RDS 2012 R2 Collection
Hello,
I Have 2 servers ( SRV1 and SRV2 ) both running Server 2012 R2 and are included in a single collection "Apps".
I wanted to know if it is possible to tell RDS that a specific application should be available from a specific server only ?
For example, to publish notepad and calc, but calc should be available only from SRV1.
Thank you
regards,
Alex
Hi Alex,
I agree with TP and I would like to check if you need further assistance.
Thanks.
Jeremy Wu
TechNet Community Support
Similar Messages
-
Listing RDS 2012 R2 collections from powershell remote fails
I'm trying to list different informations of a RDS server farm => from a remote client PC <=
I do following but when typing the last command - I get an error.
Knowing that that same command runs correctly when launched from an RDS server
enter-pssession RDS-SERVER-XYZ.contoso.net
import-module remotedesktop
get-command -module remotedesktop
Get-RDSessionCollection -ConnectionBroker RDS-BRK-1.contoso.net
=> fails with message :
Cannot index into a null array.
At C:\Windows\system32\WindowsPowerShell\v1.0\Modules\remotedesktop\Utility.psm1:54 char:9
+ if ($_script_resource[$Id])
+ ~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : NullArray
Cannot index into a null array.
At C:\Windows\system32\WindowsPowerShell\v1.0\Modules\remotedesktop\Utility.psm1:54 char:9
+ if ($_script_resource[$Id])
+ ~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : NullArray
Get-RDSessionCollection :
+ CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException
+ FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Get-RDSessionCollection
Listing RDS 2012 R2 collections from powershell remote fails / same commandlet from local RDS serevr works fine
Am I missing something ?
MCTS Windows Server Virtualization, ConfigurationAre the Windows Remote Management rules enabled on the inbound firewall of the RDSH server?
If you are running multiple roles on the RDSH server you may need to increase the size of the memory available for powershell remoting.
Run Set-Item WSMan:\localhost\Shell\MaxMemoryPerShellMB 1000 with powershell as an admin and reboot.
HTH,
JB -
RDS 2012 R2 Collection - Published Remoteapps not visible
Hello,
I have a strange issue with a RDS Deployment I´m setting up for a customer.
RDS Roles setup:
Server1: RD Licensing / RD Gateway
Server2: RD Connection Broker / RD Sessions Host / RD Web Access
I´m all done with the LOB Apps as well as adding ~30 users and migrated their profiles, I have set up UPD etc. All is working great and I´m almost ready to take it into production...apart from this annoying thing.
I have created a Session Collection and published some remoteapps.
However when I log in to the rdweb site it doesn´t show the published Remote Apps.I have tried to unpublish / republish, reboot and so on to no avail.
How can I troubleshoot and solve this?
Sure I could delete the session collection and create a new one, but what will happen with the created UPDs that has all the customized settings for the users (store all ?
Can those be redeployed to the new Session Collection ?
Also, I cannot be sure that this will even fix the issue.
Any advise are very welcome.
Thx /TonyHello Darmesh,
I did not assign any specific permissions, domain users is set. I ended up moving the RDGW role to the RDSH server though I know it´s not BPA. However this customer does not have more than one available Public IP. And as they wan´t to use both RDWeb and
RDP through RDGW that was the solution. Othern than that I had to fix 2 things in IIS on the RDSH.
1. Change the RDWebAccess Application Pool identity from ApplicationPoolIdentity to NetworkService
2. RDWeb/Pages-Applications
Settings, put in remote.company.com as value for "DefaultTSGateway
Volia it works. As a sidenote I also added the "reghack" ShowInPortal" value
1 so the full desktop connection is also available in the RDweb portal, not supported I know, but will keep it for now.
Any comments to this solution ?
Thx /Tony -
RDS 2012 - Session Collection Timeout vs Group Policy Timeout
Which policy applies?
The RD Session Collection timeout or the group policy?
My Remote desktop servers are in an OU at a top level with all of my other servers, so I have a administrative timeout group policy which is extremely strict to keep our administrators off server consoles. But for the RD farms I would like to have a less
strict policy so that users only get disconnected overnight and not if they go out to lunch (as an example)
I know one way to do this is to write individual group policies, but that removes the ease of control by configuring each session collection timeout via the Session Collection.Hi Robin,
Thank you for posting in Windows Server Forum.
