Thursday, October 20, 2016

No more temporary profiles with User Profile Disks!

Looks like Microsoft has finally found a solution to the issue of RDS User Profile Disks failing to dismount from Session Host servers properly, causing temporary profile issues the next time you launch an app. A fix is available in the October 2016 Preview of Monthly Quality Rollup for Windows 8.1 and Windows Server 2012 R2. Because this is the preview, it should only be installed on test servers for the time being, but should be ready and released for production next month!

Wednesday, June 8, 2016

Directory Synchronization to Office 365 w/ Azure Active Directory Connect

Hello everyone! It's been a while - sorry about that. Life has been extremely busy for me the past couple months and I haven't posted in some time. Something that has been reaffirmed to me lately is the fact that life, just like IT, is constantly changing. Since my last post, I've left my old employer (along with almost a dozen of my old co-workers), an organization that had an "old school" mentality in regards to IT.

I'm now with an organization that is much more forward-thinking in regards to embracing cloud technologies, automation, and scripting. Interestingly enough, my title has transitioned from Senior Cloud Analyst to the much more common Senior Systems Engineer, and yet, I'm doing more with the Cloud in this role than the former. How ironic.

My wife and I are also expecting the arrival of our third child in the next several days. Much time has been spent over the past months and weeks preparing for this huge life event once again. My two children can't wait to meet the new baby, especially my son as he is ready to become a "big brother" at long last.

Transitioning to a new job and preparing for a new child - that pretty much explains where my time has been sunk for the past two months. As I step back into blogging, I wanted to write a post about cloud technologies that I'm now working with, particularly Office 365. I inherited a partially working directory synchronization setup that I've been working to fix. In order to better understand the process and what's happening, I wanted to start from scratch and build from the ground up.

The architecture of directory sync to Azure AD - graphic courtesy of Microsoft.
Thankfully, Microsoft offers a free 30-day trial of Office 365 that's perfect for a home lab environment. I'll be demonstrating how to use the Azure Active Directory Connect (AAD Connect from this point forward) tool to synchronize your on-premise Active Directory with Office 365. As usual with my guides, this post will be screenshot heavy - you've been forewarned!

Wednesday, April 6, 2016

Fixing a Corrupt Session Collection

The Problem

Occasionally you may run into an issue where you cannot perform certain actions within RDS. For example, attempting to add a new Session Host to a collection will fail with an error stating that the properties could not be distributed to all session hosts. I've also witnessed this error when attempting to modify the settings of a Session Collection, in which case an error message is received stating the following - “Could not set the appropriate properties on the servers. Ensure that all servers are available on the network, and the properties are not managed by Group Policy.”

Error message when attempting to modify a Session Collection
Error message when attempting to modify a Session Collection
This occurs when a Session Collection becomes corrupted for some reason. If you find yourself in this situation, you can use some pseudo-hidden PowerShell commands to find and fix the corrupt Session Collection.

Thursday, February 25, 2016

Troubleshooting timeouts in the RDS console when setting a User Profile Disk path

Ran into this fun one the other week. When attempting to change the location of the User Profile Disk share on a collection, the operation times out, and some session hosts in the collection grab UPD’s from the new UNC path, while some session hosts grab UPD’s from the old UNC path. This occurred on a session collection with a larger number of session host servers (15+).

Receiving a timeout error when attempting to set a new UPD path
Receiving a timeout error when attempting to set a new UPD path

In order to fix this and get all session host servers pointed at the same UNC path, on the session host servers that are still pointed to the old UNC share, open regedit and browse to HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\ClusterSettings. Modify the string value UvhdShareUrl and change it to the correct UNC path.
Modifying the UvhdShareUrl registry entry
Modifying the UvhdShareUrl registry entry
That's all there is to it. The session host servers do not need to be rebooted or any services reset. The new profile path will begin being used as users launch new sessions to the servers.

Wednesday, February 24, 2016

Windows Management Framework 5.0 Released (again)

Microsoft has now republished Windows Management Framework (WMF) 5.0 to the Microsoft Download Center. WMF 5.0, which includes PowerShell 5.0 and improvements to PowerShell Desired State Configuration, was previously released but then pulled due to a bug with correctly loading the PSModulePath variable.

I've been looking forward to WMF 5.0 being released for some time now. With each release, Microsoft had added new features, and this release is no different. PackageManagement and PowerShellGet are great new features, and should change the way we load software and PowerShell modules on our systems. I'm hoping Desired State Configuration will start to take off in the enterprise, especially with the addition of partial configurations.

WMF 5.0 is available for Windows Server 2012 R2, 2012, 2008 R2, Windows 8.1 and Windows 7 SP1. Make sure you do your due diligence and test the download before moving to production systems -

Monday, January 18, 2016

The Remote Desktop Management service fails to start on RDS 2012 R2 Connection Broker

After rebooting the RD Connection Broker or attempting to restart services, the RDS Management service fails to start. An error is logged in the System event log such as follows:

The Remote Desktop Management service terminated with the following service-specific error:

This can occur if the SQL database in a Highly-Available deployment is unavailable. Ensure the SQL server is up, the database is available and the SQL server can be contacted.

