this document: 
  download.microsoft.com/download/3/D/4/3D42BDC2-6725-4B29-B75A-A5B04179958B/WindowsServerRDS_VLBrief.pdf 
  which says that - "newer version RDS CALs can be used with an older version of the server software" (In section FAQ, Q4), which means to me that
  the 2012 license would work as-is for the 2008 Server and gives me flexibility when upgrading to the new server version.
  How can I make this CAL work in my environment? 
  Note:
  I have already explicitly disabled
  Prevent license upgrade Group Policy setting which I assumed would fix the issue but nothing has changed.
  Then I have enabled License server security group Group Polity setting
  and added computers from my domain to RDS Endpoint Servers AD group. I have also created new AD group called
  Terminal Server Computers and added the computer accounts there, but it changes
  nothing. Reference - technet.microsoft.com/en-us/library/ee791761.aspx , technet.microsoft.com/en-us/library/cc725704.aspx and blogs.msdn.com/b/rds/archive/2009/09/17/control-the-issuance-of-rds-cals.aspx.
  I found one potential ‘workaround’ which involved manually downgrading my CAL license by calling
  Microsoft Clearinghouse. I am very reluctant do to so because, as I upgrade parts of my infrastructure to Server 2012, I’d need to then ask Microsoft to manually upgrade a part of my license back as well.
  Am I missing something? What should I do to get my 2012 CAL to be issued to 2008 R2 server

  Hi, I have tried several other possibilities.
  I change expire date for my temporary assigned license (2008 CAL overused). It can be done, by changing Active Directory user properties – msTSExpireDate. When I restart my Session Host server and logged again, my license was renewed
  for next 60 days (event ID - 4145).
  I also delete information about license for this user (clear msTSExpireDate and msTSLicenseVersion). And the license was successfully removed from License Manager. After another SH restart it gets the same – 2008 overused – license
  (event ID 4143 - license server has successfully issued …)
  I now, that changing info in AD attributes is a little trick, and this is not a real value - only a reference, but it was useful to delete or change expiration date of license. But it didn’t change type of license as I expected.
  Reference -
  http://discussions.citrix.com/topic/243320-windows-2008-licensing-questions/
  To TP:
  I have found your post with information:
  If you have a Server 2012 RD Licensing server you may install your 2012 RDS CALs on it (no downgrade necessary) and then set your Server 2008 R2 RDSH to
  use the 2012 RDL server.  The 2012 RD Licensing server will automatically issue the CALs as 2008. -
  https://social.technet.microsoft.com/Forums/windowsserver/en-US/6046ded1-96bf-4d79-89ce-38aac2a6694e/can-we-use-windows-server-2012-rds-cal-license-in-rds-2008-r2-server?forum=winserverTS
  And it showing my situation in brief. I also found
  similar problems, but the solutions don’t meet my expectations.
  https://social.technet.microsoft.com/Forums/windowsserver/en-US/dcfb1966-89a8-4b5d-bf5a-ff03ac0b7a66/rds-cal-licenses-not-recognized?forum=winserverTS
  – “sudden all of the CALS were available”
  https://social.technet.microsoft.com/Forums/windowsserver/en-US/f1228599-8452-4a3e-a263-061de14bfcfe/server-2012-rds-builtin-overused-cals-issue?forum=winserverTS
  – “this should go away after a while”
  Is there a way to determine this time you mentioned before? Or should I just wait patiently…

• RDS Session Broker

  Hi,
  actually I have an issue in an Broker scenario on Windows 2008 R2.
  Scenario: Windows 2008 R2 RDS
  2 Session Hosts for RemoteApps and Desktop (No VD)
  NLB configured for the a farm on 10.1.1.100 on both Session Hosts
  Farmname = RDSFarm.xxxx.xxx
  No WebAccess (IIS is installed on the Session Broker Server)
  DNS Entry in place = 10.1.1.100 (nslookup works)
  I moved the Session Broker from an an Domain Controller to an Member Server based on Windows 2008 R2.
  I also renewed the farm certificate RDSFarm.xxx.xxx and configure it on all RDS Hosts to use this certificate.
  Now the problem:
  I cannot connect to my RDSFarm.xxx.xxx: Error (using Windows 7):
  "The connection cannot be completed because the remote computer that was reached is not the one you specified. This could be caused by an outdated entry in the DNS cache. Try using the IP address of the computer instead of the name."
  What I've checked (and double checked):
  - RDS Session Hosts are in the local Group of the new Session Broker Host -> check
  - Farm certificate in all required Settings on Broker and Session Hosts
  - DNS Entries (Also tried with round robin and without)
  - Farm Membership
  - FlushDNS
  - Trying to use IP -  then there is a certificate warning that the computername 10.1.1.100 does not match the certificate named RDSFarm.xxx.xxx (Tis is what I expected) -  and i got a connection.
  I get no more error messages except that my RDP Client cannot connect. How can I find more connection information or how to troubleshoot this ? Do I miss something during the migration from a DC to a member server ? Can anyone gave me a hint ? :-)
  Greetings
  Tobias

