Gateway server cant comunicate with managemant server

Similar Messages

• Itunes cant comunicate with my piod cause another user is logged into itune

  HELP!! My computer tells me that there is another user logged into itunes and it cant comunicate with my ipod how do i fix it????
    Windows XP  

  Did you try restarting the computer?
  Patrick

• Publish RD Gateway and Web Access with One-Time Password (OTP) / Two-factor Authentication WITHOUT ISA/TMG server

  Hi everybody,
  I've been struggeling with this problem for a few weeks now and can't find a way to solve it.
  We have an RD farm (Server 2012) which consists of two Remote Desktop Servers with Connection Broker and Web Access.
  I've recently published a new server, containing RD Gateway and Web Access in our perimeter network.
  Now we've got restrictions that OTP/2FA must be used for the external deployment and we've decided to go for a solution from Gemalto.
  The "program" is called IDConfim and the server is called SA Server (Strong Authentication).
  Also it's important that NO ISA/TMG server is supposed to be used, the OTP/2FA is supposed to work seamless with the Web Access/Gateway.
  After hours discuss we came to a point were their NPS agent setup would be the only way to accomplish our goals.
  The setup is supposed to be like this:
  LAN:
  1 DC (2008 R2)
  RD Farm (2012)
  1 SA Server (2012)
  DMZ:
  RD Gateway/Web Access (2012)
  Were Gateway and Web Access should forward the authentications with NPS to the NPS agent on the SA server.
  When you print your AD account to authenticate you add the 6 digits of OTP which you recieve from you mobile app.
  Initially this seems to work, the Gateway forwards the request to the remote NPS server, BUT only if you write the correct AD password
  (without the OTP extension).
  If you write the correct AD password the authentication is forwarded to out SA Servern and it's beeing rejeced because the password doesn't
  contain the correct OTP extension.
  The problem comes here.
  When you write you AD password along with the OTP extension you get a Windows Security error in the eventlog (On thw Gateway server) like this:
  An account failed to log on.
  Subject:
  Security ID: NULL SID
  Account Name: -
  Account Domain: -
  Logon ID: 0x0
  Logon Type: 3
  Account For Which Logon Failed:
  Security ID: NULL SID
  Account Name: user
  Account Domain: domain
  Failure Information:
  Failure Reason: Unknown username or password.
  Status: 0xc000006d
  Sub Status: 0x0
  Process Information:
  Caller Process ID: 0x0
  Caller Process Name: -
  Network Information:
  Workstation Name: server
  Source Network Address: 192.168.x.x
  Source Port: 63003
  Detailed Authentication Information:
  Logon Process: NtLmSsp
  Authentication Package: NTLM
  Transited Services: -
  Package Name (NTLM only): -
  Key Length: 0
  This event is generated when a logon request fails. It is generated on the computer where access was attempted.
  The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
  The Logon Type field indicates the kind of logon that was requested. The most common types are 2 (interactive) and 3 (network).
  The Process Information fields indicate which account and process on the system requested the logon.
  The Network Information fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
  The authentication information fields provide detailed information about this specific logon request.
  - Transited services indicate which intermediate services have participated in this logon request.
  - Package name indicates which sub-protocol was used among the NTLM protocols.
  - Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
  What i can see it's a NTLM error, but hey?! aren't we supposed to forward all authentication handeling to the remote NPS server?
  The problem is that no matter what i try the above problem stays there.
  Is it not possible to just forward ALL authentication handeling to a remote server?
  The only solution I've found to get it working someday in the future is this:
  "Remote Desktop Pluggable Authentication and Authorization", which is supposed to be introduced in 2012 R2.
  Also this link describes it:
  http://archive.msdn.microsoft.com/Release/ProjectReleases.aspx?ProjectName=rdsdev&ReleaseId=3745
  Please, bring me some answers before my head explodes! :)
  PS, long question = maybe some errors, ask me if something is unclear.

