Win Srv 2008 R2 DC interfering with Win Srv 2012 R2 RDS RemoteApp functionality during program opening by any user

I have a small LAN with a Win 2008 R2 SRV as DC, File Server and App Server for QuickBooks and QB POS, and a VMware 5.1 host that has three utility servers running on it. One of these three is a Win 2012 R2 SRV config'd with these RDS roles (RD Session Host,
RD Connection Broker, RD Web Access, RD Licensing and RD Gateway) installed as a single server solution, simply because we're only servicing a few users. RDS roles were installed and configured before installing the MS Office 2013 and QuickBooks apps. I created a
simple Collection and setup the RemoteApps for access.
Initially I had only installed the RD Session Host, Connection Broker and Web Access. Installed the Apps, restricted access to only the RemoteApps and tested their ability to open via an internal connection from within the LAN in browser, minus the SSL errors
and .local address everything worked fine when a user authenticated. I installed the Licensing component and activated it and the internal LAN connectivity continued to function. I then installed my single SSL cert and configured it for use in each requiring
RDS role, opened port 443 thru my firewall to the RDS server and then began testing connectivity from external browser, at this point I initially encountered rights errors with my RDP users group, they were being denied logon access, it seemed
the Win 2008 R2 DC is mixed in the middle of the auth cycle of course so I straightened out that problem via GPO. I then again attempted to login via external source and now could login and obtain access to the RDS Web Access page showing my RemoteApps
BUT now when I click on an App to open it as either a user or Admin it attempts to Auth the process thru the Win 2008 R2 DC instead of directly to where the App is run from on the 2012 RDS server and gives me this error...
RemoteApp Error: Windows cannot start the RemoteApp program. The following RemoteApp program is not in the list of authorized programs:
Further details can be added to this but has anyone encountered this problem with a similar setup?
Thanks
NeoPaladine

Yes, but thanks for bouncing all of the ideas.
I saw that I was receiving Event Error 201 each time a failed RemoteApp load would occur, followed the trail for that and found the following that fixed it!
http://blogs.technet.com/b/networking/archive/2010/01/14/remote-desktop-gateway-client-fails-authentication-with-your-user-account-is-not-authorized-to-access-the-rd-gateway.aspx
Specifically this step:
Solution 1
Register the NPS server in Active Directory:
In Server Manager, browse to the following location:
Roles\Network Policy and Access Services\NPS (Local).
Right click on the NPS (Local) node and choose Register server in Active Directory.
Click OK to authorize the server when prompted.
Once I registered as above the RemoteApp's loaded perfectly both internally and externally when requested.
Thanks for leading me in the right direction!
Brent
NeoPaladine

Similar Messages

  • Lightning calendar and task tabs interfering with Ultramon icons in the upper right corner of the window.

    As I today reinstalled Thunderbird and Lightning, I discovered, that the 2 small tabs (Calendar and tasks) in the upper right corner of the window is interfering with the icons at the same place from the program Ultramon, that i use because I now are working with 2 displays.
    Are there any way to move those 2 tabs a little further to the right?
    It is not a very big problem, but a bit annoying to click at the tasks tab, and the window jumps to the next screen.
    Any easy solution?

    ''hbirch [[#question-1048136|said]]''
    <blockquote>
    As I today reinstalled Thunderbird and Lightning, I discovered, that the 2 small tabs (Calendar and tasks) in the upper right corner of the window is interfering with the icons at the same place from the program Ultramon, that i use because I now are working with 2 displays.
    Are there any way to move those 2 tabs a little further to the right?
    It is not a very big problem, but a bit annoying to click at the tasks tab, and the window jumps to the next screen.
    Any easy solution?
    </blockquote>
    Rubbish !! Of course I meant move to the left - sorry

  • Replicate win server 2008 r2 with win server 2012 r2

    I have AD on win server 2008 R2
    Can I replicate it with win server 2012 R2
    Nagy Anwar

    Hello,
    there is no problem to add a new Windows Server 2012 R2 into the existing domain.
    http://blogs.msmvps.com/mweber/2012/07/27/upgrading-an-active-directory-domain-from-windows-server-2008-or-windows-server-2008-r2-to-windows-server-2012/
    Best regards
    Meinolf Weber
    MVP, MCP, MCTS
    Microsoft MVP - Directory Services
    My Blog: http://blogs.msmvps.com/MWeber
    Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.
    Twitter:  

  • Win 2008 R2 radius integration with WLC 5508

    Requires help in integrating Win 2008 R2 Radius server with WLC 5508

    Step by Step instructions - NPS & Wireless LAN Controller
    PEAP Authentication - http://www.cisco.com/c/en/us/support/docs/wireless/5500-series-wireless-controllers/115988-nps-wlc-config-000.html
    EAP-TLS
    https://kb.meraki.com/knowledge_base/radius-creating-a-policy-in-nps-to-support-eap-tls-authentication
    hope that helps, Please let me know if you have any other questions in regards to setting up your NPS server
    Please rate that post if it answers your question or helps you  to resolve the problem.