  Hi,
  Thanks for the update and I am glad to hear that the issue has been resolved.
  Cheers.
  Jeremy Wu
  TechNet Community Support

• Windows 2012 Remote desktop session host server not detecting RD licensing server

  Hi,
  We have a customer server which is Windows 2012. We installed RDS session host server role and configured it to use RD licensing server as per the
  https://support.microsoft.com/kb/2833839?wa=wsignin1.0
  After configuring, when I open RD license diagonser tool, it says, RD license server is not available. Also shows, credential not available. When I enter the credential by clicking, provide credentials, it does not get applied. I see no event logs related
  to RD service. However, I see the below event log which points to RD licensing server.
  DCOM was unable to communicate with the computer <RD license server> using any of the configured protocols; requested by PID     273c (C:\Windows\system32\mmc.exe).
  Please help in fixing the issue.
  Thanks,
  Umesh

  Hi Umesh,
  Thanks for your comment.
  During your configuration, have you specified RD License server for RDSH to use?
  You can also specify a license server for the RD Session Host server to use by applying the Group Policy under below path.
  Computer Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Licensing 
  Use the specified Remote Desktop license servers – Provide the FQDN of the license servers to use
  Also this setting can be specified by below method.
  To configure the license server on RDSH/RDVH:
  $obj = gwmi -namespace "Root/CIMV2/TerminalServices" Win32_TerminalServiceSetting
  $obj.SetSpecifiedLicenseServerList("License.contoso.com")
  Note “License” is the name of the License Server in the environment
  To verify the license server configuration on RDSH/RDVH:
  $obj = gwmi -namespace "Root/CIMV2/TerminalServices" Win32_TerminalServiceSetting
  $obj.GetSpecifiedLicenseServerList()
  More information.
  RD Licensing Configuration on Windows Server 2012
  http://blogs.technet.com/b/askperf/archive/2013/09/20/rd-licensing-configuration-on-windows-server-2012.aspx
  In addition you can refer this article for reference.
  Hope it helps!
  Thanks.
  Dharmesh Solanki
  TechNet Community Support

• Renaming computers in Win2012R2 Session Host Farm

  We have Windows 2012 R2 RDS Session Host farm setup with the following numbers of servers
  2 x RDWA in Win NLB
  1 x RDLic Server
  4 x RDSH Servers configured in two collections with each collection having 2 RDSH servers
  1 x RDCB server
  1 x File share cluster for UPD storage
  All the above mentioned RDS servers are VM's on a HyperV 2012R2 3 Node Cluster.
  We wish to achieve the following
  Rename ALL the above mentioned RDS computers retaining the AD Domain name. e.g. server1.domain.com will become host1.domain.com
  Is there a set procedure to rename computers those are part of RDS session host farm?

  Hi,
  There is no rename functionality for servers in a RDS deployment.  What this means in general is that you need to remove the servers from the deployment, rename them, then add them back to the deployment.
  The biggest "catch" is probably the RD Connection Broker.  You cannot rename it since it is the heart of the RDS deployment which means you essentially need to wipe out your deployment (remove RDS Role Services from the broker), rename the server, then
  install the deployment again.
  I have not tested it but I think it would be possible to remove/rename/re-add a RDCB server if you had an HA deployment with at least one other RDCB server that you could leave in service while renaming the other broker.
  It should not take too long to redo the deployment from scratch since you only have 2 collections, unless you have lots of published RemoteApps.  Usually the longest part is installing all of the applications on the RDSH servers and configuring
  custom settings, security, etc., which most likely you will not need to do.  Some applications may have a problem if the server they are on gets renamed but that is specific to certain applications.
  I would recommend you test the various steps of your rename so that you know what to expect.
  So in general the steps would be:
  Write down any customizations/settings/etc. for the deployment and the collections
  Unpublish all RemoteApps from the collections
  Remove all RDS servers from the RDS deployment except the broker (the various Role Services will remain installed on each server)
  Delete all collections
  Uninstall RD Connection Broker Role Service from the broker
  Rename the broker server
  Rename the other RDS servers
  Install a fresh RDS deployment on the broker, verify there are no remnants of old deployment
  Add the other RDS servers to deployment, create collections, configure, publish RemoteApps, etc.
  Test everything, verify there are no "phantom" RemoteApps showing in RDWeb, etc.
  I'm probably forgetting some details but the above should give you enough to figure it out.
  -TP

