Changing RemoteApp Session Host connection name in 2012

Similar Messages

• Restarting Services on the RemoteApp Session Host

  Can anyone advise me how I might restart a windows service on my RemoteApp Session Host. I have a LOB application that I need to restart services from time to time and wondered if there is a PowerShell way of doing it.

  Hi,
  First you need to use an account that has permission to restart the service(s) and then you may restart them using the usual techniques such as services.msc, net start/stop, etc.  For a Hybrid collection you can restart remotely as well using same methods,
  including PowerShell, assuming you have configured the VM template (or via GPO) to allow it.
  -TP

• Creating Kerberos Identity for RD Session Host Farms for w 2012 r2

  anyone knows how Creating Kerberos Identity for RD Session Host Farms for w 2012 r2.
  I tried what they said the post
  to w 2008, With
  powershell I find the possibility and the
  script indicates the error class is not
  valid

  Hi,
  Referring to your comment, here providing you article for Kerberos authentication in server 2012. Please refer to the below article.
  What's New in Kerberos Authentication (You can refer for Server 2012 R2)
  http://technet.microsoft.com/en-us/library/hh831747.aspx
  Hope it helps!
  Regards.

• Server 2012 R2 RDS- Only want the Session Host, Connection Broker and Licensing Server!

  Hi all,
  Wondering if anyone has experience with implementing Remote Desktop Services (RDS) on Windows Server 2012 R2.
  I am doing an RDS design for a platform where we only need an RDS Session Host, Licensing Server and Connection Broker. We do not need web access as these servers will simply be jump boxes internally!
  However, implementing this correctly in our test environment has proved to be tricky. The options are:
  Use the Server Manager and do a traditional install via Roles and Features ( specifically add the Session Host, Licensing Server and Connection Broker). The installation process seems to go through ok in this scenario but when I head over to the Remote
  Desktop Services section of the Server Manager I simply get the message 'An RDS Deployment does not exist in the server pool. To create a deployment head to Roles and Features'.
  Use the specific ‘Remote Desktop Services installation’ option on the Server Manager and do a Session Based Desktop deployment and Quick Start. This installation process seems to go through correctly and the Remote Desktop Section seems to be working
  correctly via the Server Manager. However this process is ‘hard locked’ i.e. it installs the session host, web access and connection broker. I can then remove the web access component later from Roles/ Features.
  Is there a best practice (if any) for installation? i.e. Will there be any issues down the line if I remove RDS Web Access from my server while following method 2?
  There is a complete lack of documentation from Microsoft here so not sure what to do! Just need a basic RDS session based deployment.

  Hi,
  As I know from server 2012\R2 the best deployment skill is to perform via “Remote Desktop Services” installation mode with Standard deployment and don’t let single role to install. Because when we install through RDS mode, there are specific extra tools and
  services activated along with that deployment which you can’t find with single role installation. And that is for sure, when we install RDS role as of this, by default we will get install RDCB, RDSH and RDWA role installed.
  Sorry don’t have any option to try to remove that role as that role basically needed for RemoteApp and Desktop purpose. But if you want then you can try it with help of “Remove-RDServer”Powershell command.
  https://technet.microsoft.com/en-us/library/jj215506.aspx
  Hope it helps!
  Thanks.
  Dharmesh Solanki
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• RemoteApp with host connected to VPN

  Hi,
  I have a question regarding RemoteApp vs regular Remote Desktop Connection spiced with a VPN connection initiated from the host.
  We're in the process of moving from PCs to thin clients and we have set up an RDS farm (all servers are Windows Server 2012 R2, they are all in the same domain and same LAN) as follows:
  1 x RD Connection Broker + RD Licensing + RD Web Access
  3 x RD Session Host
  The users/clients will connect with regular remote desktop connection software (no Citrix or anything). Two of the RD SHs will be providing the users access to their normal applications, but some users also need to use remote resources which are only available
  via VPN connection, hence the third RD SH. (Currently it is solved by every user having a virtual machine on their PCs and connecting to the VPN from there.) We can't put the VPN connection to the two "regular" RD SHs, because we'll need more VPN
  connections later. The idea was to install and set up the VPN on the third host and publish the needed apps by RemoteApp to the users who use it.
  The problem:
  Once the host connects to the VPN the users are unable to launch the RemoteApp applications. If it's not connected then they can start them. The VPN client is a Cisco AnyConnect Secure Mobility Client that can only connect if the connection is initiated
  by a local user and no other user is currenty logged on (it's a remote side policy we can't change). If the users connect to the RD host with a regular remote desktop connection after the VPN is set up then it works as expected, they can launch the apps and
  work with them.
  The question:
  What is the difference between launching a RemoteApp and connecting to the RD host via RDP? How can I debug this RemoteApp connection problem?
  Please ask if something is not clear!
  Thank you!
  PS: If I'm not heading into the right direction and someone has a better idea, I'd be grateful to hear (read) it!