Thursday, December 17, 2015

Creating a Hyper-V Guest Cluster using SCVMM - Part 2

In part one of the series, we went over creating a Service Template using System Center Virtual Machine Manager for the purpose of creating a virtual guest cluster using Shared VHDX. In part two, we'll be going over provisioning the virtual servers from the Service Template. This process will create two virtual servers based on the settings we specified in the Service Template. When we are complete, you'll have two fully functional virtual servers utilizing Shared VHDX files, that you can then use to create a failover cluster.

Deploying The Service

Now that the Service Template has been created, you’ll want to deploy the new service. This process will provision the virtual machines specified in the Service Template. In SCVMM, right-click the Service Template and select Configure Deployment.

Give the Service a name (the name of the cluster works well) and specify where to deploy the service. Then click OK.

Tuesday, December 15, 2015

Improved Remote Desktop Connection Broker Performance with Windows Server 2016 and Windows Server 2012 R2 Hotfix (KB3091411)

Microsoft recently released a new hotfix for the RD Connection Broker role in Server 2012 R2 that significantly increases performance when brokering connections. It changes some of the algorithms that the Connection Broker role uses to process redirection requests, as well as modifies how the broker talks to the SQL database in an HA mode deployment.

At the recommendation of one of Microsoft's Premier Field Engineers, I installed this hotfix in my test RDS environment a few days ago, and have not run into any issues so far.

From the article for KB3091411:

This hotfix contains the following improvements:
  • Improves the number of successful user connections when many user connections are coming in (especially in peak logon periods).
  • Decreases CPU usage on SQL Server that's used in a High Availability-based Connection Broker deployment.
  • Optimizes the number of SQL calls that are invoked by Connection Broker when it processes RD user connections.
This hotfix improves the overall performance of the Connection Broker by being able to scale more user connections that typically occur during peak logon periods. 
This hotfix applies to both RD Session Host and Virtual Desktop Infrastructure (VDI)-based deployments.

The announcement on MSDN includes some additional metrics to help quantify some of the performance improvements:

Logon Storm
100% connection success with initial burst of 100 connections at a rate of 2 connections per second
0.2 second average connection time through RD Connection Broker, down from over a minute 
RDSH Add/Restart
100% success adding/restarting servers at rate of 1 server per second with 5 sessions per server
2 second average add/restart time, down from over thirty minutes 
MSTSC End to End
100% connection success at a rate of 100 connections per minute
25 second average connection time, down from over seven minutes
Link to the MSDN announcement -

Link to KB3091411 for Windows Server 2012 R2 -

Wednesday, December 9, 2015

Creating a Hyper-V Guest Cluster using SCVMM - Part 1

One of the really cool features that was added to Hyper-V in Windows Server 2012 R2 is something called Shared VHDX. Basically, this feature allows you to share a VHDX file between multiple guest VM's. With this, you can create a failover cluster between the guest VM's, using the Shared VHDX file as your shared storage for the cluster.

There are many great guides and articles out on the Internet for how to setup a Shared VHDX for your Hyper-V guests. Some even go so far as showing how to setup the failover cluster once the Shared VHDX is in place. However, most of these guides and blogs describe how to set this up using only Failover Cluster Manager.

If you have a larger Hyper-V implementation and are using System Center Virtual Machine Manager to help manage your Hyper-V environment, there is a caveat you need to be aware of when using Shared VHDX. If you setup a Shared VHDX outside of SCVMM, you'll be unable to use SCVMM to manage your guest VM's, as SCVMM will throw error 23317 anytime you try to modify the properties of the guest VM's.

SCVMM Error 23317 when using Shared VHDX
SCVMM Error 23317 when using Shared VHDX
Of the blog posts that mention this error, the common solution is to make your changes using PowerShell instead. While this is certainly valid, it's not always practical depending on the change you wish to make. There must be a better way...

And there is! Service Templates allow you to define an entire “service” that could consist of multiple servers and multiple tiers of servers (i.e. database tier, application tier, webserver tier, etc.). Using the SCVMM services functionality, we can create our guest cluster and Shared VHDX from directly within SCVMM, rather than using Failover Cluster Manager. Once we do this, SCVMM is now fully aware of the Shared VHDX and can continue to manage the VM's like normal.

Saturday, November 28, 2015

Finding users who still have the RDP 7.1 client

As an RDS administrator, one of the frequent problems I deal with is the fact that users have difficulty launching an RDS RemoteApp from home. Maybe they receive an error message, maybe single sign-on isn't working to a pooled desktop collection, or possibly a RemoteApp launches, but there is display corruption of some sort.

An extremely common problem I see is that many users with Windows 7 at home have not read our instructions and installed the RDP 8.1 client. Microsoft was able to add some pretty cool functionality and fix a ton of bugs with the RDP 8.1 client - at this point, it's basically a must-have piece of software for RDS administrators. If a user if having an RDS issue and they don't have the RDP 8.1 client, that's the first thing I recommend installing.

The challenge is how to determine when a user is still using the RDP 7.1 client, especially in remote access scenarios where you can't look at their PC or run a report using SCCM. I've found one place in the RDS logs where you can grab this information and I'll be showing a couple of different methods on how to easily search out and grab that info.