Terminal Services licensing firewall ports

Similar Messages

• Sun Ray Windows Connector Terminal Services licenses issue

  Hi!
  I've installed the latest Sun Ray 4 09/07 as well as the Windows Connector (srwc) recently released on a machine. I've followed the instructions given in the installation guide. But when 'uttsc' is executed I received the following error message.
  "No Terminal Services licenses are available"
  I have no issue in connecting to other Windows server (say windows-02) only to this particular Windows server (windows-01). Surprisingly, I have no problem 'uttsc'-ing to windows-01 using pre-existing Sun Ray 4. Any idea why and how to resolve this?
  Appreciate anyone who responds. Thanks.
  Regards,
  Jonathan

  What Terminal Server license model are you using? And what does Windows Terminal Server License Manger show for number of licenses in use and availble?

• Session failed : The terminal services license is invalid

  Hi,
  I have one user who receive this message(session failed : The terminal services license is invalid) , all other user work ok.
  When the same user try on other desktop he works fine.
  I try to delete all cache, cookies on the desktop, i try the "tarantella tscal free" command but the problem is already present.
  Can you help me ?
  I run SGD 4.2-909 on Linux RedHat 4.

  I understand the licensing model as it pertains to standard connectivity, (i.e. a wintel box using the rdp client to connect directly to the terminal server). <<
  But how does the java emulation of the client work? does it also deposit data in the local windows registry regarding TS Cal licensing? Is it static to the workstation used to connect to SGD? <<Should work the same way for Windows clients; the Terminal Services CAL is stored in the local client registry; as I understand it, this is a legal requirement of the RDP source license.
  For non-Windows clients, the TSCAL is stored on the server in a license pool, and can be viewed / manipulated with the tarantella tscal command. TS CAL's are allocated to this pool for the TS License service, and handed out to users as necessary. Reading ahead to the next posting, it's possible to get an expired license stuck in this pool, which can cause problems. Using the tscal command, should check to see if there's an expired license in the pool, and if so, delete it.

• Discover Terminal Services Licensing Server

  Hi,
  We need to discover terminal server in our environment. There are some clients which are already using terminal services. Whenever we enable any new server to use terminal services it didn't discover it automatically. We even didn't have sufficient information
  of terminal server, IP, computer name etc.
  Is there any way we can find the information of terminal server from clients already using terminal services?

  You can check this from a management console but the Instructions vary depending on what version of Windows Server you are running.
  You could just check the following the registry setting on a machine that is already configured...
  HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\License Servers on 2008 R2 or HKLM\SYSTEM\CurrentControlSet\Services\TermService\Parameters\LicenseServers\SpecifiedLicenseServers on 2012 R2
  HTH,
  Jeremy

• Session Failed: The Terminal Services license does not match this client

  We have had some issues recently with specific OSX Clients accessing SGD remotely. The above message appears in a connection progress dialog box and the user is no longer able to login i have been given some information from a colleague about the tscal free command however i unsure whether or not this will resolve the issue. Does anyone have any information about this.
  Regards
  Jamie

  We are using SGD 4.5.
  On my mac pro i could not access the page it kept saying loading sgd however i got a colleague to try it with firefox, it would not work he updated firefox to the latest version and he was in. He could launch the demo apps fine. Strange though as this only seems to effect our SGD system. Should i be contacting Sun Support about this?
  Thanks for the response.

• Licensing mode for terminal services

  Hi,
  This has been most likely asked here already but i just cannot find exactly what i'm looking for. OK, here's my situation:
  We have a windows server 2008 cd installer. We already had it running before, but we got hit with a virus that we needed to re-install. Now, we are just getting things back to work again. However, we are encountering this message on our server.
                          "The licensing mode for the terminal server is not configured"
  When i tried to configure the licensing, it's asking for the license code. But i'm not sure where to find the license code? is it in the CD installer?
  Actually, i was not the one who installed the windows server before; i just took over when the server got hit with a virus.
  Also, i'm not very sure if we really need the TS CALs. Our server has multiple users from different countries, and we access the server through remote desktop access.
  Hope you can help us with this issue.
  Thank you, i appreciate it.
  Best,
  Vanessa

