In this chapter, we will cover the following topics:
Scripting a command-line installation of the RD License Server
Configuring the RD License Server
Scripting a command-line installation of the RD Session Host
Configuring the RD Session Host
Configuring RDS settings with Microsoft Group Policies
Revoking RDS Device CALs with RD License Manager
Creating RDS Per User CALs reports
Using the Licensing Diagnosis snap-in for RD Session Hosts
Troubleshooting RD License Server discovery
Troubleshooting RD License Issuance
Rebuilding the RD License Database
Recovering your RDS CALs to a new RD License Server
A Citrix XenApp (CXA) infrastructure consists of many components to ensure that its users can start a published desktop or an application. One of the core components in the infrastructure is the Remote Desktop Services (RDS) role that can be installed on a Windows Server, allowing multiple and simultaneous desktop sessions to run on one Windows Server. This chapter offers a number of tips and tricks to manage, monitor, and troubleshoot the RDS Windows server role within the XenApp infrastructure.

The Citrix® XenApp infrastructure relies on two important Remote Desktop role services—the Remote Desktop (RD) License Server, which manages the RDS Client Access Licenses (CALs) that are required to start a Remote Desktop session on a Windows Server and the Remote Desktop (RD) Session Host that actually runs the user sessions on the Windows Server.
This recipe will show you how to build an unattended installation for the RD License Server by using command-line instructions. In this way, you can create an unattended installation sequence for your XenApp infrastructure deployment.
To install the RD Licensing Role Service you need to install and set up a new Windows Server 2008 R2 server or add the Windows Role Service to an existing server.
To build an unattended installation for the RD License Server, you can use the servermanagercmd.exe
command to add the Windows Role Service to the server.
To add the RD License Server service to a Windows server, follow this step:
Run the following command line on a Windows Server 2008 R2 server:
servermanagercmd.exe –install RDS-Licensing -logPath C:\logs\log.txt -restart
When you run the servermanagercmd.exe
command, the following message is shown:
Servermanagercmd is deprecated and not guaranteed to be supported in future releases of Windows. We recommend that you use the Windows PowerShell cmdlets that are available for Server Manager.
Even though it might no longer be supported in future releases, it still works with Windows Server 2008 R2 to create an unattended installation to add Windows features, roles, or services to Windows Server 2008 R2. You can run the servermanagercmd.exe
command with various parameters.
To check the installed roles and features on a Windows Server 2008 R2 server, you can use the following command line:
servermanagercmd -query [<query.xml>] [-logPath <log.txt>]
Windows Server 2008 R2 uses the following parameters:
-query
: This specifies an optional XML file used to save the results of the query-logPath
: This specifies an optional log file other than the%windir%\temp\servermanager.log
path used by default
When you want to change the installed roles and features on a Windows Server 2008 R2 server, you can add the following parameters to the servermanagercmd
command:
servermanagercmd [-install|-remove] <Id> [-allSubFeatures] [-resultPath <result.xml>] [-restart] [-whatIf] [-logPath <log.txt>]
This command uses the following parameters:
-install
: This installs the specified role, role service, or feature on the Windows Server-remove
: This removes the specified role, role service, or feature from the Windows Server-resultPath
: This specifies the XML file that saves the results of the command-logPath
: This specifies an optional log file other than the%windir%\temp\servermanager.log
file used by default
You can read more about servermanagercmd.exe
on Microsoft TechNet: http://technet.microsoft.com/en-us/library/ee344834(v=ws.10).aspx.
If you are not comfortable using a deprecated command or if you want to use a method that will be supported in future Windows server releases, you can also use Windows PowerShell to install the required Windows Server 2008 R2 roles and features. Windows PowerShell 2.0 is installed by default on the server. The following PowerShell commands will install the RD Licensing Role Service on the server:
Import-Module ServerManager Add-WindowsFeature –Name RDS-Licensing –LogPath <log.txt> -Restart
You can read more about the Add-WindowsFeature PowerShell cmdlet on Microsoft TechNet: http://technet.microsoft.com/en-us/library/ee662309.aspx.
This recipe will show you how to configure the RD License Server by using Windows PowerShell scripts to create an unattended installation for the configuration of your XenApp infrastructure.