  Hello Vargabes7,
  You can configure a server that allows remote users to access resources on your private network over dial-up or virtual private network (VPN) connections. This type of server is called a remote access/VPN server. Remote access/VPN servers can also provide
  network address translation (NAT).  With NAT, the computers on your private network can share a single connection to the Internet. With VPN and NAT, your VPN clients can determine the IP addresses of the computers on your private network, but other computers
  on the Internet cannot.
  Before you configure your server as a remote access/VPN server, you should verify whether or not:
  The operating system is configured correctly.
  Your server is correctly configured for optimal security for your network needs.  Because your remote access/VPN server will connect your private network, the Internet, and your remote clients, you must make sure the server is secure. The security
  of your private network depends on the security of your remote access/VPN server. For more information, see
  Security information for remote access.
  This computer has two network interfaces, one that connects to the Internet and one that connects to the private network. The connection to the Internet must be a dedicated connection with enough bandwidth that VPN users can connect to your private network
  and users on your private network can connect to the Internet. The connection to computers on your private network must be made through a hardware device, such as a network adapter.
  All needed network protocols have been installed for your network interfaces. For more information, see
  Network interfaces.  
  Windows Firewall is disabled on the server that you want to configure for remote access/VPN. You will configure the Basic Firewall feature of Routing and Remote Access during setup, which will serve in place of Windows Firewall.
  Internet Connection Sharing is disabled on the server that you want to configure for remote access/VPN.
  The Security Configuration Wizard is installed and enabled.
  To configure a remote access/VPN server, start the Configure Your Server Wizard by doing either of the following:
  From Manage Your Server, click Add or remove a role. By default, Manage Your Server starts automatically when you log on.
  To open the Configure Your Server Wizard, click Start, click
  Control Panel, double-click Administrative Tools, and then double-click
  Configure Your Server Wizard.          
  On the Configuration Options page, click Custom configuration and click
  Next. On the Server Role page, click Remote access/VPN server, and then click
  Next.
  Best regards,
  Sophia Sun
  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

• RD Session Host connections don't appear on License Manager

  We have setup a Server 2012 R2 RDS deployment with remote-site RD Host Servers all pulling CALs from a central RD License Server. I am able to RDP five sessions into the first RD Session Host Server OK, and the RD License Diagnoser says all is well with
  the connection to the license server. However I am not seeing any licenses being issued by the central License Server for those five test users, even after a Refresh. The five test users are local to the RD Session Host Server, and not in AD. Do local accounts
  not show up in the License Server's RD Licensing Manager screen?  Do they not require the RD Session Host to 'pull' CALs from the License Server?  I am thinking I should be seeing the licenses being distributed to the five users and am concerned
  that I do not.
  License Server 2012 R2 - Per User CALs - Joined to Active Directory
  RD Host Server #1 with the five RDP sessions is 2012 R2 - Joined to Active Directory
  Thanks in advance for any insights! 

  Hi Jim,
  Thanks for your comment.
  Initially would like to share that “Per User CAL tracking and reporting is not supported in workgroup mode”, in workgroup mode we can only install RDS Device CAL but as you have domain joined with Per User CAL is ok. But RDS per User CAL can’t be used\tracked
  by local user account. 
  http://support.microsoft.com/kb/2473823
  You can use following script to check which user got logged in.
  Get-LoggedOnUser Gathers information of logged on users on remote systems
  https://gallery.technet.microsoft.com/scriptcenter/Get-LoggedOnUser-Gathers-7cbe93ea
  Hope it helps!
  Thanks.
  Dharmesh Solanki
  TechNet Community Support

• How can I Create a Client Configuration File for RemoteApp and Desktop Connection with Server 2012?

