Home Forums Terminal Server & RemoteApp

I'm working on getting RemoteApp working on our Terminal Server. The Terminal server has been operational for several months now with only a few hiccups along the way. It's connected to the SBS-E server with our (hopefully soon to be replace) 48-port 10/100 switch. The SBS-E server is running AD and the domain controllers. We have been logging into the terminal server with HP thin clients over Cat5e for all this time without difficulty. We just added 2 partners who have wanted their systems to be wireless (they seem obsessed with 'being able to move about the room' - OK fine). Well the wireless N system just isn't what it is on a wired connection. (1.5s speed from wired and 15s on wireless). The AC speed can be painfully slow on wireless connections. The potential solution: RemoteApp - right run the application on the terminal server. I have 10 Device CALs for Windows Multipoint Server 2011 already installed that came with the thin clients (which no more than 4 are ever used simultaneously).

I just can't get the damn thing to work. I think there is an issue with my domain controller or AD because I've never been able to get GPOs to propagate to the Terminal Server (that is connected to the domain as far as I can tell).

Basically when I create the RDP or MSI file from RemoteApp the result is blank - the RDP has no information or server path when you double click it.

Any thoughts?

Well, as usual, this is a question for Sandeep, but I will throw in a few things. This is a good site which may help.

http://technet.microsoft.com/en-us/library/cc730673(v=ws.10).aspx

How do you have RDC configured? It has to be version 6.1. I believe 6.0 will work, but I have always used 6.1.

The actual RIGHT answer you already know. If you can run wired, that is so much better than wireless. You could try Powerline, which would likely speed things up. But, if it is only slow for the doctors with laptops, then let them deal with it. I imagine they will come around soon enough asking for wired. Wireless is fine when there is no other option. I know someone will post saying that they have no issues with wireless, but the fact is wired is always more secure and faster.

The terminal server runs RDP 7.1, RDC 6.1.

I figured you would say that! I didn't just want to PM Sandeep on this just in case there are other folks who may want this info in the future and run into the same issues.

I'm also a fan of my macbook and ubuntu and think it possible to get a remoteapp working on those ;-)

Hey Vince,

I can't help you, but am one of those happy with my wireless N router and HP notebook carrying docs, but my question from one hillbilly to another--did you happen to graduate from WVU Med school in Morgantown in 1990??

Sorry to disappoint, I graduated from WVU undergrad in 2003 with my BS in Biology. Med school I spent in Pikeville, KY

I thought it might be a long shot, but I recall a Slater either in my class or 1-2 years either side--no disappointment, just curious, and I hope you get your situation handled, and thank you for presenting your dilemma--always interested to hear how the problem solving goes.

I'm pretty sure I know why your GPOs never apply to the TS and I have an idea of why your TS Remote App files are blank. I need to see you make them though. PM me so I can remote in. Unfortunately, the fixes for Terminal Servers are not clean or easy.

I'm fairly certain DNS and ADDS/ADCS have something to do with all of this. I have multiple errors noted in the roles under my server manager. I'm worried about tinkering too much on the system while it's running live but may have to. I've noticed that internet requests are taking forever (honestly probably more like 1-2seconds in reality - but seems like a long time which suggests to me DNS isn't working right). I think it's also impacting RDP because my wireless systems (3 laptops which I hate having at all) lose their RDP connection or it becomes slow - this obviously could be a wireless-N issue but I'm not certain.

Sandeep - I think you're on the west coast but I'd like to connect with you on this because if I had hair I would have pulled it out already and youtube isn't really helping. (I'm going to setup a virtual lab to learn and tinker with SBS and windows7 clients in what spare time I have to learn this stuff....)


Error Report from ADCS:
The "Windows default" Policy Module "Initialize" method returned an error. The specified domain either does not exist or could not be contacted. The returned status code is 0x8007054b (1355). The Active Directory containing the Certification Authority could not be contacted.


Error Report from DNS:
Issue:
The DNS server 192.168.1.101 on Local Area Connection did not successfully resolve the name of the address (A) record for this computer.

Impact:
Other domain controllers might not be able to resolve this computer's name. The computer might not be able to connect to network resources.