In order to configure the RD Licensing Role Service, you need to have the RD License Server installed. You can use the unattended installation directions in the previous recipe for installing the RD License Server.
To run the provided PowerShell commands, the default execution mode for PowerShell scripting needs to be changed so that the commands can be run on the server. You can change the PowerShell execution mode from Restricted
to RemoteSigned
with the following PowerShell command:
Set-ExecutionPolicy RemoteSigned -Force
To configure the RD License Server through command-line tools and/or scripts and build an unattended configuration script, follow these steps:
Run the following Windows PowerShell script to configure the RD License Server:
# Import the RDS PowerShell module Import-Module RemoteDesktopServices # Navigate to the RDS Provider for Windows PowerShell Set-Location RDS: # Navigate to the RD License Server configuration cd RDS:\LicenseServer\Configuration # Config required info fields for the activation process Set-Item –Path .\FirstName -Value Test Set-Item –Path .\LastName -Value User Set-Item -Path .\Company -Value CBlab Set-Item -Path .\CountryRegion -Value "Netherlands, The" # Optional info can be configured with the following lines Set-Item -Path .\eMail -Value <Email> Set-Item -Path .\OrgUnit –Value <OU> Set-Item -Path .\Address –Value <Address> Set-Item -Path .\City –Value <City> Set-Item -Path .\State –Value <State> Set-Item -Path .\PostalCode –Value <PostalCode> # Navigate to the RD License Server configuration cd RDS:\LicenseServer # Activate the RD License Server Set-Item –Path .\ActivationStatus -Value 1 -ConnectionMethod AUTO -Reason 5
Add the purchased RDS CALs by using the provided wizard.
Tip
Using a PowerShell script to automatically add the purchased RDS CALs requires detailed knowledge of the license agreement arrangements with Microsoft and Windows PowerShell only currently supports adding RDS CALs through the automatic connection method. To keep away from adding fraud sensitive information such as your Microsoft agreement number or purchased License keys to commonly available scripts, I recommend adding the RDS CAL packs manually to the configured RD License Server rather than automating these steps in your PowerShell scripts.
When you import the Remote Desktop Services module in Windows PowerShell, the Remote Desktop Services (RDS) provider is also included. This provider enables you to configure RDS settings through Windows PowerShell by allowing you to change the RD License Server and RD Session Host server settings with default PowerShell cmdlets, such as Get-Item
, Set-Item
, New-Item
, and Get-ChildItem
.
To use the RDS provider, you simply need to change your location to the RDS drive by using the following Set-Location
cmdlet:
Set-Location RDS:
To view the current configuration of the RD License Server, use the following Get-ChildItem
cmdlet:
Get-ChildItem .\LicenseServer\Configuration
With the Set-Item
cmdlet, you can change a setting by specifying the location of the configuration item and the new value that has to be set, as shown in the following command line:
Set-Item -Path RDS:\LicenseServer\Configuration\<ConfigItem> -Value <ConfigItemValue>
The Set-Item
cmdlet uses the following parameters:
-Path
: This path specifies the configuration item whose settings need to be changed-Value
: This specifies the new value for the specified configuration item
Activating your RD License Server is also done with the following Set-Item
cmdlet:
Set-Item –Path RDS:\LicenseServer\ActivationStatus -Value <Status> -ConnectionMethod <ConnectionMethod> -Reason <Reason>
The Set-Item
cmdlet uses the following parameters:
-Path
: This path specifies the configuration item whose settings need to be changed.-Value
: This specifies the new value for the specified configuration item. Valid entries forActivationStatus
are1
(Activate) or0
(Deactivate).-ConnectionMethod
: This specifies the connection method used for the activation process. Currently only AUTO is supported for PowerShell cmdlets.-Reason
: This specifies the reason for the activation. Valid entries are0
(server redeployed),4
(server upgraded), and5
(first-time activation).
As mentioned in the How to do it... section, you can use the Set-Item
cmdlet to install the purchased RDS CAL packs. The required parameters for the cmdlet depend upon the used license type and agreement with Microsoft. When you are uncertain about the parameters you will need to provide, use the following Get-Help
cmdlet to find the required parameters and corresponding values:
Get-Help New-Item -Path RDS:\LicenseServer\LicenseKeyPacks -Detailed
The next two examples show you how the required parameters change depending on your license type.