  I have a working RDS RemoteApp site and looking to test out the feature in Windows 7 Control Panel\All Control Panel Items\RemoteApp and Desktop Connections
  I came across this link: Create a Client Configuration File for RemoteApp and Desktop Connection and I believe this is what I need to do first, but these instructions are for
  Server 2008, and I'm running 2012.
  Any suggestions or tips on how I can begin testing this with Server 2012?

  Hi,
  You can manually enter the path to the 2012 feed and it will connect and download the RemoteApps and Desktop connections.
  If you need a sample .wcx file I have posted one here a couple of times.  If you want I will look for it and post a link.
  -TP
  I tried adding my URL's below, these are sample links that work for me right now for when I log into the web page, but neither of these work.  And I'm not sure what I would need to do with or how to create a .wcx file.
  When I type in my URL of: https://connect.mydomain.org/RDWeb, I get redirected to: 
  https://connect.mydomain.org/RDWeb/Pages/en-US/login.aspx?ReturnUrl=/RDWeb/Pages/en-US/Default.aspx

• RemoteApp and Desktop Connections from server 2012 std

  Hi
  i am trying to deploy the RemoteApp and Desktop Connections to my win 7 from my app server (server 2012)
  and i am getting all the time this error
  what cert i have to add and where ???
  (on the server iis i have tried to add 2 cert but no success)\
  thanks

  Hi,
  Please import the RD Web Access server certificate to your clients and see how it works.
  Event ID 1012 — RemoteApp and Desktop Connection Configuration
  http://technet.microsoft.com/en-us/library/ee891358(v=ws.10).aspx
  Hope this helps.
  Jeremy Wu
  TechNet Community Support

• Changing the AnyConnect host connection

  Hello,
  We have many users using the Cisco AnyConnect client and to get to our company they go to vpn.company.co.uk.  We are changing our company name so we are creating a now FQDN called for example vpn.newcompany.co.uk which will point to our ASA. 
  1.) Thing is will be need a new SSL cert on the ASA?
  2.) If so can the new cert incorporate both FQDNs?
  3.) How can I automatically change the host users connect to in the Anyconnect clients to reflect the new FQDN?
  Thanks

  2.) If so can the new cert incorporate both FQDNs?
  Yes, if you purchase a wildcard certificate I believe you can have 5 domain names referenced in it.
  You are mixing two kind of certificates here:
  Wildcard-certificates don't the "host" past. If you have a wildcard-certificate *.example.com then you can use anything.example.com.
  The other thing are UCC, there you can have multiple FQDNs listed. It's the CA-policy that tells you how many names can be included there. For one project I have had a certificate with about 30 names in it.
  3.) How can I automatically change the host users connect to in the Anyconnect clients to reflect the new FQDN?
  You could deploy AnyConnect-profiles with both the old and the new name listed. When all users got the profile the old name can be removed:
  http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect31/administration/guide/ac03vpn.html#wp1448620
  Don't stop after you've improved your network! Improve the world by lending money to the working poor:
  http://www.kiva.org/invitedby/karsteni

• Relation between RD Connection broker and RD session host farm in 2012 R2

  Good Day
  I have configured standard RDS session based deployment recently on 2012 R2 servers
  Everything is working as expected
  The setup has TWO RD Session host, 1 Session Broker, one RD Web access and one RD Gateway
  I have created 2 DNS records named Rdsfarm.domain.com for my RDS1 and RDS2 session host servers and if I connect to this
  rdsfarm.domain.com with RDP from TS clients, i am able to connect to any one of TWO rds servers without any problem
  However some part is not clear to me
  I have not added rdsfarm.domain.com any where except my RD Gateway server RAP policy
  Also I have added my RD Broker server in RAP allowed group above.
  I don't see any config where this farm name is associated with my RD Broker server
  I have tried to connect to RD broker server from client, but it didn't redirect me to RD session host servers
  If I try to connect to my RDS servers with their FQDN , it gives me error that I must connect thru farm name
  Can you please help me to understand relation between RD session host servers farm and RD broker server ?
  Also I would like to know what exactly happens in background when user start RDP session by entering RDS farm name
  Note that RDS farm name is generic DNS Host(A) record pointing to my both RD session host servers
  I wanted to know is there any command or configuration I missed out as I don't see any config where Generic RD Session Host Farm name (DNS Host(A) record) is associated with my RD Broker server ?
  Thanks
  Best Regards
  Mahesh