Resolution:
Click Start, click Network, click Network and Sharing Center, and then click Change adapter settings to configure DNS servers that are able to resolve names for your enterprise.

Is your servers' IP address assigned by DHCP? It should be static and it should be a DHCP server too. Please post the ipconfig /all for the server.

Why your GPOs don't apply to the Terminal Server. The most likely reason is that the Terminal Server is in the servers OU. If you check Active Directory Servers and Users, my bet is that is you have it set up like this:
Domain.local
>MyBusiness
>>SBS Computers
>>SBS Servers
You need put the GPOs under the SBS Servers OU as well.

I have the DHCP running off our Sonicwall firewall.
The IPs for both my TS and SBS are static both on the servers themselves but also statically assigned by DHCP.

I never setup DHCP from the server side because everything I'd read claimed it was a PITA...

I also added the Role of DNS on the TS as a backup DNS to go along with the primary DNS provided by the AC-SERVER.

My naming conventions: AC-Server SBS 2011 Essentials server 192.168.1.100
MP-Server Terminal Server (Multipoint) 192.168.1.101

I'll check the OU of my TS



Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

Windows IP Configuration

Host Name . . . . . . . . . . . . : AC-SERVER
Primary Dns Suffix . . . . . . . : SKYLYNMEDICAL.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : SKYLYNMEDICAL.local

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE (NDIS
VBD Client)
Physical Address. . . . . . . . . : 00-1C-23-XX-XX-XX
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5854:4ef4:3128:XXXX%XX(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.51
DHCPv6 IAID . . . . . . . . . . . : 234888227
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-9C-A7-5F-00-1C-23-XX-XX-XX

DNS Servers . . . . . . . . . . . : ::1
192.168.1.100
192.168.1.101
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{C6D41D3E-A51F-414A-89E0-BFACA0XXXXXX}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Are double DNS Servers really necessary? Did you configure them properly? I.e. adding forward and reverse lookup zones that have the secondary DNS server as the source. DHCP on Windows is pretty solid.


You see how the issue is on the secondary DNS server (MultiPoint 192.168.1.101) rather than the primary. This points to improper configuration. For now, just use one DNS server.

Probably not necessary no.

I went ahead and removed it and replaced it with 8.8.8.8 as the alternate DNS server for now. (I would like to have OpenDNS running to block staff from surfing too much at some point which I think is done through DNS forwarders).


These are my current DNS errors.
Title:
DNS: DNS servers on Local Area Connection should include the loopback address, but not as the first entry.

Severity:
Error

Date:
7/24/2012 11:27:55 AM

Category:
Configuration

Issue:
The network adapter Local Area Connection does not list the loopback IP address as a DNS server, or it is configured as the first entry.

Impact:
If the loopback IP address is the first entry in the list of DNS servers, Active Directory might be unable to find its replication partners.

Resolution:
Configure adapter settings to add the loopback IP address to the list of DNS servers on all active interfaces, but not as the first server in the list.

More information about this best practice and detailed resolution procedures: http://go.microsoft.com/fwlink/?LinkId=188760

Issue:
The DNS server 8.8.8.8 on Local Area Connection did not successfully resolve the name _ldap._tcp.gc._msdcs.SKYLYNMEDICAL.local.

Impact:
Active Directory Domain Services (AD DS) operations that depend on locating a Global Catalog will fail.

Resolution:
Click Start, click Network, click Network and Sharing Center, and then click Change adapter settings to configure DNS servers that can resolve the name _ldap._tcp.gc._msdcs.SKYLYNMEDICAL.local.


New IPCONFIG

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

Windows IP Configuration

Host Name . . . . . . . . . . . . : AC-SERVER
Primary Dns Suffix . . . . . . . : SKYLYNMEDICAL.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : SKYLYNMEDICAL.local

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE (NDIS
VBD Client)
Physical Address. . . . . . . . . : 00-1C-23-XX-XX-XX
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5854:4ef4:3128:XXXXXX(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.51
DHCPv6 IAID . . . . . . . . . . . : 234888227
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-9C-A7-5F-00-1C-XX-XX-XX-XX

DNS Servers . . . . . . . . . . . : ::1
192.168.1.100
8.8.8.8
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{C6D41D3E-A51F-414A-89E0-XXXXXXXXXX}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Still not configured properly. You want to add any external DNS Servers as forwarders.