An example of the required parameters for an open license:
New-Item -Path RDS:\LicenseServer\LicenseKeyPacks -ConnectionMethod AUTO -LicenseType OPEN -LicenseNumber 0000000 –AuthorizationNumber 'XXXXXXXXXXXXXXX' -ProductVersion 1 -ProductType 1 -LicenseCount 1
An example of the required parameters for a retail license:
New-Item -Path RDS:\LicenseServer\LicenseKeyPacks -ConnectionMethod AUTO -LicenseType RETAIL -LicCode 'XXXXX-XXXXX-XXXXX-XXXXX-XXXXX'
Note
If you receive a permission denied error when running the PowerShell command, check out the Microsoft Knowledge Base article available at http://support.microsoft.com/kb/2648662/en-us.
Adding RDS CALs normally has to be performed only once during the initial configuration of the RD License Server as scripting this part of the configuration is subjected to the license type used. The manual installation of the CALs takes far less time than developing and testing the required PowerShell commands.
You can read more about the RDS provider for Windows PowerShell at Microsoft TechNet: http://technet.microsoft.com/en-us/library/ee791871(v=WS.10).aspx.
If you are not comfortable running the provided PowerShell script, you can always configure and activate your RD License Server manually by following the instructions from Microsoft TechNet available at http://technet.microsoft.com/en-us/library/cc770368.aspx, and add RDS CAL license packs manually by following the instructions from Microsoft TechNet available at http://technet.microsoft.com/en-us/library/cc770368.aspx.
This recipe will show you how to build an unattended installation for the RD Session Host by using command-line instructions. In this way, you can create an unattended installation sequence for your XenApp infrastructure deployment.
To install the RD Session Host server Role Service, you need to install and set up a new Windows Server 2008 R2 server or add the Role Service to an existing server.
The servermanagercmd.exe
command is explained in detail in the Scripting a command-line installation of the RD License Server recipe.
As an alternative method to the deprecated servermanagercmd.exe
, you can use Windows PowerShell to install the the Windows Role Service. You can use the following PowerShell command to add the RD Session Host Role Service:
Import-Module ServerManager Add-WindowsFeature –Name RDS-RD-Server –LogPath <log.txt> -Restart
This recipe will show you how to configure the Remote Desktop Session Host by using PowerShell scripts to create an unattended installation and configuration for your XenApp infrastructure.
To configure the RD Session Host, you need to have the RD Session Host role installed on a Windows server. You can use the unattended installation directions from the previous recipe for the installation of the RD Session Host.
To run the provided PowerShell commands, you will need to change the default execution mode for PowerShell to a less restrictive mode on the server.
You can change the PowerShell execution mode from Restricted
to RemoteSigned
by running the following PowerShell command:
Set-ExecutionPolicy RemoteSigned -Force
To configure the RD Session Host, perform the following step:
Run the following PowerShell script to configure your RD Session Host:
# Import the RDS PowerShell module Import-Module RemoteDesktopServices # Navigate to the RDS Provider for Windows PowerShell Set-Location RDS: # Set General settings cd RDS:\RDSConfiguration\TempFolderSettings Set-Item -Path .\DeleteTempFolders -Value 1 Set-Item -Path .\UseTempFolders -Value 1 cd RDS:\RDSConfiguration\SessionSettings Set-Item -Path .\SingleSession - Value 1 Set-Item -Path RDS:\RDSConfiguration\UserLogonMode -Value 0 # Set the License Mode: Per User = 4, Per Device =2 cd RDS:\RDSConfiguration\LicensingSettings Set-Item -Path .\LicensingType -Value 2 # Specify the RD License Server by its FQDN New-Item -Path .\SpecifiedLicenseServers -Name CBDC01.cblab.local
These are the basic settings that are required by the XenApp infrastructure. All other settings are focused on the RDP-TCP protocol used by RDS and not the ICA protocol that will be used by the XenApp servers.
