Users need to run an Unknown Publisher .exe during Remote Desktop session

Similar Messages

• Option "Deny this user permissions to logon to a Remote Desktop Session Host Server" tuned on

  Last week a lot of users start to complain that they can´t access my TS Server, where there are several Remote Apps published in my TS Gateway server. Everything was fine in the last 3 years.
  We´re investigating an issue related to the Oracle IDM application, maybe the reconcilliantion process is enabling the "Deny this user permissions to logon to a Remote Desktop Session Host Server" option, without our permission
  But the investigation of the problem will take longer, so, i need a method to remove the checkbok of the option, via script or automated method, while we´re investigating the issue, because the users calls, we uncheck the option and everything is fone again,
  but several hours later, the checkbos appears checked (on) again
  I could´t find the option in powershell, nor ADSIEdit/Attribute editor.
  I even couldn´t find the name of the field
  I need to create a qucik-script to sweep the AD, and uncheck the optin, automatically, untill the problem is solved

  Some new information:
  1) The Oracle IDM/OAM solution was "Guilty".
  For some reason, during a regular updated schedulted task for the IDM solution, the field was found with no info, and the software "thought" that the default parameter was "enabled" and all affected users got the "deny" option  checked (this is a weird
  "reverse" misunderstanding, because the proper state is "disabled" in AD, but the software set it to "Enabled", ebcause "thinks" that is "TSAllowLogon", in fact is the oposite meaning.
  2) I could find the "allowLogon" or "TSAllowLogon",  but it is inside a "UserParameter" option, like a multi-valued option:
  Get-ADUser -Filter {SAMAccountNAme -eq '<USERNAME>'} -Properties UserParameters
  The result was:
  UserParameters    : CtxCfgPresent                                   P☺CtxCfgPresent????☺CtxCfgFlags1????☺CtxShadow????*☻☺CtxMinEncryptionLevel?
  The exact same, as seeing in ADSI Edit/Advanced Attribute Editor, but i can see in a 3rd party LDAP browser, the LDAP browser decoded the field, showing a lot of other informations, like AllowLogon=0, among others

• Create a 1-click setup for a Remote Desktop session for non-tech users

  Hi everyone,
  I know how to configure a VPN or use port forwarding for VNC, ARD, etc. and know about iChat's Screen Sharing feature and sites like LogMeIn. But I'm looking for something special here. This is the situation:
  • A user calls me for help and I would prefer a Remote Desktop session
  • He's usually behind a NAT router which hasn't been set up to allow remote access
  • He's absolutely NOT tech savy
  So I'd like to have an easy way to allow me to initiate a Remote Desktop session (ARD/VNC) with as little user interaction needed as possible. I don't want to walk him through reconfiguring his router on the phone!
  I was thinking of using iChat's Screen Sharing first. But I'd need to create a jabber account, save iChat's preference file, maybe pack it into a little "Installer" and mail it to him. So all he needs to do is double-click it and run iChat afterwards and accept me.
  But this is a little too much for my taste and I'm wondering if there isn't already a "best practice" or something like that. Any ideas or suggestions?
  Thanks a lot!
  Björn

  I've recently started using TeamViewer. If you can walk a person through going to http://www.teamviewer.com and clicking on "Start Full Version" and getting them to download it and run it, then you're good to go. It's cross-platform both ways so you can control a Mac from a PC and a PC from a Mac in addition to M-M and P-P. If they're on a PC, the download is an executable which when they double-click it, asks them if they'd like to run it or install it. Just have them run it and in a few seconds they will have an ID number and random password generated that they can tell you over the phone. Then you type it into your TeamViewer app and you're controlling their screen. If they're on a Mac, the download is a disk image so you have them mount it and then just run the app directly from the disk image. Once you're connected you can fully install the app for future use or just help them out. It's pretty much the simplest cross-platform control system I've found to deal with situations where it's not already setup for me to support. On top of all that, it's free for personal use!
  Jeff

• [Forum FAQ] Troubleshoot the error "The Remote Desktop Session Host server is in Per User licensing mode and No Redirector Mode"

