Remote Desktop Services Authentication and Encryption

Published: January 8, 2010 Applies To: Windows Server 2008 R2 Transport Layer Security (TLS) 1.0 enhances the security of sessions by providing server authentication and by encrypting RD Session Host server communications. The RD Session Host and the client computer must be correctly configured for clients to make successful remote connections and for TLS to provide enhanced security. For example, a certificate is needed to authenticate an RD Session Host server when SSL (TLS 1.0) is used to secure communication between a client and an RD Session Host server during Remote Desktop Protocol (RDP) connections.

Events

Event ID 1050

Source Microsoft-WindowsTerminalServicesRemoteConnectionManager

Message The Terminal Server listener %1 is configured with inconsistent authentication and encryption settings. The Encryption Level is currently set to %2 and Security Layer is set to %3. These settings were automatically corrected to allow connections to proceed. Please change the Security Layer and Encryption Level settings in Group Policy or by using the Terminal Services Configuration tool in the Administrative Tools folder. The Terminal Server is configured to use SSL with user selected certificate, however, no usable certificate was found on the server. The default certificate will be used for Terminal Server authentication from now on. Please check the security settings by using the Terminal Services Configuration tool in the Administrative Tools folder. The Terminal Server is configured to use a certificate that will expire in %2 days. %1 The SHA1 hash of the certificate is in the event data. Please check the security settings by using the Terminal Services Configuration tool in the Administrative Tools folder. The Terminal Server is configured to use a certificate that is expired. %1 The SHA1 hash of the certificate is in the event data. The default certificate will be used for Terminal Server authentication from now on. Please check the security settings by using the Terminal Services Configuration tool in the Administrative Tools folder. The Terminal Server is configured to use a certificate that does not contain an Enhanced Key Usage attribute of Server Authentication. %1 The SHA1 hash of the certificate is in the event data. The default certificate will be used for Terminal Server authentication from now on. Please check the security settings by using the Terminal Services Configuration tool in the Administrative Tools folder. The Terminal Server is configured to use a certificate but is unable to access the private key associated with this certificate. %1 The SHA1 hash of the certificate is in the event data. The default certificate will be used for Terminal Server authentication from now on. Please check the security settings by using the Terminal Services Configuration tool in the Administrative Tools folder. A new self signed certificate to be used for Terminal Server authentication on SSL connections was generated. The name on this certificate is %1. The SHA1 hash of the certificate is in the event data.

1051

Microsoft-WindowsTerminalServicesRemoteConnectionManager Microsoft-WindowsTerminalServicesRemoteConnectionManager Microsoft-WindowsTerminalServicesRemoteConnectionManager Microsoft-WindowsTerminalServicesRemoteConnectionManager

1052

1053

1054

1055

Microsoft-WindowsTerminalServicesRemoteConnectionManager

1056

Microsoft-WindowsTerminalServicesRemoteConnectionManager Microsoft-WindowsTerminalServicesRemoteConnectionManager Microsoft-WindowsTerminalServicesRemoteConnectionManager Microsoft-Windows-

1057

The Terminal Server has failed to create a new self signed certificate to be used for Terminal Server authentication on SSL connections. The relevant status code was %1.

1058

The Terminal Server has failed to replace the expired self signed certificate used for Terminal Server authentication on SSL connections. The relevant status code was %1.

1059

The Terminal Server authentication certificate configuration data was invalid and the service reset it. If the

TerminalServicesRemoteConnectionManager 1062 Microsoft-WindowsTerminalServicesRemoteConnectionManager

computer was configured to use a specific certificate, please verify it is available in the certificate store and use the administrative tools to select it again. The terminal server is configured to use a template-based certificate for Transport Layer Security (TLS) 1.0\Secure Sockets Layer (SSL) authentication and encryption, but the subject name on the certificate is invalid. %1 The SHA1 hash of the certificate is in the event data. Therefore, the default certificate will be used by the terminal server for authentication. To resolve this issue, make sure that template used to create this certificate is configured to use DNS name as subject name . A new template-based certificate to be used by the terminal server for Transport Layer Security (TLS) 1.0\Secure Sockets Layer (SSL) authentication and encryption has been installed. The name for this certificate is %1. The SHA1 hash of the certificate is provided in the event data. The terminal server cannot install a new template-based certificate to be used for Transport Layer Security (TLS) 1.0\Secure Sockets Layer (SSL) authentication and encryption. The following error occured: %1. The template-based certificate that is being used by the terminal server for Transport Layer Security (TLS) 1.0\Secure Sockets Layer (SSL) authentication and encryption has expired and cannot be replaced by the terminal server. The following error occurred: %1. The certificate issued by the Remote Desktop license server to the Remote Desktop Session Host server is not valid. The license server will not issue Terminal Services client access licenses to clients connecting to the Remote Desktop Session Host server. To resolve this issue, delete the certificate on the Remote Desktop Session Host server and then restart the Remote Desktop Services service.