How the Remote Desktop Services provider works is explained in the Configuring the RD License Server recipe.
The RD Session Host-specific information can be found by using the following PowerShell command to view the current configuration for the RD Session Host server:
Get-ChildItem .\RDSConfiguration
To set the license mode for the RD Session Host, you can use the following command:
Set-Item -Path RDS:\RDSConfiguration\LicensingSettings\LicensingType -Value <LicenseMode>
The Set-Item
cmdlet uses the following parameters:
-Path
: This path specifies the configuration item whose settings need to be changed.-Value
: This specifies the new value for the specified configuration item. Valid entries for theLicensingType
are2
(per device) or4
(per user).
To specify an RD License Server for the RD Session Host to use, you can use the following New-Item
cmdlet to add the server information:
New-Item -Path RDS:\RDSConfiguration\LicensingSettings\SpecifiedLicenseServers -Name <FQDNLicenseServer>
The New-Item
cmdlet uses the following parameters:
-Name
: This specifies the Fully Qualified Domain Name (FQDN) of the RD License Server
You can read more about the RDS provider for Windows PowerShell at Microsoft TechNet: http://technet.microsoft.com/en-us/library/ee791871(v=WS.10).aspx.
If you are not comfortable with running the provided PowerShell scripts, you can always configure your RD Session Host manually by following the instructions from Microsoft TechNet: http://technet.microsoft.com/nl-nl/library/dd996653(v=ws.10).aspx.
This recipe shows you how to use Microsoft Group Policies to ensure all XenApp servers will have the same Remote Desktop Services settings applied within your infrastructure by applying the settings to your servers from a centrally configured location with Microsoft Group Policies.
To use Microsoft Group Policies and configure the required settings for your XenApp servers, you need to have the Group Policy Management feature installed on Windows Server 2008 R2 and be able to start the Group Policy Management Console on at least one of your servers.
You also need to ensure that the XenApp servers (or at least the RD Session Host servers) are put in their own Organizational Unit (OU) within Active Directory. This ensures you can attach Group Policy Objects (GPOs) with the required Group Policy settings to the server OU in Active Directory.
To configure RDS settings with Group Policies, follow these steps:
Open the Group Policy Management Console by navigating to Start | Run | gpmc.msc.
Select the Active Directory OU that contains the XenApp or RD Session Host servers.
Click on the menu and navigate to Action | Create a GPO in this domain | Link it here....
Enter a clear and explanatory name for your GPO, leave the Source Starter GPO set to none, and click on OK.
Select the newly created GPO.
Click on the menu and navigate to Action | Edit....
Configure your RDS related settings and close Group Policy Management Console when you have finished.
You can find all the RDS-related policy settings for Windows servers by navigating to Computer Configuration | Policies | Administrative Templates | Windows Components | Remote Desktop Services | Remote Desktop Session Host within the Group Policy Editor.
You can configure the following RDS Session Host settings:
These are the basic settings that are required by the XenApp infrastructure to be set. All other policy settings are focused on the RDP-TCP protocol used by Windows Remote Desktop Services and not the ICA protocol that is used by the XenApp servers.
You can read more on All Group Policy Settings for Remote Desktop Services in Windows Server 2008 R2 at Microsoft TechNet: http at //technet.microsoft.com/en-us/library/ee791756(v=ws.10).aspx.
This recipe will show you how to manually revoke RDS Device CALs with the RD License Manager to manage the amount of available RD Licenses in your XenApp infrastructure.
To manage RDS Device CALs, a RD License Server needs to be installed and activated in the XenApp infrastructure. The RD License Server must also be issuing RDS Device CALs to client devices connecting to the RD Session hosts by the RDP protocol. Use the RD License Manager to check whether RDS Device CALs are issued by the RD License Server.
To revoke RDS Device CALs, follow these steps:
Open the RD License Manager by navigating to Start | Run | licmgr.
Double-click on the RD License Server in the right pane.
Double-click on Installed TS or RDS Per Device CALs, as shown in the previous screenshot
Right-click on the Per Device CAL that you want to revoke and select Revoke License.
Click on Yes to confirm the revocation of the CAL.
Click on OK.
The status of the revoked Per Device CAL has now been changed to Revoked.