  Hi,
  I forgot to inform that license server has actually been activated already. So i assumed we just need to configure the licensing mode. And so, from Terminal Services Configuration, i clicked "terminal services licensing mode" and i set it to "Per User". Now
  the message "Licensing mode still not configured.." is now gone when i logged in to server. However, i get this warning on Terminal Services Configuration window:
  "Terminal server is in Per User licensing mode, but license server does not have any Windows Server 2008 Per User TS CALs installed."
  And when i checked from the TS Licensing Manager, and selected the server name, the details are:
  TS CAL Version and type: Windows 2000 Server - Built-in TS Per Device CALs
  License Program: Built-in
  Total TS CALs: Unlimited
  Available: Unlimited
  Issued: 0
  What does this mean? Should we set the TS licensing mode to Per Device instead of Per User?
  Thank you.
  Regards,
  Vanessa

• Windows 2012 R2 License Server and Firewall Ports

  Hi,
  I have setup a Windows Server 2012 R2 as a RDS license server, and I have installed the necessary CALS.  This server is on the domain and in AD.  We have a separate VLAN that is isolated but can join domain for authentication purposes only,
  but it is behind a firewall.  What ports do I need to open on the firewall in order for the Windows 2012 Servers to aquire a license from the 2012 R2 server in the domain?
  Thanks,
  Mike

  Hi Mike,
  Thank you for posting in Windows Server Forum.
  Remote Desktop License Server 
  o RD License Server Port RPC 
  o TCP 443: Communication over the internet to the Microsoft Clearing House 
  o TCP 5985: WMI and PowerShell Remoting for administration 
  o From a proxy standpoint, the regkey HKLM\Software\Microsoft\TermServLicensing\lrwiz\Params shows the Microsoft service that the RD LS communicates with.  e.g. clearinghouse.one.microsoft.com 
  More information.
  Which ports are used by a RDS 2012 deployment?
  http://social.technet.microsoft.com/wiki/contents/articles/16164.which-ports-are-used-by-a-rds-2012-deployment.aspx
  Hope it helps!
  Thanks.
  Dharmesh Solanki

• Firewall Ports for Web Services

  Hi Experts,
  Can you please list what are the firewall ports to be opened to call a ECC 6.0 system web service from a .Net application, assuming both systems are separated by a firewall
  Thanks in advance
  Regards,
  Krishna

  Hello ,
  Please as far as i know you have to open 4 ports in the ecc system.
  They are
  Message server port =  36<instance number>
  ITS = 80<Instance number>
  Gateway = 33<instance number> -- make sure service entries are maintained (sapgw)
  If you maintain Central SLD - then the specific port needs to be opened. - 5(instance number)00.
  I hope these ports needs to be opened and this is enough,  I believe.
  Vijay.

• Windows 2008 R2 Terminal Services.

  Hi,
  I am implementing Terminal services in Windows 2008 R2. I have following setup
  1. tsgwserver.test.com as TS Gateway+Web Access server (will be accessed using internet). This server is in DMZ zone.
  2. tssessionbroker.test.com as TS Session Broker server.
  3. tsappserver1.test.com, tsappserver2.test.com, tsappserver3.test.com as TS SH & RemoteApp servers (Application which will be accessed remotly are installed in these servers). Farm01.test.com is created and configured on these servers.
  4. Client1 will access the RemoteApp using TS Gateway server using internet. however client2 will access the RemoteApp using local network. These users will be authenticated by AD.
  I have installed the above setup but unable to View the applications on remote desktop using web access (client1 and client2). I am missing somewhere in installation/configuration/setup. License server is not installed yet. I am not using certificates
  Please correct me if I am wrong with above setup. Please help me to create this setup
  Regards,
  Rajiv

  RD CAP & RD RAP policy are configured and configured  RD Gateway setting in RemoteApp manager. Port 443 for ext firewall and 3389 in int firewall are configured. I have checked WMI using MMC and found TS Web Access Computers is listed
  for each SH in security setting.
  When I select Source Name : localhost in RD Web Access portal, it gives blank in RemoteApp programs and if I use session broker or server farm name, then it gives following messages
  RD Web Access was not able to contact the RD Connection Broker server specified. Ensure that the RD Connection Broker server name was entered correctly, and that the server is running and available on the network.
  RD Web Access was not able to access server_farm.  Verify that the RD Session Host server name was entered correctly, that the server is running and connected to the network, and then try again.
   Please let me know which ports I need to configure in firewall to allow Windows Management Instrumentation (WMI) traffic from the RD Web Access server to the RD Session Host server and what  authentication settings I need to configure?

• Terminal Services - drive redirection doesn't work.

