FAQ

Q.	How do I turn on Remote Desktop?
A.	Right-click My Computer, click Properties, and then click the Remote tab. Turn on Remote Desktop by selecting the check box Allow users to remotely connect to this computer. Designate users by clicking the Select Remote Users... button.
Q.	Is there a tutorial for using Remote Desktop?
A.	Yes. See Using Remote Desktop.
Q.	Is Remote Desktop available on Windows XP Home Edition?
A.	No, however you can upgrade from Windows XP Home Edition to Windows XP Professional to get Remote Desktop. You can use Windows XP Home Edition as the client for accessing your Windows XP Professional computer running Remote Desktop.
Q.	Where can I get the latest Remote Desktop Connection Client?
A.	The Remote Desktop Client software is available for 32-bit Windows platforms: Windows 95, Windows 98 and Windows 98 Second Edition, Windows Me, and Windows 2000. There are several ways to get it: • You can download it. • Microsoft Update will host new versions of the client software, when available. • Get it off any Windows XP CD. Let the autorun program start and then select Perform additional tasks. Choose the option to install the Remote Desktop Connection.
Q.	Does Remote Desktop work with Windows Firewall?
A.	If you're running Windows XP Service Pack 2 (SP2) and you enable Remote Desktop, Windows Firewall will be automatically configured to allow Remote Desktop connections to your computer. Tip If you or someone else has configured Windows Firewall to allow no exceptions, Remote Desktop will not work. To allow exceptions in Windows Firewall, in the control panel open the Security Center, click Windows Firewall and clear the check box next to Don't allow exceptions. If you're using the Internet Connection Firewall on Windows XP SP 1 or earlier, in the Network Connections window, right-click the connection through which you will use Remote Desktop, and then click Properties. Click the Advanced tab, and then select the checkbox for Protect my computer and network by limiting or preventing access to this computer from the Internet. Click the Settings button. In the Services list, select the checkbox for Remote Desktop.
Q.	Is Remote Assistance the same thing as Remote Desktop?
A.	No, it isn't. Remote Assistance uses Remote Desktop technology to allow an expert to provide assistance to a novice user on a computer running Windows XP. Get more information about Remote Assistance.
Q.	The local computer screen locks when a user is connected remotely. How can I get more than one connection to a computer running Windows XP Professional?
A.	If you want to have more than one person simultaneously use a computer running Windows XP Professional, you could try Remote Assistance for collaboration and support scenarios. Windows 2000 Server with Terminal Services allows multiple users, as will Windows Server 2003, when it becomes available.
Q.	Do I need a terminal server license server for Remote Desktop?
A.	No, a terminal server license server is not required for Remote Desktop. Remote Desktop is designed for a single user, local or remote.
Q.	What protocol does Remote Desktop in Windows XP support?
A.	Remote Desktop in Windows XP Professional uses Remote Desktop Protocol (RDP) 5.1. Some of the new features added to RDP 5.1 are support for 24-bit color, audio redirection, smart card redirection, COM port redirection, local network printer redirection and disk drive redirection. Additionally, RDP 5.1 has better compression, improved performance, and virtual channel compression.
Q.	Is the Remote Desktop Connection client compatible with Windows 2000 Terminal Services and Windows NT® 4.0 Terminal Server Edition?
A.	Yes, the Remote Desktop Connection client supports Remote Desktop Protocol 5.1. The client is backwards compatible with Windows 2000 and Windows NT 4.0 Terminal Server Edition. When using the client against older servers, you will get the features of the older protocol.
Q.	Can I get a Remote Desktop Client for other platforms?
A.	The Remote Desktop Connection software can not be run on Windows for Workgroups or Windows 3.11. The last terminal server clients for these versions of Windows shipped on the Windows 2000 Server CD. To connect to a Windows Terminal Server from other platforms, you will need a third-party solution.
Q.	Why don't MIDI files play over Remote Desktop?
A.	This is a known issue. MIDI files are not currently supported over Remote Desktop.
Q.	What port does Remote Desktop use? Does everything go over port 3389?
A.	Port 3389 is the only port you need to open. Windows will attempt to stream sound through User Datagram Protocol (UDP) first. If no port is available for UDP, sound will stream through a virtual channel in Remote Desktop Protocol, which uses port 3389.
Q.	How do I connect Windows Desktop Client to a remote port other than 3389?
A.	In the Computer field in the Remote Desktop Client connection dialog, specify the port in either of the following ways: • Computer name, colon, port number Example: TSComputer: 22229 • IP address, colon, port number Example: 192.168.1.1: 22229
Q.	What is the Remote Desktop Web Connection? What is it for?
A.	The Remote Desktop Web Connection is the Remote Desktop Connection client packaged as an ActiveX® control that can be embedded in a Web page to provide access to a Terminal Server or a computer running Windows XP Professional with Remote Desktop enabled.
Q.	What are the requirements for Remote Desktop Web Connection?
A.	• On the server side, you need Internet Information Server 4.0 or later. Windows XP Professional comes with Internet Information Server 5.1 out of the box. • On the client side, it will only run on the Windows 9x, Windows Millenium Edition (Windows Me), Windows NT (Intel only), and Windows 2000 operating systems using Internet Explorer 4 or later. It is not supported on any other platform.
Q.	Does the Remote Desktop Web Connection support audio and drive redirection?
A.	Yes. The Remote Desktop Web Connection supports the same features that the Remote Desktop Connection supports.