Each RD Session Host needs to be configured with an RD License Server and the RD licensing mode to run user sessions. The configured RD licensing mode determines the type of RDS CAL that will be requested from the RD License Server. This can either be a Per User or a Per Device RDS CAL.
When a user wants to set up a Remote Desktop session on an RD Session Host, the host will check whether or not a valid RDS CAL is presented and will request an RDS CAL with the RD License Server, if one cannot be provided. The following flowchart provides a (simplified) view of the process followed by the RD Session Host to check and request an RDS Device CAL for the client device:

If the device cannot present an RDS Device CAL, a temporary RDS Device CAL will be issued by the RD License server. If the device presents a temporary or expired RDS Device CAL, a permanent RDS Device CAL will be issued if the RD License Server has RDS Device CALs available. If no RDS Device CALs are available, no permanent RDS Device CAL can be issued and the issued RDS Device CAL is not replaced on the client device. If a valid temporary CAL is available, a Remote Desktop session can still be started; if not, the request is denied, and the Remote Desktop session is denied.
An RD License Server can always issue temporary CALs whether it is activated or not. An unlimited supply of temporary RDS CALs is installed by default on each RD License Server. Temporary RDS CALs are valid for 90 days.
Each permanent RDS CAL issued by the RD License server is automatically configured with an expiry date. This date is a random period of 52 to 89 days from the request date. The expiry date for each RDS CAL is logged by the RD License server to ensure that when the expiry date is reached, the RDS CAL is automatically returned to the pool of available RDS Device CALs on the RD License Server. The returned RDS CAL can be issued immediately to a new device when a CAL is requested.
If by any chance you want to return a RDS Device CAL to the pool of available CALs before it is expired, you can use the RD Licensing Manager to revoke a Per Device CAL.
The revocation of RDS Device CALs is only meant to return issued CALs for devices that are no longer in use and there is no mechanism to dynamically manage your license pool. You are only allowed to revoke up to 20 percent of the CALs within a period of two and a half months.
You can read more about Remote Desktop licensing at Microsoft TechNet at http://technet.microsoft.com/en-us/library/cc772298.aspx.
You can read more about Remote Desktop licensing at Microsoft TechNet at http://technet.microsoft.com/en-us/library/cc772298.aspx.
To keep track of the issued RDS Device CALs and automatically generate reports, you can use the Visual Basic script that is developed and provided on Microsoft's MSDN website to generate RDS Per Device CAL reports. The following screenshot is an example of such a report:

You can download the script and read more about it at Microsoft's MSDN blog at http://blogs.msdn.com/b/rds/archive/2007/08/10/generating-per-device-license-usage-reports-for-ts-license-servers-running-windows-server-2008.aspx.
This recipe will show you how to create RDS User CAL reports from the RD Licensing Manager. Unlike RDS Device CALs, the issued RDS User CALs are not shown in the management console. A report has to be created to get an overview of the issued RDS Per User CALs.
In order to manage your RDS Per User CALs, you need to have an RD License Server installed and activated so that it can issue RDS User CALs. In addition to this, you also need to have RDS Per User CALs installed on your RD License server and have your RD Session Host servers configured for the Per User license mode. This will ensure that your RD Session Host will request a valid Per User RDS CAL to be presented for each user that starts a Remote Desktop session on the server.
You can check whether your RD License server is issuing RDS Per User CALs with the RD Licensing Manager. Unlike the Per Device CALs where all issued licenses are shown in the console, a report has to be generated to get an overview of the issued RDS Per User CALs. Follow these steps to generate the report:
Open the RD License Manager by navigating to Start | Run | licmgr.
Double-click on RD License Server in the right pane.
Check if RDS Per User CALs are installed (shown in the right pane of the previous screenshot).
Right-click on Reports in the left pane and select Create Report | Per User CAL Usage….
Select Entire Domain and click on Create Report.
Click on OK.
Right-click on the newly created report in the Reports overview and select Save As.
Save the report as a Comma Delimited (CSV) file.