  Hi,
  I have got two Terminal servers on Windows 2012 DataCenter(T1 and T2) + AD on Windows 2012 DataCenter.
  My problem is, that on a terminal T2 drive redirection doesn't work(also printers and clipboard).
  I tried the following things:
  - GPO on AD (Computer Configuration\Policies\Administrative Templates\Windows Components\Terminal Services\Terminal Server\Device and Resource Redirection\Do not allow drive redirection=DISABLE).
  - local GPO on terminal T2 (Computer Configuration\Policies\Administrative Templates\Windows Components\Terminal Services\Terminal Server\Device and Resource Redirection\Do not allow drive redirection=DISABLE).
  - FW is disabled on both terminals.
  - Terminal configuration allows to redirect drives and printers.
  - I tried to login with domain account and local account, on both account redirection doesn't work.
  - System Logs seem to be alright.
  - Of course on the client side I mark redirect local drives.
  Both terminals are the same, both are VM(T2 is a clone of T1).
  Please help...

  Hi,
  Thank you for posting in windows Server Forum.
  Have you check the firewall rules? Please check that ports/ firewall is not blocking the drive to get redirected. For firewall try to disable the firewall and check. You can use below command on the client.
  netsh firewall set opmode mode=disable
  This will eliminate the firewall altogether; assuming you are using Windows firewall. Otherwise, disable any other firewall / blocking software and see how it reacts without firewall. Additionally, go back into RDP and manually "set" those options
  to allows Disk Drive Mapping and Printer pass-through.
  Hope it helps!
  Thanks.
  Dharmesh Solanki
  TechNet Community Support

• DNS for internal network and Firewall ports?

  Hello,
  I don't know were to begin, so I guess I'll start with my setup.
  I have Mac OS X server 10.5.7 running DNS, Firewall, Mail, iChat, RADIUS, VPN, SMB. Behind an Airport Base Station in DMZ.
  My DSN setup is just for the server and local clients. I'm also setup to forward my ISP DNS.
  My question is do I need to open any ports in the firewall. I currently have my local subnet 172.16.4.x to allow all. The "Any" subnet to allow DNS outbound. Is this correct or am I creating a security risk?
  I dont want the public to be able to use my DNS server. (I would like to ONLY allow my local network, and VPN users.)
  Thanks!
  Message was edited by: Robert LaRocca

  I always recommend going with a hardware device (including the base station) over IPFW when running a server.
  The main reason is that when you're running behind a NAT device (such as the AirPort Base Station), ALL incoming traffic is blocked unless you specifically enabled it via port forwarding. A positive security model.
  In contrast, Mac OS X Server will open firewall ports based on the services you're running, without regard to whether that service should be publicly accessible or not.
  You then have to go through the motions of securing each service to either block external traffic at the service level (e.g. by telling the application what addresses it can listen to), or at the network level (by configuring the firewall to block external access). This is a bad security model since each service is public by default and you have to go out of your way to secure it.
  Also bear in mind that you might not think this is a problem today since you can just configure IPFW and be done, but what about next week? or next month? or next year when you add another service. Will you remember to reconfigure the firewall to secure it then?

• Get Report of Terminal Server license report

  Is there a way I can track our Terminal Server Licenses usage. For example I have bought 50 licenses, are they being used to full capacity or under used. What is the monthly maximum usage. And we have about 10 servers hosting terminal services
  in our AD, do I have to generated a report for each ? Is there tool that can do this ? Windows 2008 R2 and Windows 2012 R2

  Hi,
  Thank you for posting in Windows Server Forum.
  For finding active session on terminal server you can use command as follow.
  query session /server:SERVER2
  A user can always query the session to which the user is currently logged on. To query other sessions, the user must have Query Information access permission.
  More information.
  Query session
  http://technet.microsoft.com/en-us/library/bb490800.aspx
  Hope it helps!
  Thanks.
  Dharmesh Solanki

• Terminal Services (TS) or Remote Desktop Services (RDS) scenario clarifications

  Dear Support,
  Question:
  Do I still need to purchase RDS CALS license? or can use MSDN CALs in the Terminal Server?
  Due to MSDN subscribers are End users, do not use Production Data and have to demo their developed applications to other End users group.
  Scenario:
  1. Use only Remote Desktop Session.
  2. End users are MSDN Subscribers.  (Although stated by Microsoft End users are non MSDN subscribers)
  3. End users demo applications to End users.
  4. End users develop their applications and have to demo to other End users group.
  From MSDN link:
  Client Access Licenses for Terminal Services
  With an MSDN subscription, you are allowed to provide end users access to Internet demonstrations of your programs via Terminal Services (Windows Server 2003 or Windows Server 2008) or Remote Desktop Services (Windows Server 2008 R2). Up to 200 anonymous
  users can simultaneously access your demonstration this way. Your demonstration must not use production data. MSDN subscribers are licensed to demonstrate their applications to end users,
  but Terminal Services (TS) or Remote Desktop Services (RDS) is the only scenario where end users without an MSDN subscription can interact with the demonstration application while the software is licensed through MSDN subscriptions.
  Accessing CALs            
  MSDN subscribers can access CALs for demonstration purposes through the
  Product keys page of MSDN Subscriber Downloads. Please access the documentation resources online for assistance with the
  Terminal Server activation process. If you have any questions, please visit the Microsoft
  Terminal Services forum.
  Mary Lee