1063

Microsoft-WindowsTerminalServicesRemoteConnectionManager Microsoft-WindowsTerminalServicesRemoteConnectionManager Microsoft-WindowsTerminalServicesRemoteConnectionManager Microsoft-WindowsTerminalServicesRemoteConnectionManager

1064

1065

1133

Remote Desktop License Server Discovery

Published: January 8, 2010 Applies To: Windows Server 2008 R2 An RD Session Host server must be able to contact a Remote Desktop license server to request Remote Desktop Services client access licenses (RDS CALs) for users or computing devices that are connecting to the RD Session Host server.

Events
Event ID 1128

Source Microsoft-Windows-TerminalServicesRemoteConnectionManager

Message The RD Licensing grace period has expired and the service has not registered with a license server with installed licenses. A RD Licensing server is required for continuous operation. A Remote Desktop Session Host server can operate without a license server for 120 days after initial start up. The RD Licensing grace period is about to expire on %1 and the service has not registered with a license server with installed licenses. A RD Licensing server is required for continuous operation. A Remote Desktop Session Host server can operate without a license server for 120 days after initial start up.

1129

Microsoft-Windows-TerminalServicesRemoteConnectionManager

RD Connection Broker Communication

Published: January 8, 2010 Applies To: Windows Server 2008 R2 Remote Desktop Connection Broker (RD Connection Broker), formerly Terminal Services Session Broker, is a Remote Desktop Services role service in Windows Server 2008 R2 that supports session load balancing between RD Session Host servers in a farm, connections to virtual desktops, and reconnection to an existing session in a loadbalanced RD Session Host server farm. For RD Connection Broker to work properly, the RD Session Host server must be able to communicate with the RD Connection Broker server across the network.

Events
Event ID 1013

Source Microsoft-WindowsTerminalServicesSessionBroker-Client Microsoft-WindowsTerminalServicesSessionBroker-Client Microsoft-WindowsTerminalServicesSessionBroker-Client Microsoft-WindowsTerminalServicesSessionBroker-Client Microsoft-WindowsTerminalServicesSessionBroker-Client Microsoft-WindowsTerminalServicesSessionBroker-Client Microsoft-WindowsTerminalServicesSessionBroker-Client

Message The server failed to retrieve the local computer netbios name. HRESULT = %1 The server failed to retrieve the local computer FQDN. HRESULT = %1 This Remote Desktop Session Host server cannot participate in RD Connection Broker load balancing because the server is configured to use a Microsoft Windows Server 2003-based Session Directory server %1. The Session Directory feature in Windows Server 2003 does not support Remote Desktop Connection Broker load balancing. Remote Desktop Services failed to join the Connection Broker on server %1. HRESULT = %2 Remote Desktop Services successfully joined a farm on the Connection Broker server %1.

1014

1015

1280

1281

1282

Remote Desktop Services failed while leaving the Connection Broker on server %1. HRESULT = %2 Remote Desktop Services successfully left a farm on the Connection Broker server %1.