  Symptom
  RD License server is a key component of RDS. It licenses users to access RDS servers.
  After purchase the required RDS CALs, we need to activate the RDS License server and install the purchased RDS CALs. However, during the installation or after installation, we may face errors
  about RDS License.
  In most cases, the following error may occur.
  Error:
  The Remote Desktop Session Host server is in Per User licensing mode and No Redirector Mode, but license server "Server name" does not have any installed licenses with the following
  attributes:
  Product version: Windows Server 2012
  Licensing mode: Per User
  License type: RDS CALs
  Troubleshooting
  1. Check whether the RD License Configuration is configured properly and there are no Warnings in the Event.
  2. The License Server should be part of 'RD Server License' group in Active Directory Domain Services.
  3. Check if the Licensing Mode is correct.
  - To change the Licensing Mode we can use RD Licensing diagnose, PowerShell cmdlet and Group Policy.
  Via PowerShell cmdlet:
  To change the licensing mode on RDSH/RDVH:
  $obj = get-wmiobject -namespace "Root/CIMV2/TerminalServices" Win32_TerminalServiceSetting
  $obj.ChangeMode(value)
  # Value can be 2 - per Device, 4 - Per user
  Via Group Policy
  Path: Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Licensing
  Use the specified RD license servers = FQDN of server name
  Set the Remote Desktop licensing mode =
  Per User
  However, if issue persists, please provide detailed information and post the question in the
  Remote Desktop Services (Terminal Services) forum.
  Please click to vote if the post helps you. This can be beneficial to other community members reading the thread.

  Hi Richard,
  You need to uninstall Remote desktop session host feature. After removing it, you will default two connections which does not need to purchase RD CALs'.
  Thanks,
  Umesh.S.K

• I need windows 7 screensaver to activate after terminating a remote desktop session

  I need windows 7 screensaver to activate after terminating a remote desktop session
  Ok, so this one is slightly complex.
  I have a monitor at work which needs to display company info via a screensaver set to scroll through a series of images. This is a pretty standard thing, but where my problem occurs is that the screensaver must be updated remotely each
  day via Remote Desktop, and not by a local user sitting at the PC itself. This works on XP with a bit of hacking and playing with settings. But it won't work on W7.
  Ok, so the XP setup first:
  When terminating the remote session, on the XP machine the system looks here:
  C:\windows\system32\config\defaultprofile\administrator’s documents\administrator’s pictures
  OR
  C:\WINDOWS\system32\config\systemprofile\ administrator’s documents\administrator’s pictures
  for the images to display during the screensaver, so I placed a shortcut to this folder (whichever one of the two it is on either of the two PCs i am doing this on; for some reason it isn't always the same path across all machines)
  on the desktop and had the user place the images in there. I also do a small registry hack so that after a timeout of 60 seconds, the screensaver looked in this location, found the images, and displayed as you'd expect. It always looks here after a remote
  session, and ignores the screensaver configured in the control panel UI, hance these stpes were necessary.
  So, now the PCs are being upgraded to W7, but this isn't working. I think it's because on W7 the desktop isn't simply being locked when a remote session is started, the entire user is being logged off. Once the session is terminated,
  the W7 PC sits at the login screen indefinitely and no screensaver ever displays.
  Does anyone know a workaround here? Sorry for the overly complex explanation, and if it doesn't make sense I'd be happy to elaborate. Thanks.

  Hi,
  Please see if the Screen saver timeout setting helps:
  Group Policy Settings for Personalization
  http://technet.microsoft.com/en-us/library/ee617164(v=ws.10).aspx
  Thanks.
  Nicholas Li
  TechNet Community Support

• I need step by step instructions to set up Remote Desktop between 2 computers on 2 different networks. Please dumb it down for me.

  I need step by step instructions to set up Remote Desktop between 2 computers on 2 different networks. Please dumb it down for me.

  I need to do the same, but with more than one computer behind a dynamic-IP NAT:
  OS X Server A -|
                 |
  OS X Client 1  |- NAT Router Fixed IP ---|
                 |                         |
  OS X Client 2 -|                         |
                                           |
  OS X Client 3 -|                         |
                 |- NAT Router Dynamic IP -| Internet
  OS X Client 4 -|                         |
                                           |
  OS X Client 5 -|                         |
                 |- NAT Router Dynamic IP -|
  OS X Client 6 -|
  I have ARD installed on Client 1 and Client 3 (different locations where I'm at) and I need to manage Client 5 and 6 (and the others, but that amounts to the same problem). Since there are multiple computers behind the NAT, I cannot just patch a port through. I want a secure solution as the traffic goes via the internet.
  I have been thinking about letting the users of Client 5 and 6 set up a VPN link to the NAT Router of Client 1 when they need assistance, but when I want to manage this from Client 3, all traffic goes over two VPNs, let alone if the router at Client 1 can manage this in a stable way.
  Probably, two assignments in the router of client 5 & 6 would be nice, but can I tell ARD to use different ports for certain machines?