  Hi
  Please call the licensing to be sure. In the USA (866) 230-0560 or
  [email protected]
  Regards, Philippe
  Don't forget to mark as answer or vote as helpful to help identify good information. ( linkedin endorsement never hurt too :o) )
  Answer an interesting question ? Create a
  wiki article about it!

• Accessing client using Windows 2008 Terminal Service - Web Access?

  Dear experts,
  We are developing a network infrastructure solution for our new customer's B1 8.8 implementation.
  Our customer would like to utilize Windows Server 2008 Terminal Service to connect B1 client in remote branch with server in head office area. And they want to use Terminal Service - WEB ACCESS. Base on our experience, we successfully implement B1 using Remote Desktop Connection or Citrix to support B1 client in the remote area.
  My question is, Has SAP already support to utilize windows "Terminal Service - Web Access" to access B1 client?
  If Yes then what are possible issues and solutions?
  Thanks,
  Indra

  Hi,
  when we said to customer that it is better to use citrix, they will see some concerns as follows:
  1. Investment to buy citrix server
  2. License of citrix
  3. installation time for ICA client
  4. maintenance cost for citrix and its server
  The benefits are as follows:
  1. Reduce cost to purchase B1 license. Remote and LAN users can access B1 through citrix
  2. The connection speed. Citrix is more faster than RDC or terminal services either web access or not
  3. The security reason. Check this link:
  http://www.virtualizationadmin.com/articles-tutorials/terminal-services/management-tools/terminal-services-internet-information-server.html
  In the support platform, there is no windows terminal services web access info. You may check it here:
  http://service.sap.com/smb/sbo/platforms
  The supported hosted environments are using citrix or windows terminal service. For remote users, the citrix is used for web access and windows terminal services are using IP and the connection is using internet (do not use VPN).
  The citrix is not very expensive. We must make them realize the benefit.
  Kita harus pastikan citrix itu bagus dan tidak mahal2 amat kok. Beli dari reseller citrix yang diauthorized  tetapi tidak big company agar tidak mahal sekali. SAP AG menyarankan menggunakan citrix karena memang sangat bagus.
  (in english : we must convince the customer about the citrixs benefit. it is not too expensive. The citrix could be buy from small reseller company so that its price is acceptable. SAP AG suggested to use citrix because it is very best web access).
  I know bhs because I am from Indonesia hehehe....
  JimM

• ADS+Terminal Services on a Single Physical Server running Windows Server 2008 R2

  We have a Dual Processor Server (2 x Intel Xeon E5-2620v2 + 32GB RAM) running on Windows Server 2008 R2. This has ADS configured. We now wish to add a VDI Setup with NComputing Zero-Clients. We have to run Terminal Services with User RDS CAL + User
  CAL for all VDI Clients.
  Please confirm if we can have both the ADS & Terminal Services running on the same physical server ? Are there known issues or crashes due to this ? Or should both these run on two different servers ? Customer does not want to invest in one more server
  & OS. Hence, we have to run both the services on a single physical server. Customer has just upgraded his server to a Dual Processor with 32GB RAM to accommodate both the services.
  Please advice, if we can run both the ADS & TS on the same server. What is the best practice for this Solution ?
  Thanks & Regards,
  VR
  ([email protected])

  Hi,
  After referring your comment I can say that, you can able to use ADS and Terminal service on same physical server with server 2008 R2. But installing a terminal server on an Active Directory domain controller is not recommended. I suggest that it’s not a good
  practice to manage the environment in that way. If possible, then try to run on two different machines for better result and to avoid any problem. Allowing users to run programs on a domain controller could create security risks and performance issues.
  If the Terminal Server role service is installed on a domain controller, the security settings of the domain controller will need to be adjusted to allow user’s remote access to the server. This remote access is controlled by the "Allow log on through Terminal
  Services" user rights assignment, which can be configured by using the Group Policy Management Console (GPMC).
  You can refer below link for more information.
  1.  Installing RD Session Host on a Domain Controller
  2.  Best practices for setting up Remote Desktop Licensing (Terminal Server Licensing) across Active Directory Domains/Forests or Workgroup
  Hope it helps!
  Regards.