You can configure timeout and reconnection settings on a per user basis by using the Remote Desktop Services Extension to the Local Users and Groups snap-in or to the Active Directory Users and Computers snap-in.
Timeout and reconnection settings configured by using Remote Desktop Session Host Configuration will take precedence over timeout and reconnection settings that have been configured for a specific user account.
More information (for reference)
Configure Timeout and Reconnection Settings for Remote Desktop Services Sessions
http://technet.microsoft.com/en-us/library/cc754272.aspx
Hope it helps!
Thanks.
Dharmesh Solanki -
RDS 2012 R2 Separate Session Collection Behavior
Hi everyone! I should start by saying that I've found a number of threads which are semi-related to this topic, but they just don't seem to address my particular complaint. I'm not sure if this is a bug, a configuration error on my part, or if
it is expected behavior (which would be unfortunate for my intended use cases).
The issue is that I need to provide two separate collections of RemoteApps, and I only want the collection appropriate to the logged-in user to be displayed in Web Access (or in the feed, for that matter). One collection includes an expansive set of
RemoteApps, and the other collection includes a limited subset of those published in the first.
Now, I know that a SH can only belong to one session collection. That makes sense, and in my case, I wouldn't want it any other way. It offers better separation between the user environment intended for use by employees, and the user environment
intended for use by non-employees, which is a bit more restrictive. (Those are the actual purposes of the two collections described earlier.) So far, so good. Now, it seems to me like every other role beside the SH role should be able to
do its job for all collections. What other purpose could the concept of a "Collection" possibly serve, after all? If I had to stand-up Connection Broker, Web Access, Gateway, and Session Host for every collection of RemoteApps, then there
wouldn't need to exist any concept in RDS 2012 R2 called "Collections". So, I figured that Connection Broker, Web Access, and Gateway could serve all collections, and Session Host is of course limited to serving one single collection. And,
I guess, that's largely the way it works, with one exception.
My issue is that in Web Access, all RemoteApps from all published RemoteApp collections are presented to every user who has access to one collection OR the other, despite my best intentions of having provisioned each collection with seprate user group assignments
using two separate AD groups. I don't want to advertise all RemoteApps from all collections in the Web Access namespace! To me, the presence of "User Group" configuration at both the Collection level and at the RemoteApp level implies
that there is some user group filtering going on, but so far that's looking like a false assumption. Why would the RemoteApp list in one collection bleed into the RemoteApp list in the second collection? Why would I want the users of one collection
to see the applications of the other, even when they're not going to be able to launch them anyway?
Does anyone have anything to add to the equation? Is there something I'm missing? Thanks ahead of time.This is now resolved. There is obviously some additional configuration necessary in some relatively odd places when you want your RemoteApp collections to work as advertised. I hope this thread can help others in that regard.
The relevant (error) event generated for each "populate list of RemoteApps for Web Access" process (refreshing the web access portal was my test case), when my IIS application pool is provisioned by the new AD account is Event ID 10, Source: RDWebAccess.
In the body, it says "[...] unable to access rdcb1.[local]" and suggests that the RD Web Access server needs to be added to the TS Web Access Computers security group on the connection broker. However, that was obviously already the case.
Although not 100% correct in its suggested resolution, this error was helpful, because it shows that the break is occurring when Web Access tries to populate RemoteApps, and is shows that the break is occurring en-route to the CB server. So, I added
the new service account (for the Web Access application pool identity) to the Administrators group on the server with the CB role, and all is now resolved. I now have two separate collections, the list of each appearing for the appropriate user scopes,
but not for both user scopes like before.
Obviously, adding an account as an administrator fixes a lot of access related things very easily, but it is probably not the least-privileged way of doing things. To that end, I'd like to know the least privileged way, but can certainly live with
this much improved functionality as-is.
Thanks for all your help, Razwer. -
RDS 2012- connect to session collection trough mstsc.exe on XP SP3
Hi!! i need to connect to a session collection based on rds 2012 directly trough mstsc.exe on xp sp3 clients... xp don't support remoteapp and desktop connection and my users can't use internet explorer to connect trough rd web Access..
Thanks!Hi,
What you could do is upgrade Windows XP with the latest Remote Desktop Client available for Windows XP (http://support.microsoft.com/kb/969084)
Then extract the .RDP file you want from the RDS 2012 environment (or specify the properties manually in a .RDP) file.