  • Win SRV 2012 R2 - Desktop heap allocation failed

    Win SRV 2012 R2 - Desktop heap allocation failed
    Every 4-5 days, i get this warnging message :
    Warning Win32k (Win32k ) A desktop heap allocation failed.
    20 minutes later, this Distributed DCOM error popups every 10 minutes until i restart the server.
    The server {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} did not register with DCOM within the required timeout
    Pleas help! 

    Heelo babajeeb69,
    This may help to mend the issue running on the servers:
    Open regedit,and navigate to the following key:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems
    Then found the following value: "Windows SharedSection=X,Y,Z.
    Where X,Y and Z are the values you'll found there.
    The Desktop heap the the "Y" value.
    Double this value, and then reboot the box.
    Hopefully the issue will dismiss for good.
    It turns out that too many interactive services are running on the machine, since this services allocate some from the Desktop heap, when it becomes depleted the Win32K will starve for memory even with plenty of memory and disk space.
    Att,
    Felipe Cobu

  • How to Migrate Win Server 2008 to Win Server 2012 if PDC server no longer exist?

    With this being Foundation (less than 15 users) with some problems already, it might be smarter to just start the new server fresh.

    I took over a small business company's network infratructure with Server 2008 Foundation and I would like to migrate to a new Windows Server 2012 r2.The Server 2008 Foundation is a DC with AD / DHCP / DNS / File & Print Server roles. I would like to transfer these roles to the new server with Win Server 2012 r2 std OS. My plan is to join the new server to the old DC, promote it as DC, and transfer roles to it, demote old server and power off.However, there was an older server (Windows 2003) which is no longer in the office and it was the current operations master. The server 2003 was the PDC. When I open AD Domains and Trusts I get this error:"You cannot modify domain or trust info because a PDC emulator cannot be contacted.."Maybe the FSMO roles wasn't transferred over from 2003 to 2008 properly? I don't know.How can I move forward to...
    This topic first appeared in the Spiceworks Community

  • Can I move a Virtual Domain Controller from one host(Win Server 2008 R2) to another (Win Server 2012 R2) ? Are there any issues?

    Can I move a Virtual Domain Controller from one host(Win Server 2008 R2) to another (Win Server 2012 R2) ? Are there any issues?

    I also had this error: "Setup cannot continue. Your computer will now restart, and your previous version of Windows will be restored."
    trying to do a in-place upgrade of a Domain Controller Windows 2008 R2 to Windows 2012 R2.
    The problem was the separated System Reserved Partition. After I removed using this instructions:
    http://jacobackerman.blogspot.com/2012/12/how-to-remove-system-reserved-partition.html
    The upgrade ran ok, and now have my DC as Windows 2012 R2.
    Hope that helps!.

  • How to create a Pooled VDI infrastructure using Win server 2012 as VM image?I have followed the "usual" way to build a pooled VDI desktop using Win7 or Win8 with success, but it fails when I use an image of Win Server 2012 as VM

    I have followed the "usual" way to build a pooled VDI desktop using Win7 or Win8 with success, but it fails when I use an image of Win Server 2012 as VM instead.
    Am I overlooking something?  Should I need to prepare the image in a different way? (Sysprep differently?)
    Thanks

    Hi,
    Thank you for your posting in Windows Server Forum.
    Can you specify the error which you are facing during VDI setup for server 2012?
    I might think that you need to check the memory setting for server 2012, as might happens that due to less memory you can’t setup the VDI setup properly. 
    Memory: If the Master VM is configured with static memory, it must have at least 1024 MB as startup RAM. If the Master VM is configured with dynamic memory, the maximum RAM must be at least 1024 MB.
    Please check beneath article for information.
    Windows
    Server 2012 2,500-user pooled VDI deployment guide (Doc)
    Single Image Management for Virtual Desktop Collections in Windows Server 2012
    Hope it helps!
    Thanks.
    Dharmesh Solanki

  • My firefox installation is complete on my PC with Win XP, the icons are up, but the program will not start... no process or anything in task manager... any idea what is going on?

    bought a second hand laptop running Windows xp. When I go to download firefox, the installation goes seemingly smooth, but the program will not open. There are no firefox processes showing in task manager when I do this. I just downloaded chrome instead, but it sucks and I want firefox but my computer rejects it. This computer runs every other program I use without a hitch
    == This happened ==
    Every time Firefox opened
    == after installation ==
    == User Agent ==
    Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.375.99 Safari/533.4

    thanks chris for the reply back,i have solved the massive problem i have had with MF 3.6.3 it ws COMODO FREE FIREWALL i had a sneaking suspicion all a long it could have been that but was not sure?,my pc had slowed down since installing comodo i am pretty sure of that,there were lags and pauses ect ect on general usage of the pc even though cpu usage was ok?,so maybe if many pc users that have comodo firewall installed they might like to try a change to another firewall and see if it helps,i went back to OUTPOST FREE FIREWALL which i had for ages without ANY problems whatsoever.
    regards
    john
    mozilla firefox build 3.6.3