• Remote Desktop Session - users presented with Other User only?

  Hi,
  I am running a 2008 R2 server patched up to date.  It has the remote desktop services role installed.  Whenever I RDP or if a user launches a terminal services session they are presented with OTHER USER only.  
  This involves clicking the Other User before entering their credentials which is becoming a pain.  
  Non of the other servers are behaving this way.  I've compared the settings with the other and all is identical.  I've checked the local security policy and disabled all Group Policies but the behaviour still persists. Any ideas?
  Thanks, Matt.

  Hi Matt,
  Can you clarify more for this line, “Whenever I RDP or if a user launches a terminal services session they are presented with OTHER USER only.” what you mean by this? If I understand, when you taking RDP, you need to enter the credential for user manually
  and that you don’t want, yes? If misunderstood, please correct.
  For that, for a try you can enable the Group policy under credential manager and enable SSO for remote desktop connection. You can find the setting under beneath path.
  Computer Configuration\Administrative Templates\System\Credentials Delegation
  Allow Delegating Default Credentials: Enable
  Add "TERMSRV/<Your server name>" to the server list.
  There are other setting which you can check with following link.
  How to enable Single Sign-On for my Terminal Server connections
  http://blogs.msdn.com/b/rds/archive/2007/04/19/how-to-enable-single-sign-on-for-my-terminal-server-connections.aspx
  Hope it helps!
  Thanks.
  Dharmesh Solanki
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• How to run windows mobile device center via remote desktop

  I am developing mobile application in Microsoft Visual Studio 2008. I connect to my computer via remote desktop and my operating system is Windows Server 2012 R2. In order to test the application, I use mobile device emulator. I can run device emulator but
  there occurs a problem when I try to cradle the device. I found out that this is because wmdc cannot run via remote desktop. Is there any way to run wmdc via remote desktop? I searched other topics but there is no solution to this.
  Note : WMDC works when I directly use the computer not with remote desktop.

  Hi Omer,
  Please check this thread to see if there is one solution may solve your problem.
  http://stackoverflow.com/questions/3490910/emulator-not-connecting-to-windows-mobile-device-center-after-emulator-soft-rese
  https://social.technet.microsoft.com/Forums/en-US/3d1f1a9a-7ca8-4408-a501-cc67843ffa16/remote-desktop-does-not-connect-to-wmdc?forum=winserverTS
  Best regards,
  SHu Hu
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• Backend BW roles for users needed when running reports in infoview?

  Hello all,
  We are using SAP BI Queries as the sources of our universes, the user is going to logon to infoview to run report in webi. We have created some access levels in CMC to restrict users, the question is - the user will still need some kind of backend BW roles to have access to the BI query that is developed in BW system right? That way the user can fetch data?
  Let me know
  Thanks in advance.

  Hi,
  If you are using SAP Authentication and Single sign on option in universe connection, the users must have sufficient roles to access SAP BW database.
  if not, the only user login which you create during connection creation having roles to access to BW database is enough. In this case, the user can login to Infoview using any user and can access the report if he has priveleges to the report.
  Hope this helps!

• Advanced Excel user needing help running VBA program in Numbers 09

  I am preparing for Dental school, a very tough program, indeed, and wanted to use a powerful tool that helped me out in my undergrad:
  I have developed a Visual Basic program in Excel which gives the user a few simple forms through which I can enter data (terms and definitions, or possible test information) and then take short tests, play a silly game, print flash cards and so on.
  I worked very hard to get this going on Office 2007 - very VERY hard given Office 07 is the most evil creation ever!!
  I may resort to running gulp Vista to get this running, but what a pain! I am aware that Applescript is an option, but would hope there is some compatibility with my previous work. The more code I can preserve from my previous program the less time I will have to invest in developing the Mac version.
  This is a highly advanced thing to do, and I realize most people don't do this sort of thing. If anyone is as crazy (and geeky) as me your help would be much appreciated. Thanks in advance!