1283

1284

Microsoft-WindowsTerminalServicesSessionBroker-Client Microsoft-WindowsTerminalServicesSessionBroker-Client Microsoft-WindowsTerminalServicesSessionBroker-Client Microsoft-WindowsTerminalServicesSessionBroker-Client Microsoft-WindowsTerminalServicesSessionBroker-Client Microsoft-WindowsTerminalServicesSessionBroker-Client Microsoft-WindowsTerminalServicesSessionBroker-Client Microsoft-WindowsTerminalServicesSessionBroker-Client Microsoft-WindowsTerminalServicesSessionBroker-Client Microsoft-WindowsTerminalServicesSessionBroker-Client Microsoft-WindowsTerminalServicesSessionBroker-Client Microsoft-WindowsTerminalServicesSessionBroker-Client

Remote Desktop Connection Broker Client failed to initialize while joining the Connection Broker on server %1. HRESULT = %2 Remote Desktop Connection Broker Client failed while getting redirection packet from Connection Broker. User : %1\%2 HRESULT = %3 Remote Desktop Connection Broker Client successfully received redirection packet from Connection Broker. User : %1\%2 Remote Desktop Connection Broker on server %1 failed to repopulate sessions. HRESULT = %2 Remote Desktop Connection Broker on server %1 returned error on %2 notification. Session Id : %3 HRESULT = %4 Remote Desktop Connection Broker Client rejected a call from an unauthorized ip address %1. HRESULT = %2 Remote Desktop Connection Broker Client received request for redirection. User : %1\%2 RDP Client Version : %3 %2 existing sessions were successfully repopulated on Remote Desktop Connection Broker server (%1).

1296

1297

1298

1299

1300

1301

1302

1303

Remote Desktop Connection Broker on server %1 failed to get Cluster credentials. HRESULT = %2 Remote Desktop Connection Broker client successfully retrieved Cluster credentials from Connection broker (%1).

1304

1306

Remote Desktop Connection Broker Client failed to redirect the user %1\%2. HRESULT = %3 Remote Desktop Connection Broker Client successfully redirected the user %1\%2 to the endpoint %3. Ip Address of the end point = %4

1307

1308

Microsoft-WindowsTerminalServicesSessionBroker-Client

User %1\%2 will be logged on to the local redirector machine (assuming TS Farm scenario). Sending local IP address to the client in the redirection packet.

Remote Desktop Services Availability

Published: January 8, 2010 Applies To: Windows Server 2008 R2 The Remote Desktop Session Host role service relies on the Remote Desktop Services service to be running in order to accept remote connections. Remote Desktop also relies on the Remote Desktop Services service in order to support remote connections for administrative purposes.

Events
Event ID 16 17 18 19

Source Microsoft-Windows-TerminalServicesLocalSessionManager Microsoft-Windows-TerminalServicesLocalSessionManager Microsoft-Windows-TerminalServicesLocalSessionManager Microsoft-Windows-TerminalServicesLocalSessionManager Microsoft-Windows-TerminalServicesLocalSessionManager Microsoft-Windows-TerminalServicesLocalSessionManager

Message Local Multi-User session manager failed to start. The relevant status code was %1. Remote Desktop Service start failed. The relevant status code was %1. Remote Desktop Service is shutdown for unknown reason. Will recover in one minute. Registering with Service Control Manager to monitor Remote Desktop Service status failed with %1, retry in ten minutes. Attempt to send %1 message to Windows video subsystem failed. The relevant status code was %2. Remote Desktop Services: Session logon succeeded: User: %1 Session ID: %2 Source Network Address: %3

20

21

22

Microsoft-Windows-TerminalServicesLocalSessionManager

Remote Desktop Services: Shell start notification received: User: %1 Session ID: %2

Source Network Address: %3 23 Microsoft-Windows-TerminalServicesLocalSessionManager Remote Desktop Services: Session logoff succeeded: User: %1 Session ID: %2 24 Microsoft-Windows-TerminalServicesLocalSessionManager Remote Desktop Services: Session has been disconnected: User: %1 Session ID: %2 Source Network Address: %3 25 Microsoft-Windows-TerminalServicesLocalSessionManager Remote Desktop Services: Session reconnection succeeded: User: %1 Session ID: %2 Source Network Address: %3 1100 Microsoft-Windows-TerminalServicesLocalSessionManager Microsoft-Windows-TerminalServicesLocalSessionManager Attempt to send %1 message to Windows video subsystem failed. The relevant status code was %2 Remote Desktop Services: Session logon succeeded: User: %1 Session ID: %2 Source Network Address: %3 1102 Microsoft-Windows-TerminalServicesLocalSessionManager Remote Desktop Services: Shell start notification received: User: %1 Session ID: %2 Source Network Address: %3 1103 Microsoft-Windows-TerminalServicesLocalSessionManager Remote Desktop Services: Session logoff succeeded: User: %1 Session ID: %2 1104 Microsoft-Windows-TerminalServicesLocalSessionManager Remote Desktop Services: Session has been disconnected: User: %1 Session ID: %2 Source Network Address: %3 1105 Microsoft-Windows-TerminalServicesLocalSessionManager Remote Desktop Services: Session reconnection succeeded:

1101

User: %1 Session ID: %2 Source Network Address: %3

Remote Desktop Services Client Access License (RDS CAL) Availability

Published: January 8, 2010 Applies To: Windows Server 2008 R2 An RD Session Host server must be able to contact a Remote Desktop license server to request Remote Desktop Services client access licenses (RDS CALs) for users or computing devices that are connecting to the RD Session Host server. In addition, the Remote Desktop licensing mode configured on an RD Session Host server must match the type of RDS CALs available on the license server.

Events
Event ID 1003 1004

Source Microsoft-Windows-TerminalServicesRemoteConnectionManager Microsoft-Windows-TerminalServicesRemoteConnectionManager

Message The remote desktop client '%1' has provided an invalid license. The Remote Desktop Session Host server cannot issue a client license. It was unable to issue the license due to a changed (mismatched) client license, insufficient memory, or an internal error. Further details for this problem may have been reported at the client's computer. The remote session could not be established from remote desktop client %1 because its temporary license has expired. The remote session could not be established from remote desktop client %1 because its license could not be renewed. The Remote Desktop Session Host server cannot communicate with the Remote Desktop license server %1. Ensure that the computer account for the Remote Desktop Session Host server is a member of the Terminal Server Computers group on the license server. Remote Desktop Session Host server was unable to retrieve users Licensing information from AD. Error %1 The RD Licensing mode has not been configured. The RD Licensing grace period has expired and Licensing mode for the Remote Desktop Session Host server

1011

Microsoft-Windows-TerminalServicesRemoteConnectionManager Microsoft-Windows-TerminalServicesRemoteConnectionManager Microsoft-Windows-TerminalServicesRemoteConnectionManager

1028

1043

1061 1068 1069

Microsoft-Windows-TerminalServicesRemoteConnectionManager Microsoft-Windows-TerminalServicesRemoteConnectionManager Microsoft-Windows-TerminalServices-

RemoteConnectionManager

has not been configured. Licensing mode must be configured for continuous operation.

Remote Desktop
2010 8: : Windows Server 2008 R2 RD RD RD . , , . RD. , , , RD RD.

256 257 1006 1012 1041 1067 1070

Microsoft-Windows-TerminalServicesRemoteConnectionManager Microsoft-Windows-TerminalServicesRemoteConnectionManager Microsoft-Windows-TerminalServicesRemoteConnectionManager Microsoft-Windows-TerminalServicesRemoteConnectionManager Microsoft-Windows-TerminalServicesRemoteConnectionManager Microsoft-Windows-TerminalServicesRemoteConnectionManager Microsoft-Windows-TerminalServicesRemoteConnectionManager Microsoft-Windows-TerminalServicesRemoteConnectionManager Microsoft-Windows-TerminalServicesRemoteConnectionManager Autoreconnect "TERMSRV" . 1% . . (% 1) . 1 %: . , . . . . , . , chglogon . . 1% . .

1071

1130

1131

Microsoft-Windows-TerminalServicesRemoteConnectionManager

1% , ,

. -WINS -DNS.

Remote Desktop

Remote Desktop Session Host Listener Availability

Published: January 8, 2010 Applies To: Windows Server 2008 R2 The listener component runs on the RD Session Host server and is responsible for listening for and accepting new Remote Desktop Protocol (RDP) client connections, thereby allowing users to establish new remote sessions on the RD Session Host server. There is a listener for each Remote Desktop Services connection that exists on the RD Session Host server. Connections can be created and configured by using the Remote Desktop Session Host Configuration tool.