Recently I wrote on article on the distribution of Remote Apps and desktops in Windows Server 2012, that might be useful:
http://virtualizationadmin.com/articles-tutorials/vdi-articles/general/distribution-of-remote-apps-and-desktops-in-windows-server-2012.html
Also, more info on the .RDP properties specifically needed for RDS 2012:
http://microsoftplatform.blogspot.nl/2012/04/rd-connection-broker-ha-and-rdp.html
Kind regards,
Freek Berson
The Microsoft Platform
Twitter
Linked-in
Wortell company website -
How do you configure a farm name in RDS 2012?
I understand Remote Desktop Services has undergo some drastric changes.
How do you configure a farm name in RDS 2012? Or is the concept around farm name changed in another concept?
Although I have imported a certificate on the RDCH withe the farm name I want to use. When I click on a RemoteApp on the RD Web Access portal, it does not connect to the right farm name.
Boudewijn Plomp, BPMi Infrastructure & SecurityYou don't. You create a collection. A client connects to the Connection Broker and then is redirected to the collection it is connecting to. The collection name is embedded in the connection file that the client downloads from RDWeb or
the RDWeb feed.
A collection is basically at least one RDSH server (for session based desktops) or one virtual machine (virtual machine based desktops).
Don Geddes - SR Support Escalation Engineer - Remote Desktop Services - Printing and Imaging -
Users see all applications in RDS 2012 Web access in one-way trust domain environment
Hello!
We have RDS 2012 deployment in domainA.local. There is a one-way trust between domainA.local and domainB.local: A trusts B and B doesn't trust A.
A user from domainB.local authenticates in Web-access interface (wa.domainA.local) and sees
every published application in every collection in the deployment independently of UserGroups setting of collections and applications. This occurs for any domainB user.
In the security log of wa.domainA.local we can find an event :
An account failed to log on.
Subject:
Security ID: IIS APPPOOL\RDWebAccess
Account Name: RDWebAccess
Account Domain: IIS APPPOOL
Logon ID: 0x2C7B16
Logon Type: 3
Account For Which Logon Failed:
Security ID: NULL SID
Account Name:
Account Domain:
Failure Information:
Failure Reason: An error occurred during logon
Status: 0xC000005E
Sub Status: 0x0
Also in network trace on wa.domainA.local kerberos error could be found:
On TGS-REQ for krbtgt/[email protected] there is an answer: KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN (7), server name krbtgt/domainB.
How to deal with this issue? The aim is to show only specified applications to domainB users.
Any help would be appreciated.Hi,
Thank you for your posting in Windows Server Forum.
Please check below links might useful for your case.
“After adding the RDS server’s computer account to the Builtin Windows Authorization Access Group domain group, the RemoteApp icons displayed perfectly.” (Quoted from
this article)
1. Remote APP list empty
2. RD
Web Access unable to access Source (RD Server)
In respect to Kerberos Error, refer this link for troubleshooting.
1. Troubleshooting Kerberos Authentication problems – Name resolution issues
2. Kerberos Authentication problems – Service Principal Name (SPN) issues - Part 2
Hope it helps!
Thanks,
Dharmesh -
Hi,
I'm looking for a RDS 2012 Deployment Guide or best practices document but not finding it. Basically I'm looking for the equivalent of the document below but for Server 2012 R2 instead of 2008 R2
<won't let me add link to body yet>
We are planning a new RDS implementation and want to make sure we get the environment and resources right from the beginning. Initially I'm mainly curious about the recommendations on how many servers are needed and which roles can be combined
on single servers and which need to be broken out onto their own boxes. For example is it best to have the RD Gateway and the RD Web Access roles on their own individual servers or should/can they be combined on to one box in the DMZ?
If separate; can one of them also double as the connection broker? That sort of thing.
Any help is appreciated. ThanksHi Col,
Have a look at the following articles:
http://ryanmangansitblog.com/2013/09/27/rds-2012-deployment-and-configuration-guides/
I would recommend that you look at splitting the roles on a large environment or use a layer 7 load balancer so you can scale up the number of Gateway/RDweb servers if your connections grow.
I would advise against configuring the connection broker on a server which has a connection to the public interface (web and remote access via gateway). I would advise against exceeding 400 connections per RD Gateway server.
a example configuration:
Server 1 : connection broker and Licensing role
Server 2 : Session host
Server 3 : RDWeb and RD Gateway.