  • Can anyone help with how to install Java on Win Server 2012 RDS

    I am trying to install Java on my RD Host Server and have tried several times to install both the 32 and 64 bit clients.  Both complete but when I try to verify, I think the 32-bit version launches, but never fully resolves the applet.  I get
    a grey box, but  nothing more.  I have tried several method of installs but nothing seems to work.

    technically it should be under install mode but it doesn't really seem to matter in most cases
    the most important part is that you allow the java controls to run in IE when prompted, if that's not done then it won't be allowed for your remote desktop users
    you can also validate this by going to the manage add-ons section in IE, select all add-ons and look for items under Oracle, make sure they're enabled for all sites in the more info section
    once you're confident it's working for you as an admin, then we can tackle any user issues which are usually caused by IE hardening and JRE7's strict security settings which you may also want to look into
    personally I've had issues with activex filtering feature and enhanced protected mode options - disable them both

  • 10g Express Edition on Windows 2008 Enterprise R2 x64 with Active Directory

    I have successfully installed the 10g Express Edition on Windows 2008 Ent. r2 x64 with Microsoft Active Directory Domain Controller but i could not be able to run http://127.0.0.1:8080/apex
    Although i have run the http://127.0.0.1:8080/apex on my another Windows 2008 R2 x64 ant WITHOUT Active Directory Domain Controller Role.
    i think its related with AD Domain server role of my server, because i run that on same config and operation without Active Directory Domain Controller role.
    Can anyone help about this issue?
    thanks in advance

    I have experienced the same problem - running 10g Express on a Win 2008 (32-bit). When not being a Domain controller, the install was fine. When installing after the server had been given the Domain Controller role (+the required DNS), it failed. NO FIREWALLS are involved on the server. Seems like Oracle Express has problems being installed in this kind of environment - independent of x32 or x64 bit OS.
    Edited by: 811504 on Nov 17, 2010 11:44 PM

  • How can I create a Pooled VDI infraestructure using Win server 2012 as VM image?

    Hello
    I have followed the "usual" way to build a pooled VDI desktop using Win7 or Win8 with success, but it fails when I use an image of Win Server 2012 as VM instead. 
    Am I overlooking something?  Should I need to prepare the image in a different way? (Sysprep differently?)
    Thanks

    Dear Ryan
    I think the point is other than committing a breach of licensing.  I have a legitimate need to use a pooled server system, which incidentally is not going to be end user.
    The "economy" of the proposed structure can make a more efficient use of the equipment.
    This is an excerpt of the MS VDI Q&A:
    Do I need to pay for Windows VDA if I use Windows Server as a client operating system in my virtual machine?
    OR
    I’ve heard that I can avoid paying for Windows VDA by using Windows Server as my VDI desktop OS. Is this true?
    Running a Windows Server®
    OS as the desktop in the datacenter does not require Windows VDA, but there are many reasons why a server OS should not be used as a desktop, especially in the datacenter:
    The user experience with servers as the desktop is very different from using a Windows client.
    Many applications for end users were written for a client OS and not a server OS. Each of your applications would need to be retested to ensure compatibility with a server OS. Additionally, most vendors
    do not offer support for client applications running on servers.
    Clients and servers are on different patch cycles, adding to management complexity.
    Most of the VDI ecosystem will support the Windows client in the datacenter, not server OS’s.
    However, if you do decide to run a server OS as the desktop, please note that you will need to pay a Remote Desktop Services Client Access License (RDS-CAL) to correctly license that scenario.

  • SYSTEM WRITER MISSING WIN SERVER 2012

    Hi,
    I have installed win server 2012. On that server i have sql 2012 and sharepoint 2013. After a while my windows server backup stops working and system writer is missing now. I found that problem might be in subfolders in MICROSOFT.NET folder. It has more
    than 1000 subfolders in GAC_MSIL folder. Is this really true that system writer can't enumerate more than 1000 folders and that I cant have sharepoint 2013 and sql server 2012 installed on same server. Is there a solution which can fix this or I can have all
    of that on one server?
    Hope that someone can help with this.