Events
Event ID 258 259 260 261 262 1022 1024

Source Microsoft-Windows-TerminalServicesRemoteConnectionManager Microsoft-Windows-TerminalServicesRemoteConnectionManager Microsoft-Windows-TerminalServicesRemoteConnectionManager Microsoft-Windows-TerminalServicesRemoteConnectionManager Microsoft-Windows-TerminalServicesRemoteConnectionManager Microsoft-Windows-TerminalServicesRemoteConnectionManager Microsoft-Windows-TerminalServicesRemoteConnectionManager Microsoft-Windows-TerminalServicesRemoteConnectionManager Microsoft-Windows-TerminalServicesRemoteConnectionManager

Message Listener %1 has started listening Listener %1 has stopped listening Listener %1 failed while listening. Error code %2 Listener %1 received a connection Listener %1 has been asked to stop listening TermService clustering failed to redirect a client to an alternate clustered server, ntstatus=%1. TermService clustering failed to initialize because the Session Directory Provider failed to initialize, hresult=%1. Terminal Server listener stack was down. The relevant status code %1. Terminal Server session creation failed. The relevant status code was %1.

1035 1036

1066 1132

Microsoft-Windows-TerminalServicesRemoteConnectionManager Microsoft-Windows-TerminalServicesRemoteConnectionManager Microsoft-Windows-TerminalServicesRemoteConnectionManager Microsoft-Windows-TerminalServicesRemoteConnectionManager

Terminal Server was unable to process session arbitration request. Error %1 The Remote Desktop license server %1 does not support the version of the operating system running on the Remote Desktop Session Host server. Terminal Server role is not installed. Remote Desktop Services: Remote control session initiated: %1 initiated a remote control session: User: %2 Domain: %3

1136 1146

1147

Microsoft-Windows-TerminalServicesRemoteConnectionManager

Remote Desktop Services: Remote control session connection succeeded: %1 initiated a remote control session: User: %2 Domain: %3

1148

Microsoft-Windows-TerminalServicesRemoteConnectionManager

Remote Desktop Services: Remote control session connection failed: %1 initiated a remote control session: User: %2 Domain: %3

1149

Microsoft-Windows-TerminalServicesRemoteConnectionManager

Remote Desktop Services: User authentication succeeded: User: %1 Domain: %2 Source Network Address: %3

1150

Microsoft-Windows-TerminalServicesRemoteConnectionManager

Remote Desktop Services: User config data have been merged: User: %1 Domain: %2 Source Network Address: %3

Remote Desktop Session Host User Configuration

Published: January 8, 2010 Applies To: Windows Server 2008 R2

The properties of a user account can be configured to provide a Remote Desktop Services-specific profile and home folder. This profile and home folder will only be used when a user establishes a remote session with an RD Session Host server. A separate profile for RD Session Host sessions should be assigned to a user because many of the common options that are stored in profiles, such as screen savers and animated menu affects, are not desirable when using Remote Desktop Services.

Events
Event ID 1046

Source Microsoft-Windows-TerminalServicesRemoteConnectionManager Microsoft-Windows-TerminalServicesRemoteConnectionManager

Message Failed to load Terminal Server Profile path. Note that the profile path must be less than 256 characters in length. User Name: %1 Domain: %2 The Terminal Services User Home Directory was not set because the path specified does not exist or not accessible. The default Home Directory Path was used instead. User Name: %1 Domain: %2

1060

RemoteApp and Desktop Connection Configuration

Published: January 8, 2010 Applies To: Windows Server 2008 R2 RemoteApp and Desktop Connection is configured by using the Control Panel.

Events
Event ID 1000

Source Microsoft-Windows-RemoteApp and Desktop Connections

Message An error occurred. Contact your workplace administrator for assistance. Connection name: %1 Connection URL: %2 Error code: %3, %4

1001

Microsoft-Windows-RemoteApp and Desktop Connections

An error occurred. Contact your workplace administrator for assistance. Connection name: %1 Connection URL: %2 Error code: %3, %4

1002

Microsoft-Windows-RemoteApp and Desktop

Windows cannot find the remote computer that contains the connection.