This may help you with regards to capacity planning:
http://ryanmangansitblog.com/2014/06/24/capacity-planning-for-a-rds-2012-pooled-2000-seat-vdi-collection/
Ryan Mangan | Ryanmangansitblog.wordpress.com | Help keep the forums tidy, if this has helped please mark it as an answer -
RDS 2012 R2 cannot add 3rd party (parent domain) licensing server
Hi,
I have a RDS 2012 R2 farm and i cannot add a 3rd party licensing server that is in a parent domain (forest root domain - hosted by our corp HQ). I will edit deployment properties for the deployment in the first CB server to add a licensing server in per
user mode. Seemes to work, however no licenses are given to SH servers. Have made GPO aswell to explicitly specify licensing server and mode, however i think this should not be neccessary.
Any ideas?
This posting is provided "AS IS" with no warranties or guarantees and confers no rightsHi,
Thank you for posting in Windows Server Forum.
1. In Server Manager -- RDS -- Overview -- Tasks -- Edit Deployment Properties -- RD Licensing tab, please make sure that the Licensing mode is set to match the type of licenses you purchased, and that the FQDN of your RD Licensing server is listed.
2. In Server Manager -- RDS -- Collections -- <your collection> -- Host Servers, please make sure that your RDSH server is listed. If you have more than one server with the RDSH Role Service in your deployment make sure that all of them are
listed. If they are not you may click Tasks -- Add RD Session Host Servers (make sure the servers are part of the Server Manager server pool prior to this).
3. On Server 1, please open an Administrator PowerShell prompt and enter the following command:
Add-WindowsFeature RDS-Licensing-UI
4. After the above powershell command completes you should be able to open RD Licensing Manager (licmgr.exe) on Server 1 if you need to. Please note that it is more important to have the licensing configured properly in deployment properties and your
RDSH servers part of a collection than it is to be able to open RD Licensing Manager on both of your servers.
(Above one quoted from beneath thread)
Source:
RDS 2012 Can't add a licensing server
In addition, check below article.
RD Licensing Configuration on Windows Server 2012
Hope it helps!
Thanks.
Dharmesh Solanki -
Hi,
I have installed and configured RDS 2012 on a test lab setup, created a W7 gold image in a Hyper v 2012 R2. Sysprep it but when I go to create virtual desktop collection I can not find the find the template in the virtual desktop template.
Collection type are as below,
Pooled virtual desktop collection
Automatically create and manage virtual desktops.
Please help me,
CheersHi,
Please check if the computer account of the RD connection broker server exists in the local RDS Management Servers group of the RDVH server.
Thanks.
Jeremy Wu
TechNet Community Support -
Hi all,
In a RDS 2012 R2 setup, is it possible to have two independant gateways (not HA)? One gateway would answer to gateway.xyz.com and the other would answer to gateway.abc.com. This setup would require two different certificates. Is this possible?
Thanks,
JesmatHi Jesmat,
Yes, you should be able to use multiple independent RD Gateways with a single RDS deployment, however, there are limitations and additional configuration steps. For example, you cannot use Server Manager or the powershell commands to assign the certificate
to the RD Gateways since you need to have different certs on each, instead use RD Gateway Manager. Another thing is if you plan on using RDWeb or the Feed then you need to have each RDG serve separate collections, and on each collection you need
to set a custom rdp property using powershell so that you can have a different FQDN for the RDG on each.
I'm sure there are other considerations that are specific to your use case that will affect how you set things up. Please keep in mind that your intended scenario is not one of the standard ones so you will need to plan things a bit more and you may
notice different behavior than expected.
-TP -
Migration from Roaming Profiles to User Profile Disks - RDS 2012 (R2)
Hi, I'm currently in the process of tweaking our RDS 2012 environment and have a question I hope someone can help me with....
The users who log onto the Collection are currently using roaming profiles stored on a 2008 R2 file server, but I'd like to move them onto User Profile Disks (looks to be a lot of pro's to it). Is there a way to migrate users profiles from roaming profiles
to User Profile Disks? We already have a lot of users on the farm with roaming profiles and I'm guessing if UPD is enabled, it will only take effect with new users? I need to do this without too much hassle if possible
Any help would be appreciated
ThanksHi Paul,
Thank you for your posting in Windows Server Forum.