You can view the report with either Notepad or Microsoft Excel as shown in the following screenshot:

If you want to automate the generation of the Per User RDS CAL usage reports, you can also run the following PowerShell script:
# Import the RDS PowerShell module Import-Module RemoteDesktopServices # Navigate to the RDS Provider for Windows PowerShell Set-Location RDS: # Generate the Per User CAL report cd RDS:\LicenseServer\IssuedLicenses\PerUserLicenseReports New-Item -Path . -Name PerUser20130707 -Scope DOM # Check report settings Get-ChildItem –Path .\20130707_133613\Win2K8-Win2K8R2 Get-Item –Path .\20130707_133613\Win2K8-Win2K8R2\IssuedLicenses\*

The report name is automatically generated and based on the creation date of the report.
The Scripting a command-line installation of the RD License Server recipe
The Configuring the RD License Server recipe
The Scripting a command-line installation of the RD Session Host recipe
The Configuring the RD Session Host recipe
The Configuring RDS settings with Microsoft Group Policies recipe
This recipe will show you how to use the Licensing Diagnosis snap-in of the RD Session Host Configuration console. This snap-in allows you to check the health of your RD Session Host configuration and the communication with the RD License server.
In order to use the Licensing diagnosis snap-in, you need an installed and configured RD Session Host and an installed and configured RD License server as well. In order to read information on the RD License server with the Licensing Diagnosis snap-in, you also need to run it with a user account that has administrator privileges on the RD License server.
To use the Licensing Diagnosis snap-in, follow these steps:
Open the RD Session Host Configuration console by navigating to Start | Run | tsconfig.msc.
Click on Licensing Diagnosis in the left pane:
Select the RD License server in the Remote Desktop Services License Server Information pane to view more details on the RD License server:
If the Licensing Diagnosis snap-in detects problems reading the RD Session Host configuration or has problems communicating with the RD Licensing Server, it will show clear warnings and/or error messages in the Licensing Diagnosis Information pane.
The Licensing Diagnosis snap-in provides administrators with a quick diagnostic tool to check the configuration of the RD Session Host and the communication to and from the RD License servers. It will also provide clear error and warning messages when problems are detected.
Administrative privileges
To use the Licensing Diagnosis snap-in, it must be executed on the RD Session Host with an account that has local administrator permissions on the host. If your account does not have these permissions, a warning is shown when Licensing Diagnosis is selected in the left pane:

To view the RD License server information, the same account also needs administrative privileges on the RD License server. Without those privileges, the following error will be shown:

It is possible to provide separate credentials in the management console for the RD License server. By selecting the license server in the Remote Desktop Services License Server Information pane, and by selecting Provide Credentials from the Action menu, you can enter the required account information. After providing the right credentials, the RD Licensing server information is shown and no errors are reported.
RD Licensing service not started
When the RD License service is not started, the following error is shown:
License server <LicenseServerName> is not available. This could be caused by network connectivity problems, the RD Licensing service is stopped on the license server, or RD Licensing is no longer installed on the computer...
Make sure the RD Licensing service is started on the RD License server. If it is not started, start the service and refresh the Licensing Diagnosis information to see if the problem is resolved.
You can read more on Licensing Diagnosis problems at the MSDN blog at http://blogs.msdn.com/b/rds/archive/2008/02/01/licensing-diagnosis-problems-and-resolutions.aspx.
This recipe will show you how to troubleshoot the RD License Server discovery.
As of Windows Server 2008 R2, automatic discovery of the RD License Server is no longer supported. To check whether a RD License Server is configured, follow these steps:
Open the Windows registry by navigating to Start | Run | regedit.
Check the content of the following key:
HKLM\SYSTEM\ControlSet001\services\TermService\Parameters\LicenseServers\SpecifiedLicenseServers
If no RD License server is specified, specify the correct server name and retest the RD License Server discovery.
If a RD License server is specified, test whether a connection can be made to the server with Telnet:
telnet <RDLicenseServer> 135
When installing a RD License server, a discovery scope needs to be provided for the server. Previous versions of Windows Server (2000, 2003, and 2008) Terminal Services were able to use a discovery process to automatically find the Terminal Server (TS) License server by checking the Active Directory for specified TS License servers.