  Hi,
  Based on our experience, if the NTLM error occurs, please check the password.
  Regards,
  Mike
  Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

• RD Gateway Manager fails with "Unable to read RD Gateway Server Settings"

  The question is: Why can't I connect RD Gateway Manager on the local RD Gateway server?
  A month ago, I successfully configured a RD Gateway and to work with a RD Session Host.  I set up the RDG CAP and RAP policies.  I successfully tested connectivity through the gateway.
  Today, I tried to access the RD Gateway Manager and now I'm getting the following pop-up message:
  "Unable to read RD Gateway Server Settings"
  Everything still works and I am able to confirm that NPS is running the CAP policy that I configured in RD Gateway Manager.
  The certificate is from a trusted source.  The Event Log does not show any errors.

  Hi,
  Thank you for posting in Windows Server Forum.
  Please let us know some more information.
  Did you make any change after setting up the server correctly?
  Have you make any changes in IIS?
  Please recheck your connection setting again with following link and provide us the result.
  1. How To Work with RD Gateway in Windows Server 2012
  2. Deploying Remote Desktop Gateway RDS 2012
  Also go through this thread once.
  Hope it helps!
  Thanks.
  Dharmesh Solanki

• When I try to send mail to multiple addresses, it tells me it cant send with selected server.  It sends mail to one address fine.

  When I try to send mail to multiple addresses, it tells me it cant send with selected server.  It sends mail to one address fine.

  contact your email service provider and ask them (it might treat multiple e-mails as SPAM)

• Hi i m using 4s and its updated but i cant configure with microsoft exchange for my gmail account. Anytime i tried to configure it the message comes connection to the server failed. Pls help me out.

  Hi i m using 4s and its updated but i cant configure with microsoft exchange for my gmail account. Anytime i tried to configure it the message comes connection to the server failed. Pls help me out.
  <Email Edited by Host>

  Discontinued by Google. Read here:
  http://googlesystem.blogspot.com/2012/12/google-sync-discontinued-for-gmail.html

• RDS 2012 - Using a reverse proxy with the Gateway server on the internal LAN

  Hi there,
  I'm looking to introduce an RDS 2012 farm and would like to put the RDS Gateway server on the internal LAN (due to it's AD requirements etc).
  What are the best practise options for using a reverse proxy to forward traffic to the gateway server and is it better to do this than just forward 443 traffic from the DMZ through to the Gateway directly?
  Thanks,
  Paul.

  Hi Paul,
  It is generally considered more secure to have a reverse proxy in front of RDG.  I don't know of a proxy that will handle the RDG UDP traffic, so you will need to consider using direct server return for that or not having the benefit of UDP.  Whether
  or not it is acceptable to simply forward TCP 443/UDP 3391 directly to your internal RDG is up to your security policies.  Many companies are fine with it while many other companies think it is unacceptable and require a reverse proxy or other method
  to provide an extra layer of protection.
  -TP

• Remote App and Desktop RDP client never succeed to logon the RDS gateway server running Windows 2012R2

  Remote App and Desktop RDP client never succeed to logon the RDS gateway server running Windows 2012R2
  1. Client Os : Windows 7 Pro
  2. Server OS : Windows Server 2012R2 with RDS broker and RDS Gateway server with 3.part Certificate  with friendly name sky.mti-itservice.no activated.
  The  main problem is following: The RDP logon session never ends
  Any ideas ?
  Regards
  Kenneth Knudsen
  Email : [email protected]
  mvh Kenneth Knudsen MCSE 2003 HP ASE

  Hi Kenneth,
  Here for your case suggest you to configure RDP session time limit so that your user can disconnect\log off once the specific time limit reached.
  You can setup the session time limit in different method.
  1. Open the Server Manager, select Remote Desktop Services.
  2. In Remote desktop Services, in right side you can drop down to collections.
  3. Select the collection which you want to edit the settings.
  4. Under collections Properties, select Task and then Edit Properties.
  5. In Properties dialog box, select Session.
  6. You can find all thetimeout settings under session collection properties; edit according to your requirements and then OK. 
  And apart also by group policy setting as below.
  Computer Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Session Time Limits 
  User Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Session Time Limits 
  -  Set time limit for disconnected sessions
  -  Set time limit for active but idle Remote Desktop Services sessions
  -  Set time limit for active Remote Desktop Services sessions
  -  End session when time limits are reached
  Please check which setting suitable for your environment and you can apply for your case.
  [Forum FAQ] Restrict number of Active Sessions in RDS 2012 and 2012 R2
  https://social.technet.microsoft.com/Forums/en-US/00c2252b-8ec0-489f-8da2-07a434a9b5a2/forum-faq-restrict-number-of-active-sessions-in-rds-2012-and-2012-r2?forum=winserverTS
  Hope it helps!
  Thanks.
  Dharmesh Solanki
  TechNet Community Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Communication between the primary server the gateway server