    It seems to be a known issue, some other Technet forum users have experienced the same problem.
    Check this post and see the solution.
    Missing VSS System Writer and CAPI2 error in Event Log
    http://social.technet.microsoft.com/Forums/en-US/winserverfiles/thread/4458947a-623e-45c1-b8e4-868aad1e93b0
    I've got this problem about a month ago. I refer to MSP.
    The problem was caused due to stack full. When we list system writer using “vssadmin list writers”, it will go through all the system files. To do that, the OS use a  search algorithm with a stack which has a size limitation of 1000. When the stack
    was full, it failed to continue listing files and log an event in the application event log.
    In my case, the following folder contains too many subdirectory and caused the problem.
    C:\Windows\Microsoft.Net\Framework64\v2.0.50727\Temporary ASP.NET Files\*
    1. Open C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\CONFIG\Web.config
    2. Add tempDirectory attribute to compilation tag. For example:
    < compilation tempDirectory="c:\ASPTEMP">
    And also grant the folder with the same privilege with as “C:\Windows\Microsoft.Net\Framework64\v2.0.50727\Temporary ASP.NET Files”.
    3. Restart the IIS Service.
    4. Backup and delete all files under “C:\Windows\Microsoft.Net\Framework64\v2.0.50727\Temporary ASP.NET Files”.
    5. restart the Cryptographic Service.
    6. Try “vssadmin list writers” again.
    Hopes this brings idea for you to solve it.
    And also refer to this thread:
    Howto Restore VSS Functionality on Windows 2012 Server with SQL 2012 and Sharepoint 2013 installed?
    http://social.technet.microsoft.com/Forums/fr-FR/winserver8gen/thread/f440e66c-437d-4576-af51-b7cfecdf2906

  • Win Server 2012 Failover Cluster - Error: Failed to bring cluster disk online

    Hi Technet
    I'm currently running running 2 VMs Win Server 2012 and would like to test Failover Clustering for one of our FTP server
    I've added on both servers an additional partition, formatted and Online
    One of the drives comes Online but cannot bring the 2nd disk online from the cluster manager
    Error: failed to bring resource online - clustered storage is not connected to the node
    Assistance would be greatly appreciated
    Thank you
    Jabu

    Hi jsibeko,
    Since the VMware offer the MSCS shared storage solution themselves, I suggest you first ask VMware whether that shared storage is supported with your vSphere edition, I found
    some VMware KB about the VMware shared storage for MSCS, may you can get more tips.
    The VMware KB:
    Microsoft Clustering on VMware vSphere: Guidelines for supported configurations (1037959)
    http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1037959
    Microsoft Cluster Service (MSCS) support on ESXi/ESX (1004617)
    http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1004617
    I’m glad to be of help to you!
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

  • How to create a Pooled VDI infrastructure using Win server 2012 as VM image?

    I have followed the "usual" way to build a pooled VDI desktop using Win7 or Win8 with success, but it fails when I use an image of Win Server 2012 as VM instead.
    Am I overlooking something?  Should I need to prepare the image in a different way? (Sysprep differently?)
    Thanks

    Hi,
    Thank you for your posting in Windows Server Forum.
    Can you specify the error which you are facing during VDI setup for server 2012?
    I might think that you need to check the memory setting for server 2012, as might happens that due to less memory you can’t setup the VDI setup properly. 
    Memory: If the Master VM is configured with static memory, it must have at least 1024 MB as startup RAM. If the Master VM is configured with dynamic memory, the maximum RAM must be at least 1024 MB.
    Please check beneath article for information.
    Windows
    Server 2012 2,500-user pooled VDI deployment guide (Doc)
    Single Image Management for Virtual Desktop Collections in Windows Server 2012
    Hope it helps!
    Thanks.
    Dharmesh Solanki

Maybe you are looking for

  • WSUS Repair: Can I not use a drive other than C:?

    I used the wizard to move the WSUS folders from the C: drive to the SBS2008's D: drive in order to recover C: drive disk space as so many others have had to do. Now ofcourse, the system says it no longer is installed as designed and updates to domain

  • APEX_ITEM report - SORT doesn't work

    Hi, For the following report, the SORT doesn't work. I've also tried with the "Report Attributes", but same result. Does someone know is there a way to make it sorted or can confirm it's not possible. Thanks. SELECT APEX_ITEM.CHECKBOX(11,id_cc_delai_

  • HT201436 Most of the time my phone as not network connection any goes to voicemail

    I find few big problem on my phone -1 Most of the time my phone as not network connection and goes to voicemail -2 when I call  and I talk I find the call has been cut the words and also I heard half of the words of the person is calling me !! I hope

  • PATCH Oracle RAC 10gR2 DB on Linux

    Hello, I want to patch 2 node RAC 10gR2 DB (Standard Edition) on SLES 11. I have patched signle instance DB with OPATCH, but never patched RAC DB, kind of very nervous. I am not able to find generally and also from MOS regarding step by step process

  • MM-SUS CONTRACT

    Hi, I am changing the contract with the new message output type and retrigger the idoc. The problem is the contract is not getting replicated to SRM System. Please let me know how to find the error in this case(We are connecting to a PI system betwee