Links and eBooks

Links & eBooks

General links

Here are some of my favorite links, by fellow-MVPs and other Terminal Services and Citrix specialists. If you can't find the solution to your problem here, then chances are that you have a very unusual problem. In that case, post a question in one of the newsgroups listed below.

• Terminal Services Team Blog
• Session Computing Solutions - info about Terminal Services, Citrix and other 3rd party add-ons. By Patrick Rouse, MVP
• Your Independent Citrix, Terminal Server, Server-Based Computing, and Thin Client Resource - By Brian Madden, MVP
• DABCC.com - Citrix and Terminal Services Support Site - Home of Methodology in a Box, by Douglas Brown, MVP
• Terminal Services Resources - hacks and scripts to help TS administrators. By Matthew Harris, MVP
• ThinHelp.com - by Jim Kenzig, MVP
• MSTerminalServices.org - by TechGenix
• Citrix downloads, tips & tricks - by Ron Oglesby, MVP
• WTStek.COM - Your Resource for Windows Terminal Server Technologies, by Bernhard Tritsch, MVP
• Jeff Pitsch Consulting - by Jeff Pitsch, MVP
• former Citrix4ge - by Thomas Kötzing
• Schinning.Net - Server Based Computing links and downloads, by Stefan Schinning
• Citrix Things - by Andrew Wood
• Server Based Computing Centre - by Wilco van Bragt

eBooks

• Terminal Services for Microsoft Windows Server 2003, Advanced Technical Design Guide - by Brian Madden and Ron Oglesby. A free download of the complete book (free registration required)
• The Definitive Guide to Windows Server 2003 Terminal Services Updated Edition - by Greyson Mitchem
• The Definitive Guide to Citrix MetaFrame XP - by Christa Anderson
• The How-To Guide to Windows Server 2003 Terminal Services - by Greyson Mitchem
• Securing Microsoft Terminal Services - by Roddy Rodstein

Newsgroups

• Google: microsoft.public.windows.terminal_services
• Google: alt.os.citrix
• Google: microsoft.public.windowsxp.work_remotely
• Google: microsoft.public.mac.rdc
• Google: microsoft.public.windows.server.sbs
• Google: microsoft.public.windows.group_policy

Troubleshooting

General trouble shooting

Since you've come to this page, you probably have some sort of problem with your Terminal Server. Without knowing any details, it's still possible to give some general advice:

1. check the EventLog on your server.
   More often then not, there is useful information to be found there
2. search one or more of the databases mentioned below for the EventID and Source of the events you found
3. if at all possible, create a test system which demonstrates the same problem and do all of your troubleshooting there
4. document the problem
5. enable verbose logging of relevant services, if possible (see links below)
6. if the server reboots, configure it to not automatically restart after a system failure. Document the STOP error code and all parameters when the system crashes
7. try to narrow down the problem: does it happen all the time? to all users? with all workstations / applications / printers?
   You will need to provide this information if you are going to post your problem to a newsgroup or phone a vendor's support
8. document all changes that you make while troubleshooting
9. make only one change at a time, evaluate the results, and reverse the change if it doesn't solve the problem