  hallo
  Can I set the directional communication between the primary server the gateway server, so it feels by the following example?
  And if so how?
  Agent
  à GW
  ß GW
  ß MS
  *Agent communicates with GW1 and reported it
  *GW SEND report to GW2
  *GW2 Send the the data to MS
  thanks
  <o:p></o:p>
  אם תגובתי פתרה את בעייתך - לחץ/י, על &quot;סמן כתשובה&quot; ליד סימן ה V הירוק.

  Hi,
  As far as I know, Gateways dont talk to each other. Why you need two GW, with one GW and report to your management servers, this way should work.
  Here is a similar thread for your reference:
  https://social.technet.microsoft.com/Forums/systemcenter/en-US/323d5aab-bad4-4c23-b096-27a62757ae31/communications-between-2-gateway-servers-and-2-ms?forum=operationsmanagerdeployment
  Regards,
  Yan Li
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

• SCOM Gateway Server Upgrade from 2012 SP1 to R2

  Hi,
  I am upgrading our SCOM environment from 2012 SP1 to R2. But unable to upgrade the Gateway Server. The installation of R2 setup stops with error message: "The operation manager gateway can't be installed on a computer on which the Operation Manager
  management server, Operations Console, operational database, web console, agent, System Center Essentials, or System Center Service Manager is already installed."
  I checked none of the above component is installed on the gateway server. Please suggest what is the issue?
  Regards,
  Daya Ram

  Hi,
  Have you followed the steps below to upgrade a gateway server:
  Log on to a computer that hosts the gateway server with an Operations Manager Administrators role account for your Operations Manager management group.
  On the Operations Manager media, run Setup.exe.
  In the Optional Installations area, click Gateway management server.
  On the Welcome to the System Center 2012 R2 Operations Manager Gateway Upgrade Wizard page, click
  Next.
  On the The wizard is ready to begin gateway upgrade page, click
  Upgrade.
  On the Completing the System Center 2012 - Operations Manager Gateway Setup wizard page, click
  Finish.
  You may check below directory:
  C:\Program Files\System Center 2012\Operations Manager
  Regards,
  Yan Li
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

• Gateway server is going to grey stage:

  Hi All,
  In my company one of the management server goes down,the gateway server reporting to that management server becomes grey,unfortunately there was no fail over server.
  i tried the below step its working for a while but with in minutes the gatewayserver again enter in to grey stage
  1)Stop Health
  Service on Gateway server
  2. Rename directory “C:\Program Files\System Center Operations Manager 2007\Health Service State\” to C:\Program Files\System Center Operations Manager 2007\Health Service State.old”
  3. In registry modify the following 2 keys. AuthenticationName and NetworkName. These are located in
  HKLM\Software\Microsoft\Microsoft Operations Manager\3.0\Agent Management Groups\MGName.
  4. Restarted Health Service on Gateway server 
  But after some time the gateway server again change its state to grey,anybody can give answer for this
  Regards,
  angs

  Hi,
  i will explain myscenario:
  Hi All,
  Thanks in advance.
  In my scenario we are having 3 management servers aa.com,  bb.com and cc.com for Texas location we are using gateway server(xyz.com ).
  gateway server is reporting to aa.com and there was no failover management server.due to some issues we shutdown the bb.com Management server and the gateway server goes to grey stage .
  so i want to make the cc.com as primary management server for the gateway server(xyz.com),how can i make it possible,with out using the power shell.for this i followed the above step.
  Below are the list of events in operations manager from first event
  21017
  OpsMgr has successfully failed over to cc.com
  EventId:103
  HealthService (12492) Health Service Store: The database engine stopped the instance (0).
  102
  HealthService (12492) Health Service Store: The database engine (6.01.7601.0000) started a new instance (0).
  2011
  The Health Service did not find any policy in Active Directory
  20063
  Active Directory Integration has been disabled for management group BGMCON
  202
  Management Group "BGMCON"
  was started
  21023
  OpsMgr has no configuration for management group BGMCON and is requesting new configuration from the Configuration Service.
  7006
  The Health Service has published the public key [1C 7D A0 5D 6F E2 C5 BC 4E 2B 45 BE 6F 7D F1 E5 ] used to send it secure messages to management group BGMCON.  
  This message only indicates that the key is scheduled for delivery, not that delivery has been confirmed.
  7019
  The Health Service has validated all RunAs accounts for management group
  BGMCON.
  21006
  The OpsMgr Connector could not connect to bb.com:5723.  The error code is 10061L(No connection could be made because the target machine actively refused it.). 
  Please verify there is network connectivity, the server is running and has registered it's listening port, and there are no firewalls blocking traffic to the destination.
  21016
  OpsMgr was unable to set up a communications channel to bb.com and there are no failover hosts.  Communication will resume when bb.com is available and communication
  from this computer is allowed.
  21023
  OpsMgr has no configuration for management group
   BGMCON and is requesting new configuration from the Configuration Service.
  21023
  OpsMgr has no configuration for management group
   BGMCON and is requesting new configuration from the Configuration Service.