Start>Administrative Tools>DNS>Forwarders (Tab) Add 8.8.8.8 (Google) Or 208.67.222.222(OpenDNS)

List that single DNS Server as 192.168.1.100 (SBS Essentials) in the IPv4 Config

Also you'll want to setup that up in DHCP too.

IP Range : 192.168.1.XX-192.168.1.XX
Gateway as 192.168.1.51
DNS: 192.168.100.1

Open the IPConfigV4 Settings>Advanced>DNS (TAb)>Add 127.0.0.1 to get rid of the loopback error
Should look like
192.168.100.1
127.0.0.1

OK.

OpenDNS forwarders and Google forwarder added as noted.

Changed network config on the server to:
Primary DNS: 192.168.1.100
Alternate DNS: 127.0.0.1

Only kicks back a "The network adapter Local Area Connection does not list the loopback IP address as a DNS server, or it is configured as the first entry." which makes no sense because the loopback address is the alternate not primary.

Did you check the post above?
http://amazingcharts.com/ub/ubbthreads.php/topics/47190/Re_Terminal_Server_RemoteApp#Post47190

I'm fairly sure. I assumed you were looking for me to use 192.168.1.100 rather than the 192.168.100.1 though.

It must be throwing the error for IPv6 then, do the same thing. The Preferred IPv6 should already be filled out, put this as the alternate: 0:0:0:0:0:0:0:1

These aren't really errors. You're running the best practices analyzer aren't you?

Yeah the best practices analyzer is running - Not having much experience with windows Server I didn't see it logical to argue with what M$ deemed a best practice. If it's not really an error then I won't worry about it. My goal was to optimize the system by removing possible errors on the server to start with. I'm still not convinced active directory is working right though (it's not just the terminal server that GPOs don't propagate to it's other desktops on the domain...). chances are I didn't do something right and youtube has been less than perfect at helping me correct it!

Oh the 0:0:0:0:0:0:0:1 didn't make a difference with the non-compliant best practices analysis. DNS seems to be working when I test it so I'm not going to worry about it unless you think it's contributing.

I'll have to get a good time to setup DHCP from just the server and disable it on the firewall. I've just been told previously DHCP on windows server can be complicated (don't remember who said that though now).

If you look at the part 5 of the SBS Essentials installation series, DHCP server is relatively easy to configure. Just follow the steps.

Sounds like a downtime saturday move. On a side note, after reconfiguring things it seems remoteapp is working!?! I did end up reinstalling the SBS 2011 server and Multipoint terminal server on saturday though so it may have been that but I'd still like to thank you Sandeep for your help with my DNS issues. Thank You!


I'd love for you to continue helping me get my GPO issue resolved (they don't seem to propagate to any domain logged in machine at all!).

Excellent. Glad to hear you got it working.

Sure, on Thursday, I'll be free.

I think Bert may have been on the right track originally. My Terminal server runs the newest version of RDC/RDP... my trusty old windows XP (soon to upgrade to windows 8 for the $49!) runs 5.1 - I think this might have been the problem with remoteapp making blank files?

If they were blank on every computer on only XP computers that would make sense, but you made it sound like the files generated by the TS were blank even on the TS.

Yeah it looked it and thought it was. I didn't try testing if the *.rdp worked while logged on the terminal server, it just seemed redundant to create an rdp while using an existing rdp session (I would run out of CALs twice as fast). It was blank though on the computers I tried before but since redoing the servers and with your help on a few screwy things it seems to work on all systems except mine which I can deal with.

Not saying you should run it. Just open and see if the settings are blank. What's the OS of your system?

Yeah I did fully test it on the multipoint system as well as the 4 or 5 windows 7 systems we have and it worked just fine on all of those systems. Sadly my test system is my old windows XP machine because it has my dual video card. I made the mistake of not testing it on a windows 7 machine before making my initial post here about this problem.

Solution - remoteapp hates windows xp (or the version of RDP that I have installed)