Sorry to disappoint you, but you cannot able to move\migrate the roaming user profile to new User profile disk on server 2012\R2. You need to move them manually. Please refer below thread.
Is it possible to migrate local profiles to user profile disks?
http://social.technet.microsoft.com/Forums/en-US/63ab2ce0-c581-4397-ae7f-d84b8f2b6bd8/is-it-possible-to-migrate-local-profiles-to-user-profile-disks?forum=winserverTS
Hope it helps!
Thanks,
Dharmesh -
RDS 2012 R2 HA - CustomRdpProperty gets overwritten by sync
Hi,
I am implementing an RDS 2012 R2 Farm at a customer site. The customer is using different DNS-names internally and externally so I have implemented a Custom RDP Property via PowerShell on the Farm.
Set-RDSessionCollectionConfiguration -CollectionName "Collection" -CustomRdpProperty "use redirection server name:i:1 `n alternate full address:s:broker.external.com"
I can see, the property is applied and synced to the other broker servers - perfect!
I have verified via PowerShell and registry and I have tested that the 'redirection' actually Works - fantastic!
The problem is, that when the farm is synchronized Again, my custom property gets overwritten/deleted.
What am I missing? Permissions?
Is the Custom Property supposed to get written to the SQL database that is used for Broker high availability?
Hopefully someone can help med with this one :-).
Thanks in advance!
/Michael, DenmarkHi,
Yes, they do get the files from the same source. If using RemoteApp and Desktop Connections it stores a cached copy of the .rdp files in the user's profile and updates them periodically, so it is possible some of them could be using a rdp
file with the old information. For RDWeb a fresh copy is downloaded each time the page is refreshed.
To keep things consistent I would recommend you undo the custom rdp property you made. To do this you can run the command on
both brokers with a just a space or newline (`n) for the customrdpproperty parameter, like this:
Set-RDSessionCollectionConfiguration -CollectionName "collectionname" -CustomRdpProperty " "
-TP -
RDS 2012 R2 - open connection in windowed mode?
We built a new RDS 2012 R2 environment and are publishing a full desktop for use with remote users. The issue we are having is we would like the users to be able to open the connection in a windowed mode. Right now when the users logs onto the RD web access
server and clicks the collection icon the connection opens full screen across all the monitors the user has. I see no way to configure this option. Is is possible to have the connection open in a windows VS full screen across every monitor?Hi Brock,
Firstly sorry for delay response.
You can set RDP setting for RDS Desktopheight & DesktopWidth. Refer this article for more information.
In addition, you can use mstsc option for editing existing RDC(.rdp) configuration file. Also you can use
mstsc /span for multiple monitor. Please check below articles for more details.
1. Mstsc
2. Using Multiple Monitors in Remote Desktop Session
Hope it helps!
Thanks,
Dharmesh
Maybe you are looking for
-
CD/DVD Error Code 10 Device cannot start
Tried to roll back the drivers, also tried uninstalling the drivers, need correct drivers for the device HL-DT-ST-DVDRAM GSA-T20L ATA DEVICE, shows that correct drivers are installed if I search windows for the correct driver. Also tried system rest
-
Upgrade Macbook Late 2008 Unibody Hard Drive SSD or size?
I have a late 2008 macbook aluminum unibody..........it currently only has the standard 160 GB...and I'm at about 152 GB. I need to upgrade (already upgraded from 2GB RAM to 8GB), but now I need the bigger hard drive. My friend is telling me how grea
-
Can anyone get to this note "1390717.1: 12c Cloud Control Agent: Is it possible to Re-configure a 12c Agent to a Different 12c OMS Without Re-installation?" I do a search in Metalink and I see it listed in "How to Point a 10g/11g Grid Agent to a Diff
-
Problems with converting_pdf_to_word_document!!
I have not been able to convert PDF's to word documents since February 2013 and whenever I try an 'Error' message appears and continues to appear with each successive attempt. This is become quite an issue with a subsequent decrease in efficiency and
-
Auto Time change, Sound mute and trying to read something before windows 7.
Dear, I recently bought a MacBook Pro i7. I installed Windows 7 Ultimate through Boot Camp. But after installing i am faceing few problems as listed below: 1: *Automatic Time change* When i am in windows 7 and i switch to Mac OS X the time of my Mac