• Setup email profile at Remote Desktop Session Host Server

  Hi All,
  We have setup a RemoteApp environment hosted in Server 2012 R2.  We are trying to create outlook profile for remote users during logon.  Our approach is to create customised outlook profile (.prf), and assign it via logon script.  However,
  as the logon scripts are park under AD server (where Outlook is installed under Remote Desktop Session Host server), the script could not find the Outlook.exe, which is obvious as the Outlook wasn't installed on the same server. 
  Can someone advise what we should do to create the outlook profile when users remote logon?  You are also welcome to suggest if you find other better approach.  Thank you.
  Best regards,
  Lih Ping

  Hi Lih,
  Thank you for your post in Windows Server Forum.
  I would recommend just publishing Outlook as a RemoteApp to the RDS Session Host/RemoteApp Server. Once the User configures there email in Outlook, this should register in the User's profile. This should allow the User to send emails through this connector.
  (Quoted from this thread).
  In addition please check below article.
  Creating Outlook Profiles for RemoteApps
  Apart from that suggest you to upgrade the version of RDP client to RDP 8.1 for better feature and functionality.
  Hope it helps!
  Thanks.
  Dharmesh Solanki

• Server 2012R2- RDS Farm Certificate Miss-Match on Session Hosts

  Hi Guys,
  I've another RDS2012R2 issue. Internal and external domains do not match. External: domain.com.au; Internal: domain.com.net.
  I'm getting certificate miss-match errors when connecting to the Farm/RemoteApps.
  I have performed the follow fixes:
  Change published FQDN for Server 2012 or 2012 R2 RDS Deployment (http://gallery.technet.microsoft.com/Change-published-FQDN-for-2a029b80). This resolved the original issue where I was getting a certificate miss-match error externally
  for the FQDN of the server.
  Updated the RDP-Tcp certificate used on the Session Host Servers. This was to resolve an issue where using mstsc to RDP to the farm externally(via gateway) would give a Certificate is not trusted error on the RDSH side.
  Now whenever RDWeb is used to launch a RemoteApp or the farm, I get a certificate miss match error as the RDSH server is called RDS1-TCC.domain.com.net and the certificate is for remote.domain.com.au.
  I rolled back the last change so that RemoteApps and the Farm would work successfully internally without certificate issues. How do I go about resolving the certificate errors?
  For extra background details see my orignal thread, It was marked as answered when only 1 out of 2 issues was resolved. http://social.technet.microsoft.com/Forums/windowsserver/en-US/b664ddaf-6c11-49e2-8a69-0df3b8ef13a1/server-2012r2-rds-farm-with-xp-and-windows-vista-clients?forum=winserverTS
  Cheers,
  Ben

  Hi Ben,
  Thank you for posting in Windows Server Forum.
  In your case, I can suggest you to check that the certificate must match the FQDN of the server. If you are creating SSL certificate then it must be signed by trusted authority and also the certificate must be stored under “local computer/personal store“.
  Also you can buy the certificate from 3rd party which is wild card certificate and only 1 certificate can be used for your network. Please check below links for more information regarding certificate issue.
  1. Certificate Requirements for Windows 2008 R2 and Windows 2012 Remote Desktop Services
  2. Configuring RDS 2012 Certificates and SSO
  3. Windows 2012 RDS Certificate mismatch
  Hope it helps!
  Thanks,
  Dharmesh

• RDS 2012 R2 - RemoteApp - Certificate Mismatch

  Hi!
  We have a newly built RDS 2012 R2 setup.
  It consists of the following:
  1 x Server with the Gateway and the Web Access role
  2 x Servers running a Connection Broker HA cluster
  3 x Servers running as Session Hosts
  The internal domain name is example.local
  We have purchased a wildcard certificate for the entire setup. (called *.example.com)
  An external DNS record - RDS.example.com - has been created and it NAT to the Gateway and Web Access server.
  We have used the script from
  https://gallery.technet.microsoft.com/Change-published-FQDN-for-2a029b80 to publish the FQDN. The name we have publised is Broker.example.com. We have created a split-brain DNS internally so that the clients can resolve external names internally.
  Whenever we try to launch a RemoteApp externally we get the dreaded "Name mismatch" (and it takes about 30 seconds before we get the prompt):
  Any ideas how to solve this issue?

  Hi TP.
  Thank you for your advice.
  I've updated the Windows 7 client to RDP 8.1 and it did the trick! Thank you.
  But we have several external users - and we don't have any chance of controlling if they are running RDP 8.1. I tried to import the wildcard certificate to all RDSH servers
  - using the script in this link: https://social.technet.microsoft.com/Forums/windowsserver/en-US/475fb55f-e394-45d9-a6bd-a37e2a5fe86c/rds-2012-session-host-certificate-assignment?forum=winserverTS
  However - that is when I see the "Name mismatch" warning when launching a RemoteApp (as mentioned in my original post). I suppose this is because the certificate is valid
  only for *.example.com - and not for *.example.local?
  Is there any solution to this?