  Where are you finding Applescript 3.2.1 ?
  As far as I know, the current AppleScript is 2.1.2 and is part of mac Os X 10.6.
  Office for mac is unable to use VBA.
  Numbers is unable to take benefit of this missing VBA.
  AppleScript may be used to mimic some VBA features.
  Look at :
  http://mactech.com/vba-transition-guide/index-091.html
  In fact, I guess that you grabbed Xcode 3.2.1 hoping to be able to build AppleScript applications.
  This require a serious learning curve.
  Look at :
  http://developer.apple.com/Mac/library/releasenotes/ScriptingAutomation/RN-Apple ScriptObjC/index.html
  Yvan KOENIG (VALLAURIS, France) lundi 5 avril 2010 08:01:27

• Can I publish RemoteApps to Remote Desktop Servers? RDS2012

  I want to have my apps exclusively published via RemoteApp.  I also want users to have a full desktop if they choose.  Is it supported to have RemoteApps published on a RemoteDesktop servers?  The GPO i create doesnt get applied and I think
  I remember seeing some errors about it in the event log being an RDS server and not being able to use RemoteApps.  
  THX!

  Hi,
  Can you specify the Error\Event log you are facing during this issue?
  By referring to your post, I can understand that you are trying to publish your app via RemoteApp. For that I can say that you can able to publish the App via RemoteApp.  Here providing you the link for step by step guide which helps to publish RemoteApp
  program. 
  Quick and Easy, RemoteApp on Windows Server 2012
  You can able to distribute RemoteApp to user with help of E-mail address and group policy. Go through
  this article for more information. For accessing full desktop by user I can suggest
  you to try with RDP client version 8.0 and 8.1 (8.1- Temporarily unavailable for up gradation). Please refer
  this article for more information.
  Hope it helps!
  Regards.

• Windows XP see blank screen when remote desktop to Windows 7 with fast user switching disabled

  All computers are in workgroup environment, no AD.
  Windows 7 pro are configured with fast user switching mode disabled so that only one login session can run at a time. When a Windows 7 machine remote desktop to another Windows 7 machine, the remote desktop 'server' will give 30 seconds count-down for the
  console logged in user to accept remote connection, or when timeout expires it kicks out the console logged in user. This is completely ok.
  This become a problem when a Windows XP rd client try to remote desktop to these Windows 7 machines, Windows XP see a blank screen if the remote Windows 7 machine has a user logged in, as it is waiting for the user to log off first. This is not desirable
  as our administrators want the console session to be logged out automatically if they (administrators) want to remote desktop in.
  Is this a configuration problem? Is this a OS design, can't be changed?
  Valuable skills are not learned, learned skills aren't valuable.

  Hi,
  As I know, for RDP session in Windows 7, you don't need to configure the fast user switch option disabled. Windows 7 doesn’t support multiple Remote Desktop sessions by design, that means only one RDP session at a time.
  I remote into my Windows 7 machine (which has a user logged in) from my XP machine, all work fine, the user logged in Windows 7 machine is automatically "kicked off".
  May I ask a question? Does this issue happen in all XP machines? If you leave Windows 7 machine started and no user logged in, the RDP session in Windows XP established quickly?
  I would suggest you keep latest drivers graphic card and latest updates paches for both Windows XP (Windows XP has come to its end of the lifecycle)and Windows 7.
  Yolanda Zhu
  TechNet Community Support

• Remote Desktop repeatedly installs ARD Client for standard users...

  ARD 3.2 running on OS 10.5.4 on MacBook Core2Duos...
  These are machines imaged from an asr disk image...
  No issues with admin users...
  Every time Remote Desktop is launched by a standard user, a admin user name / password is required and the Apple Remote Desktop Clint is reinstalled. After, ARD runs normally until it is quit and relaunched, even without a user logout...
  Making the standard user an admin user resolves the issue. The issue returns when the admin right are removed from the user...
  Have run permission repairs, removed and reinstalled Remote Desktop, manually checked permissions, etc...
  It appears that from the standard user perspective, the ARD Client software needs to be updated. ...
  Any ideas out there? I have to deploy these machines NOW and I am running out of ideas on this...
  Thank you! Les