• Gateway server not able to authenticate

  Hello SCOMMers :)
  I have a issue with my SCOM 2012 R2 system that i just can't get my head around.
  We just purchased a brand new SCOM server that I have migrated our environment to, moved the databases, reporting server and finally i got things up and running after some issues with the DB move.
  So i now have 2 SCOM management servers in my environment and four gateway servers, the gateway servers are communicating to the old SCOM server and i want to move them over to the new SCOM server. 
  I ran the powershell commands from this technet article and thought everything was under
  control. But none of the GW servers started communicating with the new SCOM server. 
  I have of course checked the certificates, hosts file, DNS and firewalls, and i reran the MOMCertImport.exe utility. Also checked that the certificate serial number was correctly inserted to the registry after the MOMCertImport.exe was run. (HKLM\Software\Microsoft\Microsoft
  OperationsManager\3.0\Machine Settings, binary value named ChannelCertificateSerialNumber contains the serial number of the certificate in a reverse order)
  Still i was unable to get the GW server to communicate to the correct management server so i decided i to reinstall the GW server so I could set the name of the new SCOM management server during the GW setup. Before i did the reinstall i ran the Microsoft.EnterpriseManagement.GatewayApprovalTool.exe
  with the /Delete parameter, the command ran successfully.
  When i do the install i still cannot get the communication up and running, the GW server gives me the following errors in the eventlog.
  The GW server appears in my Management Servers list but stays in the Not monitored state.
  Event ID: 20057
  Failed to initialize security context for target MSOMHSvc/<ServerFQDN> The error returned is 0x80090303(The specified target is unknown or unreachable). This error can apply to either the Kerberos or the SChannel package.
  Event ID: 20071
  The OpsMgr Connector connected to tmg-app92.mg.local, but the connection was closed immediately without authentication taking place. The most likely cause of this error is a failure to authenticate either this agent or the server . Check the event log on the server and on the agent for events which indicate a failure to authenticate.
  Event ID: 21001
  The OpsMgr Connector could not connect to MSOMHSvc/<ServerFQDN> because mutual authentication failed. Verify the SPN is properly registered on the server and that, if the server is in a separate domain, there is a full-trust relationship between the two domains.
  Event ID: 21016
  OpsMgr was unable to set up a communications channel to <ServerFQDN> and there are no failover hosts. Communication will resume when <ServerFQDN> is available and communication from this computer is allowed.
  I have installed new certificated on both GW and management server, and i did the SCOM GW installation multiple times, but the issue is the same and the eventlog error also are the same.
  Does anyone have any clue to what might be wrong?
  Thanks!
  Bjørn

  Hi,
  After you deleting the gateway with Microsoft.EnterpriseManagement.GatewayApprovalTool.exe, the gateway object is only marked as deleted in databases. Therefore, try to use different name for the new installed gateway, so the old parameters will not
  be associated with the new gateway.
  For the communication\certificates problems check these links:
  http://blog.coretech.dk/msk/common-issues-when-working-with-certificates-in-opsmgr/
  http://www.assemblein.info/system-center/steps-to-resolve-scom-2012-gateway-server-error-unmonitored-state/
  http://www.eventid.net/display-eventid-21016-source-OpsMgr%20Connector-eventno-8983-phase-1.htm
  Natalya