This automatic discovery process is no longer supported for the RD Session Host servers running on Windows Server 2008 R2 and later. You are now required to specify a RD License server in the RD Session Host configuration or through Group Policy settings. If errors report that no RD License Server can be found by the RD Session Host, make sure a RD License server is configured through the RD Session Host Configuration console or through Microsoft Group Policy settings. You can check the following registry key for the specified License Server entries:
HKLM\SYSTEM\ControlSet001\services\TermService\Parameters\LicenseServers\SpecifiedLicenseServers
If a RD License Server is specified, make sure the RD Licensing service is running and network connectivity is available between the RD Session Host and the RD License Server. RD Licensing uses Remote Procedure Call (RPC) over TCP port 135 and a dynamically assigned port above 1024. For communication with Microsoft Clearinghouse during activation and the RDS CAL installation process, internet communications over TCP port 443 are required as well.
You can install the Telnet client to check network connectivity on a Windows Server 2008 R2 server by running a command prompt as Administrator and using the following command line:
pkgmgr /iu:"TelnetClient"
This will run the Windows Package Manager and install the Telnet client.
Note
For more information on the port numbers used by Windows services, check Microsoft's Knowledge Base: http://support.microsoft.com/kb/832017 and http://support.microsoft.com/kb/154596.
This recipe will show you how to troubleshoot problems concerning Remote Desktop Licenses being issued to devices or users trying to set up a RD session.
To troubleshoot RD License Issuance, follow these steps:
Open the Event Viewer by navigating to Start | Run | eventvwr.msc.
For RDS Per Device CALs, navigate to Windows Logs | System.
Search for informational events with ID 82.
For RDS Per User CALs, navigate to Applications and Services Logs | Microsoft | Windows | TerminalServices-Licensing | Admin.
Search for informational events with ID 4143.
If no entries are found, RD licenses are not issued.
For troubleshooting purposes, a quick list of common RD Licensing error messages and their recommended solutions are provided in the following table:
ID |
Error message |
Solution |
---|---|---|
17 |
One or more RD Licensing certificates on server "%1" are corrupt. RD Licensing will only issue temporary licenses until the server is reactivated. |
When a RD Licensing server is activated with the automatic connection method, Microsoft Clearinghouse sends the server a digital certificate chain that validates the ownership and identity of the server. On February 26, 2010, a certificate that was part of this digital certificate chain expired and it is flagged as a corrupt certificate by the RD License server. A hotfix is available at Microsoft's Knowledge Base: http://support.microsoft.com/kb/983385. |
20 |
The RD license server "%1" does not have a sufficient number of permanent RDS CALs for product "%3". Only "%2" permanent RDS CALs remain. |
Buy additional RDS CALs of the right type (User/Device) and install them on the RD license server. |
21 |
The RD license server "%1" does not have any remaining permanent RDS CALs of the type "%2". As a result, the RD license server cannot issue RDS CALs of the type "%2" to the RD Session Host server "%3". |
Check the RD licensing mode configured on the RD Session Host server. Make sure it matches the type of RDS CALs installed on the RD license server. |
22 |
The RD license server "%1" does not have any RDS CALs installed and registered with the Microsoft Clearinghouse for product "%2". Therefore, the RD license server cannot issue RDS CALs of the type "%2" to the RD Session Host server "%3". |
Buy and install the required RDS CALs. |
38 |
The RD license server cannot issue a RDS CAL to the client because of following error: "%1!s!" |
The RD License server installation has become corrupted. Reinstall the RD License server role. To preserve the issued license information, back up the RD Licensing database folder (%windir%\system32\LServer) before removing the role. |
4105 |
The RD license server cannot update the license attributes for user "%1!s!" in the AD Domain "%2!s!". Ensure that the computer account for the license server is a member of Terminal Server License Servers group in AD domain "%2!s!". |
Make sure the RD License server is a member of the Terminal Server License Servers group in AD. For a RD license server installed on a DC, the Network Service account also needs to be a member of that group. To track or report the usage of RDS Per User CALs, a reboot is required. |
Issuance of RDS Per User CALs
Issued RDS Per User CALs are logged in the Event log by Information entries with the Event ID 4143. These will appear in the Applications and Services Logs section under Microsoft | Windows | TerminalServices-Licensing | Admin.