  Hi,
  If you are opening Remote Desktop Connection and manually connecting to the broker then it will not work properly because you have no way of specifying the target collection in the user interface.  If manually using the RD Client to connect is a requirement
  what you can do is set the default collection in the RD Connection Broker server's registry.
  To specify the default collection, please create the registry setting below in the broker's registry:
  HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\ClusterSettings
  DefaultTsvUrl     REG_SZ     tsv://vmresource.1.<VDI pool ID>
  To determine the correct value for DefaultTsvUrl please open RDWeb in a non-IE web browser and click on the icon for the collection you would like to be the default, then edit the downloaded rdp file with Notepad and copy the portion of the loadbalanceinfo
  setting that is similar to the above.
  An alternative would be to download the .rdp file from RD Web Access and double-click it to connect.
  As I mentioned above it is generally intended to have users connect via RD Web Access or RemoteApp and Desktop Connections feed or Remote Resources (uses the feed) so that the client will obtain the proper .rdp file from the server.
  To configure the FQDN that is published in the .rdp files you can use the cmdlet below:
  Change published FQDN for Server 2012 or 2012 R2 RDS Deployment
  http://gallery.technet.microsoft.com/Change-published-FQDN-for-2a029b80
  Below is a sample configuration based on what you have written:
  1. Published FQDN (using cmdlet above):  rdsfarm.domain.com  --> points to ip address of RDCB server.  When launching a RemoteApp or Full Desktop connection from RD Web Access, the prompt window will show this FQDN next to Remote computer.
  2. Gateway FQDN:  gateway.domain.com --> externally points to public ip address of your RD Gateway server.  TCP port 443 and UDP port 3391 need to be forwarded to the RDG's internal ip address.  When launching a RemoteApp or Full Desktop
  connection from RD Web Access, the prompt window will show this FQDN next to Gateway server.  This FQDN is set in Server Manager -- RDS -- Overview -- Deployment Properties -- RD Gateway tab.
  In RD Gateway Manager -- Properties of RD RAP -- Network Resources tab you should select Allow user to connect to any network resource or define a RD Gateway-managed group that has all of the FQDNs that the user will need to connect to.
  3. RD Web Access FQDN:  remote.domain.com --> internally points to the ip address of your RDWeb server, externally points to the public ip address of your RDWeb server.  This is the name you give users if they want to use RD Web, for example,
  https://remote.domain.com/rdweb
  If you want users to manually connect using Remote Desktop Client as well as use RDWeb it will be a bit confusing to them since they will need to use one FQDN when manually using the client and a different FQDN when using RDWeb.  You could fix this
  by having them only use one method or run RDWeb directly on the RDCB server, that way users would only need to know a single FQDN for both RDWeb and manual connections.
  4. You should have a wildcard certificate with subject of *.domain.com set for all RDS purposes in Deployment Properties.
  Thanks.
  -TP