• While Configuring Siebel Server we are getting "Unable to Connect to Gateway server" error in siebel 8.2.2.14

  Hi
  While Configuring Siebel Server we are getting "Unable to Connect to Gateway server" error in siebel 8.2.2.14
  Our OS is windows 2008 R2 64 bit,Orcale client is 11g 32 bit and Oracle DB is in 11g.We are also able to connect to DB using ODBCSQL.
  Please help.
  Regards
  Shuvendu

  Hello Shuvendu,
  Thanks for using Oracle Communities.
  About your error, there could be many reasons, To start with, please have following knowledge article to know possible reasons.
  C028: "Unable to Connect to the Siebel Gateway Name Server" Logged By Configuration Wizard (Doc ID 1391312.1)
  I hope it helps.
  Best Regards,
  Chetan
  P.S. If any one of the provided responses has been correct or helpful it would be great if you could mark them as appropriate.

• RD Gateway Manager - Unable to read RD Gateway Server Settings

  I'm trying to install a Remote Desktop Gateway into my domain, but I am running into a serious road-block... when I load RD Gateway Manager to configure the service, there is nothing to configure because it won't load my server into the console. When I try
  to connect to it manually, it returns the following error:
  "Unable to read RD Gateway Server Settings"
  There are no errors or warnings in Event Viewer. I can verify that C:\Windows\System32\tsgateway\rap.xml exists and is readable. I can verify that Network Policy does have a TS_CAP_01 policy and it is enabled. A valid certificate was applied during setup
  (and I've also tried choosing ask me later).
  I have already tried uninstalling and reinstalling the role service (including manually verifying that the policies are removed). I also have this working on another domain server, so I'm at a loss for what to look for... How can I resolve this so that I
  can finish configuring the service?

  Hello,
  Thanks for your post.
  From your description, I understand that you’re trying to install the RD Gateway role on a Windows Server 2008 R2-based domain computer. However, after the role
  is install, the RD Gateway Manager cannot be loaded into the RD Gateway Manager. The error prompts “Unable to read RD Gateway Server Settings”.
  Based on my experience, the issue may be caused by problematic installation or startup of the RD Gateway role. Before we troubleshoot the issue further, I recommend
  you to enable the Audit level logging in the Event Viewer and double-check the related clues in the event viewer. To do that, please use the following steps:
  1.    
  On the RD Gateway server open RD Gateway Manager. To open RD Gateway Manager, click
  Start, point to Administrative Tools, point to
  Remote Desktop Services, and then click RD Gateway Manager.
  2.    
  In the console tree, right-click the node that represents your RD Gateway server, which is named for the computer on which the RD Gateway server is running, and then
  click Properties.
  3.    
  On the
  Auditing tab, select or clear the appropriate check boxes to specify the events that you want to monitor for RD Gateway, and then click
  OK.
  When these events occur, you can monitor the corresponding events by using Windows Event Viewer. RD Gateway Manager server events are stored in Event Viewer under
  Application and Services Logs\Microsoft\Windows\Terminal Services-Gateway\.
  Let us know the result if possible. We’d like to help further based on your information replied. Thanks.
  Lionel Chen
  TechNet
  Subscriber Support in forum
  If you have any feedback on our support, please contact
  [email protected]
  This posting is provided "AS IS" with no warranties, and confers no rights.

• Migrate content from Gateway server 2.0 to NW 7.4

  Hi All,
  We have a migration planned with our client. In the current situation, there is a separate Gateway server 2.0 on NW 7.02 system.
  On this gateway server custom developments are done. Now we have to move to cloud solutions where the server available will be NW 7.4 which has built in gateway server. The NW 7.4 is on Linux and Sybase where NW 7.02 is on HP-UX and Oracle database. The database restore/ recovery method is not to be used here. Can we migrate contents from NW 7.02 via transport to the new NW 7.4 system?

  I don't think you should have any complexities with moving a request to your system in cloud. At least, your GW developments / any developments in ABAP are independent of underlying databases/operating systems and would have no impact if you are transporting them.
  But, there might be some challenges if there are some deprecated methods or features which should be looked at on pure Gateway perspective, however, there should be relevant notes to address such incompatibilities.
  Br,
  Nadh