  Dave,
  Thank you for the ideas. While you are pretty much correct in what you have said, these are unfortunately not my issue(s). I wish they were!
  1) ARD will run fine for a standard user (at least it did in Tiger) as long as it is properly setup and licensed by an admin user ahead of time (especially the entry of the license code). This I have done, and the license code is recognized just fine. I too thought of the promote / demote idea and have tried it. While promoted, it launches fine for the user, but upon demotion goes back to reinstalling the ARD Agent at each launch of the program (this install process does not run while the user is promoted)...
  2) The systems are from the same disk image. However, I have given system its own unique, valid, legally purchased serial number. Though the program is loaded on the image, it has been installed only. It is not run or licensed on the master, only on the end-user client machines...
  It appears to me that from the standard user perspective, the system thinks that the ARD Agent needs to be updated. I have verified with the PackageMaker SnapShot utility that the ARD Agent and its related files are being installed when this happens, and they appear to be the only thing being installed. The Remote Desktop Admin program itself seems to be fine.
  Does anybody know exactly what happens at the file system lever when Remote Desktop is launched? I am thinking my standard user is lacking access to a particular file or directory or right, and I am sure I could quickly find it if I new what to trace. Watching fs_usage has yielded lots of information, but nothing that has helped...
  I have also removed and reinstalled Remote Desktop to no avail. Disabled all ACLs on the file system, placed known-good receipts and run permission repairs, and forced chmod -R 777 down the path of everything I can find with the names Remote Desktop, ARD, etc...
  I am a little worried at this point that the issue is created by the imaging process something like the question marks in docks in the latter updates of 10.4. I have seen similar issues come up (launching apps under Rosetta being one) with users' LaunchServices property lists after moving their home directories from one volume to another, making the issue very hard to track down, as they reside in files that do not contain the name of the app being affected...
  Any further ideas would be much appreciated!
  Les

• My remote Desktop Users service is disabled

  Dear all,
  i need your help i have a windows server 2008 and when i restart i get my "allow users remote desktop" disabled and when i change it and then restart i get it disabled again i suspected there is a GPO that is doing that but when i run the gpresult i did
  not get any GPO changing the local group policy then i suspected that there is a start up script that is doing changes to the registry but still not
  i really what to know whats making this policy disabled
  thank you  

  Hi,
  Please try to use rsop.msc to see the following policy setting configured correctly:
  For details:
  Allow users to connect remotely using remote desktop Services
  ===========================================
  1.  Computer Configuration ->Policies ->Administrative Templates ->Windows Components ->remote desktop Services ->remote desktop Session Host ->Connections ->Allow users to connect remotely using Remote Desktop Services
  Restrict Group
  ==========
  1. Computer Configuration -> Policies -> Windows Settings -> Security Settings
  2. Right-click Restricted Groups, and then click Add Group.
  3. Click Browse, add Remote Desktop Users, click Ok.
  4. Add the members  what you want.
  Allow log on through Terminal Services(RDS on DC)
  ==========================
  Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> User Rights Assignment -> Allow log on through Terminal Services
  Hope this helps!
  Best Regards
  Elytis Cheng
  Please remember to click “Mark as Answer” on the post that
  Elytis Cheng
  TechNet Community Support

• To install Remote Desktop Services User CAL on Windows Server 2008 R2 Enterprise Edition with SP1

  Dear Sir,
  Presently we have installed Windows Server 2008 R2 Enterprise Edition with SP 1. And now i would like to install Remote Desktop Services User CAL on this server. I have 25 digit product key of Windows Server
  2008 R2 Remote Desktop Services User CAL (20). Downloaded this product key from our MSDN Subscriptions.
  Kindly suggest me how to install (CAL server with product key that i have) and configure remote desktop services on my above existing server also how to point other server with my CAL server.
  Thanks

  Hi,
  1. Install Remote Desktop Session Host and Remote Desktop Licensing Role Services using Server Manager.
  2. Open RD Licensing Manager (licmgr.exe), Activate your server, then install your license
  3. In RD Session Host Configuration (tsconfig.msc), set the Licensing mode to Per User and Specify your RD Licensing server name (itself).  If you want you may configure these two settings via group policy setting instead.  The path of the
  group policy settings is Computer Configuration\ Administrative Templates\ Windows Components\ Remote Desktop Services\ Remote Desktop Session Host\ Licensing
  4. You may point other RDSH servers to your RD Licensing server using RD Session Host Configuration or via group policy as mentioned above.
  5. Optionally you may consider installing other Remote Desktop Role Services such as RD Gateway, RD Web Access, RD Connection Broker, etc.
  -TP