• Using Windows Server 2012 per-User RDS CAL on Server 2008 R2 Session Host

  I have a Remote Desktop Licensing Server setup on my domain controller running Windows Server 2012 R2. I have installed a
  ’Windows Server 2012 Remote Desktop Services per-User CAL’ there and activated the licensing server already.
  Currently I use ONLY Windows Server 2008 R2 machines as RDS Session Hosts (in the future I plan to transition them to 2012 R2, hence the CAL I bought is
  already in the newest version).
  I have already configured my WS 2008 RDS Session Hosts: set
  Per-User licensing mode and specified license server address. The connectivity between my Session Host(s) and my License Server seems to be ok as the
  Remote Desktop Session Host Configuration window on the Session Host correctly lists the 2012 per-user
  license (CAL installed on server) from the license server.
  On the License Server I can also see event logs entries (in
  Microsoft-Windows-TerminalServices-Licensing/Admin), indicating that the user has been issued a license.
  The issue I am having is that the license being issued is
  2008 Per User CAL license (Build-in OverUsed - temporary) and not the 2012 Per User CAL license which is the only license installed on the server. According to the RDS CAL interoperability matrix at
  social.technet.microsoft.com/wiki/contents/articles/14988.rds-and-ts-cal-interoperability-matrix.aspx, I was expecting the 2012 license to be backward-compatible with 2008 client (and that
  in the absence of legacy licenses, the (only) 2012 license would be used for all clients connecting to the licensing server)
  Before I bought my license, I found this document: 
  download.microsoft.com/download/3/D/4/3D42BDC2-6725-4B29-B75A-A5B04179958B/WindowsServerRDS_VLBrief.pdf 
  which says that - "newer version RDS CALs can be used with an older version of the server software" (In section FAQ, Q4), which means to me that
  the 2012 license would work as-is for the 2008 Server and gives me flexibility when upgrading to the new server version.
  How can I make this CAL work in my environment? 
  Note:
  I have already explicitly disabled
  Prevent license upgrade Group Policy setting which I assumed would fix the issue but nothing has changed.
  Then I have enabled License server security group Group Polity setting
  and added computers from my domain to RDS Endpoint Servers AD group. I have also created new AD group called
  Terminal Server Computers and added the computer accounts there, but it changes
  nothing. Reference - technet.microsoft.com/en-us/library/ee791761.aspx , technet.microsoft.com/en-us/library/cc725704.aspx and blogs.msdn.com/b/rds/archive/2009/09/17/control-the-issuance-of-rds-cals.aspx.
  I found one potential ‘workaround’ which involved manually downgrading my CAL license by calling
  Microsoft Clearinghouse. I am very reluctant do to so because, as I upgrade parts of my infrastructure to Server 2012, I’d need to then ask Microsoft to manually upgrade a part of my license back as well.
  Am I missing something? What should I do to get my 2012 CAL to be issued to 2008 R2 server

  Hi, I have tried several other possibilities.
  I change expire date for my temporary assigned license (2008 CAL overused). It can be done, by changing Active Directory user properties – msTSExpireDate. When I restart my Session Host server and logged again, my license was renewed
  for next 60 days (event ID - 4145).
  I also delete information about license for this user (clear msTSExpireDate and msTSLicenseVersion). And the license was successfully removed from License Manager. After another SH restart it gets the same – 2008 overused – license
  (event ID 4143 - license server has successfully issued …)
  I now, that changing info in AD attributes is a little trick, and this is not a real value - only a reference, but it was useful to delete or change expiration date of license. But it didn’t change type of license as I expected.
  Reference -
  http://discussions.citrix.com/topic/243320-windows-2008-licensing-questions/
  To TP:
  I have found your post with information:
  If you have a Server 2012 RD Licensing server you may install your 2012 RDS CALs on it (no downgrade necessary) and then set your Server 2008 R2 RDSH to
  use the 2012 RDL server.  The 2012 RD Licensing server will automatically issue the CALs as 2008. -
  https://social.technet.microsoft.com/Forums/windowsserver/en-US/6046ded1-96bf-4d79-89ce-38aac2a6694e/can-we-use-windows-server-2012-rds-cal-license-in-rds-2008-r2-server?forum=winserverTS
  And it showing my situation in brief. I also found
  similar problems, but the solutions don’t meet my expectations.
  https://social.technet.microsoft.com/Forums/windowsserver/en-US/dcfb1966-89a8-4b5d-bf5a-ff03ac0b7a66/rds-cal-licenses-not-recognized?forum=winserverTS
  – “sudden all of the CALS were available”
  https://social.technet.microsoft.com/Forums/windowsserver/en-US/f1228599-8452-4a3e-a263-061de14bfcfe/server-2012-rds-builtin-overused-cals-issue?forum=winserverTS
  – “this should go away after a while”
  Is there a way to determine this time you mentioned before? Or should I just wait patiently…

• Onscreen Keyboard appears when shadowing session on 2012R2 Remote Desktop Session Host

  As the title suggests, whenever I shadow a session on our 2012R2 RDSH server, the onscreen keyboard appears.  The taskbar also unlocks.
  Both of these behaviours mean that the user can tell when their session is being shadowed, which I don't always want to be the case - sometimes I want to be able to monitor the session without their knowledge.
  Anyone know how I can stop this from happening?