Issuance of RDS Per Device CALs
Issued RDS Per Device CALs are logged in the Event log by Information entries with the Event ID 82 in the Windows Logs under System.
Reissue a RDS Per Device CAL
RD Licensing information concerning RDS Per Device CALs are stored on the client device in the registry:
HKLM\SOFTWARE\Microsoft\MSLicensing.
To remove the Per Device CAL from the client device, you can delete the hardware ID and store subkeys from the registry and reboot the client. The client device will request a new CAL at the next RD session.
When the entire MSLicensing registry key is deleted and needs to be recreated, you will have to run the Remote Desktop connection as an administrator with the corresponding privileges to have sufficient rights to create the corresponding registry keys.
For a complete overview of Remote Desktop Services Events in Windows Server 2008 R2, check out Microsoft TechNet at http://technet.microsoft.com/en-us/library/ff404148%28v=ws.10%29.aspx.
This recipe will show you how to rebuild the RD Licensing database to solve Remote Desktop License server issues.
To automatically rebuild the RD Licensing database, the computer running the RD Licensing Manager needs to have internet access (TCP port 443). The RD License server itself does not require internet access, only the computer running the management console.
Check if your RD License Server is configured for Automatic connection (recommended) through the properties of your RD License Server in the RD License Manager, before you start the rebuilding process.
To automatically rebuild the RD License server, follow these steps:
Open the RD License Manager by navigating to Start | Run | licmgr.
Right-click on RD License Server in the left pane and select Manage Licenses.
Click on Next in the Manage licenses Wizard Welcome screen.
A connection to Microsoft Clearinghouse is set up.
Select Rebuild the license server database in the action select step.
Provide a reason for the rebuild action and click on Next:
Read the warning message.
Select the Confirm deletion of licenses currently installed on this license server checkbox and click on Next.
The RD Licensing database has been deleted.
Click on Next to reinstall the licenses in the reinstalling licenses step.
Select your License program and click on Next:
Fill out the required license information (License Code, Agreement number, and so on), and click on Next.
Your licenses are being reinstalled.
Select Continue if you need to install more licenses and repeat steps 11 to 13.
Select Finish rebuilding the RD License database in the reinstalling additional licenses step and click on Next.
Complete the Manage Licenses Wizard by clicking on Finish.
Select the RD License server in the left pane and check if the installed licenses are shown in the right pane and whether all licenses are available or not.
You can read more about rebuilding the RD Licensing Database at Microsoft TechNet: http://technet.microsoft.com/nl-nl/library/ff817600%28v=ws.10%29.aspx.
This recipe will show you how to recover your RDS CALs to a new RD License server when you cannot restore your original server or when you simply need to transfer your licenses to a new RD License server.
In order to automatically rebuild the RD Licensing database, the computer running the RD Licensing Manager needs to have internet access (TCP port 443). The RD License server itself does not require internet access, only the computer running the management console.
Also check if your RD License Server is configured for automatic connection (recommended) through the properties of your RD License Server in the RD License Manager.
To automatically recover your licenses to a new RD License server, follow these steps:
Add the Remote Desktop Licensing server role to the new RD License server.
Open RD License Manager (by navigating to Start | Run | licmgr on the new RD License server).
Activate the new RD License Server without adding any licenses.
Right-click on the RD License Server in the left pane and select Manage RDS CALs.
Click on Next in the Manage RDS CALs Wizard welcome screen.
A connection to Microsoft Clearinghouse is set up.
Select Migrate RDS CALs from another license server to this license server.
Select a reason for migrating and then click on Next:
If you select the The source license server is being replaced option, provide the following information:
The source license server name or IP address
Whether or not it is still available
The operating system
The original RD License server ID
If you select the The source license server is no longer functioning option, accept the agreement not to use your source license server as RD License server and agree to manually remove the RDS CALs from your original RD License server.
Click on Next.
Follow steps 11 to 16 from the How to do it… section of the previous recipe to install the RDS CALs.
You can read more about recovering (or migrating) RDS CALs at Microsoft TechNet at http://technet.microsoft.com/en-us/library/dd851844.aspx.