Connections Make sure that: %t- You typed the correct connection URL %t- Your computer can connect to the internet Connection name: %1 Connection URL: %2 Error code: %3, %4 1003 Microsoft-Windows-RemoteApp and Desktop Connections Windows cannot find the remote computer that contains the connection. Make sure that: %t- You typed the correct connection URL %t- Your computer can connect to the internet Connection name: %1 Connection URL: %2 Error code: %3, %4 1004 Microsoft-Windows-RemoteApp and Desktop Connections The URL you typed does not have a connection. Make sure that: %t- You typed the correct connection URL Connection name: %1 Connection URL: %2 Error code: %3, %4 1005 Microsoft-Windows-RemoteApp and Desktop Connections The URL you typed does not have a connection. Make sure that: %t- You typed the correct connection URL Connection name: %1 Connection URL: %2 Error code: %3, %4 1006 Microsoft-Windows-RemoteApp and Desktop Connections The connection update timed out. Connection name: %1 Connection URL: %2 Error code: %3, %4

1007

Microsoft-Windows-RemoteApp and Desktop Connections

The connection update timed out. Connection name: %1 Connection URL: %2 Error code: %3, %4

1008

Microsoft-Windows-RemoteApp and Desktop Connections

Some available resources could not be downloaded. Resources available: %5 Resources downloaded: %6 Resources not downloaded: %7 Contact your workplace administrator for assistance. Connection name: %1 Connection URL: %2 Error code: %3, %4

1009

Microsoft-Windows-RemoteApp and Desktop Connections

Some available resources could not be downloaded. Resources available: %5 Resources downloaded: %6 Resources not downloaded: %7 Contact your workplace administrator for assistance. Connection name: %1 Connection URL: %2 Error code: %3, %4

1010

Microsoft-Windows-RemoteApp and Desktop Connections

There are currently no resources available in this connection. Your workplace administrator might not have published any programs or desktops for you to access. In the future, use RemoteApp and Desktop Connections in Control Panel to check for updates to this connection. Connection name: %1 Connection URL: %2 Error code: %3, %4

1011

Microsoft-Windows-RemoteApp and Desktop Connections

There are currently no resources available in this connection. Your workplace administrator might not have published any programs or desktops for you to access. In the future, use RemoteApp and Desktop Connections in Control Panel to check for updates to this

connection. Connection name: %1 Connection URL: %2 Error code: %3, %4 1012 Microsoft-Windows-RemoteApp and Desktop Connections There is a problem with this connection's security certificate. The remote computer cannot be authenticated due to problems with its security certificate. Security certificate problems might indicate an attempt to fool you or intercept data you send to the remote computer. Windows cannot continue setting up this connection. Contact your workplace administrator for assistance. Connection name: %1 Connection URL: %2 Error code: %3, %4 1013 Microsoft-Windows-RemoteApp and Desktop Connections There is a problem with this connection's security certificate. The remote computer cannot be authenticated due to problems with its security certificate. Security certificate problems might indicate an attempt to fool you or intercept data you send to the remote computer. Windows cannot continue setting up this connection. Contact your workplace administrator for assistance. Connection name: %1 Connection URL: %2 Error code: %3, %4 1014 Microsoft-Windows-RemoteApp and Desktop Connections The credentials that were used to connect to %1 did not work. Connection name: %1 Connection URL: %2 Error code: %3, %4" 1015 Microsoft-Windows-RemoteApp and Desktop Connections The credentials that were used to connect to %1 did not work. Connection name: %1 Connection URL: %2 Error code: %3, %4"

1016

Microsoft-Windows-RemoteApp and Desktop Connections

An update to this connection is already in progress. Please try again later. Connection name: %1 Connection URL: %2 Error code: %3, %4

1017

Microsoft-Windows-RemoteApp and Desktop Connections

The following resource could not be downloaded: %5 Make sure that: %t- The file exists on the remote computer %t- Your computer has the client software to use this resource %t- Your computer can connect to the Internet %t- You typed the correct connection URL Connection name: %1 Connection URL: %2 Error code: %3, %4

1018

Microsoft-Windows-RemoteApp and Desktop Connections

The following resource could not be downloaded: %5 Make sure that: %t- The file exists on the remote computer %t- Your computer has the client software to use this resource %t- Your computer can connect to the Internet %t- You typed the correct connection URL Connection name: %1 Connection URL: %2 Error code: %3, %4

1019

Microsoft-Windows-RemoteApp and Desktop Connections

You have successfully set up the following connection: Connection name: %1

Connection URL: %2 1020 Microsoft-Windows-RemoteApp and Desktop Connections The connection has been successfully removed: Connection name: %1 Connection URL: %2