  Hi,
  Thank you for posting in Windows Server Forum.
  Yeah, we can use the following command where we can take user shadow session without giving him any notification, and no need to approve by the user.
  mstsc.exe /shadow:ID /v:ServerName /control /noConsentPrompt
  But for this, we need to set the following group policy:
  [Computer Configuration | User Configuration]
  \Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Connections
  Set rules for remote control of Remote Desktop Services user sessions:  Enable
  Select the option: Full Control without User’s permission
  Hope it helps!
  Thanks.
  Dharmesh Solanki
  TechNet Community Support

• RemoteApp 2012 R2 Restrict Access to Session Host Desktop

  Here is our current situation: I have set up Remote Desktop Services on Server 2012 R2 and published RemoteApp programs. Everything works great with load balancing, collections, etc... and I have been very impressed. However, as it always has been an issue,
  I have always had the question of how to allow users to access RemoteApp applications on the session host without allowing them to RDP directly onto the server to access the server desktop. Obviously, you have to add them to remote desktop users group and
  they need to be allowed to access over RDP so I figure that the next best thing is to restrict access to the desktop should they manually type the name into an RDP client connection. I know you couldn't restrict them from using mstsc.exe because they need
  that to open the RemoteApp since it just uses RDP and I am aware of using GPO's to restrict access to drives and many other things but I would like to remove the desktop altogether. Would it be plausible to remove the GUI feature and restrict access to CMD
  and SCONFIG through Server Manager and still allow the session host to present RemoteApp applications or is there a better way to approach this? I figured if I just remove the GUI and access to cmd and sconfig then if they logged on, they would get a blank
  screen. Thank you in advance for your time!

  Hi,
  One technique for this is to set the Custom User Interface group policy setting to logoff.exe.  You would have the GPO apply to normal users, but not applied to Domain Admins (or other users that you need to have full desktop).
  User Configuration\Administrative Templates\System
  Custom User Interface     Enabled
  Interface file name: %systemroot%\system32\logoff.exe
  You should also use NTFS permissions, group policy settings, AppLocker, etc., to further restrict what users are able to do.
  -TP

• 2012 R2 RD Session Host Domain Users Cannot Change Password

  I set up a Windows 2012 R2 Session Host as per
  http://support.microsoft.com/kb/2833839 and joined it to the domain.  Now, users are unable to change their password. When they log in to the RDSH and "ctrl-del-end", they are given the change password dialog, but they are told that
  their password "doesn't meet complexity requirements" even if it does.  I suspect the issue is related to the fact that there is no "session collection" per se and that the "connection broker" role is not installed. 
  Is there any way around this?  The end game would be to have them log into this RDSH and be able to change their password to conform with the domain password policy
  PaulK

  Hi Paulk,
  Did you mean that all users cannot change passwords? Based on my experience, this issue was not related ro the RD connection broker role.
  Please check the password policy in group policy of the domain to see if any password policy caused this issue:
  Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy
  For more information, you can refer to the link below:
  https://technet.microsoft.com/en-us/library/hh994572(v=ws.10).aspx
  Best regards,
  Susie
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

• Remote desktop connections not showing in server manager 2012 for one of the session hosts

  This is a three server deployment with one server being the connection broker, gateway, licensing, etc with two session host only servers.
  rdmgr
  rd1
  rd2
  Using the server manager on the rdmgr connection broker (or any other server for that matter) yields only connections from rd2 with nothing from rd1 displaying.  
  Users can connect to rd1 without issue.
  At one point rd1 had the connection broker role installed also but high availability was not setup.  I removed the role hoping it would correct the problem but no luck.
  Any help would be appreciated.  Thanks.

  Hi,
  1. Is rd1 part of a collection?
  2. On rd1, in Computer Management, is the broker's computer account a member of the local RDS Management Servers group?
  3. If you run the below command do you get a list of sessions:
  query user /server:rd1
  4. Any errors/warnings in either the broker's or rd1's event log?
  Broker: Event Viewer\ Applications and Services Logs\ Microsoft\ Windows\ TerminalServices-SessionBroker
  rd1: Event Viewer\ Applications and Services Logs\ Microsoft\ Windows\ TerminalServices-SessionBroker-Client
  Both: System and other logs
  -TP