Troubleshooting tools

KnowledgeBase

• Microsoft Support Knowledge Base for 2008 / 2003 / W2K / SBS 2003 / Vista / XP
• MSDN Advanced Search
• Citrix Solutions Knowledge Base
• Citrites' Search - for all thing Citrix

Event Logging

• Terminal Services Events in Windows Server 2008
• EventID.Net - real-world examples of most events
• EventTracker KB - Event database, searchable on description
• Events and Errors Message Center
• 889887 - How to copy the text of an error message into a text editor
• 325376 - How To Enable Verbose Startup, Shutdown, Logon, and Logoff Status Messages in the Windows Server 2003 Family
• 232575 - How to trace Winlogon activity in Windows Server 2003, Windows XP, Windows 2000, and Windows NT
• 221833 - How to enable user environment debug logging in retail builds of Windows
• Interpreting Userenv log files
• 907355 - How to enable folder redirection logging to gather verbose troubleshooting information in Windows 2000
• 223300 - How to Enable Windows Installer Logging
• 327508 - How to Turn On the Terminal Services Session Directory Logging Service - 2003

Debugging tools

• System Error Codes
• MSDN Bug Check Codes - explanation of STOP error parameters
• DLL Help Database - track fileversion to Microsoft software packages
• Troubleshoot a Windows bluescreen, a.k.a bugcheck, a.k.a blue screen of death
• 244139 - Windows feature lets you generate a memory dump file by using the keyboard
• 949180 - How to create a user-mode process dump file in Windows Server 2008
• 900093 - How to enable a remote kernel debugger connection on a computer that is running Windows Server 2003 with Service Pack 1
• 286350 - How to use ADPlus to troubleshoot "hangs" and "crashes"
• Download the User Mode Process Dumper - version 8.1.2929.5
• 936917 - The Userdump monitoring function is disabled when Windows Server 2003 SP2 is installed
• Download the Debug Diagnostic Tool v1.1 - troubleshoot hangs, slow performance, memory leaks or fragmentation, and crashes in any Win32 user-mode process
• Download the IIS Diagnostics Toolkit (x86) - see CTX108889 for usage on TS and Citrix servers
• CTX108889 - Using the Microsoft Debug Diagnostics Tool to Create Dump Files
• CTX114179 - TSUserLog
• 323478 - You cannot debug through a Terminal Server session

General TS related issues

• 278657 - Terminal Services Cannot Be Manipulated - applies to W2K and 2003, not 2008
• 238162 - Change Between Remote Administration and Application Server Mode - W2K
• 252330 - Toggling Terminal Services to Application Server Mode May Cause Programs Not to Work - W2K
• 828056 - A terminal server no longer runs in application mode after you upgrade the terminal server to Windows Small Business Server 2003

Windows 2008 specific issues

• 952610 - You cannot investigate a Stop error that occurs on an x64-based version of Windows Server 2008
• 953341 - A dump file may not be generated on a computer that is running Windows Server 2008 or Windows Vista if the dump file and the paging file reside on the same volume
• 952664 - The Event Log service may stop responding because of a deadlock on a Windows Server 2008-based computer
• 946399 - The Terminal Services service may be unable to start on a server that is running Windows Server 2008
• 951954 - Error message when you run an application on a terminal server that is running Windows Server 2008 or Windows Vista with Service Pack 1: "Stop 0x0000008E"
• 950086 - A memory leak may occur in the nonpaged pool memory on the Windows Server 2008-based terminal server when you log on to and log off from a Windows Server 2008-based terminal server through an RDP connection
• 949914 - Citrix ICA clients may crash when they are connecting to a Windows Server 2008-based terminal server that has Citrix Presentation Server installed

Windows 2003 specific issues

• 824721 - Windows Server 2003 Service Pack 1 list of updates
• 914962 - List of updates in Windows Server 2003 Service Pack 2

STOP errors

• 909445 - Error message when you start a Terminal Services session on a Windows Server 2003-based computer: "STOP: 0x00000050 (0xffffffe8, 0x00000001, 0x8083fb88, 0x00000000)"
• 926128 - You receive a "STOP 0x50" error message that is related to win32k!HmgDecrementShareReferenceCount+0xb on a Windows Server 2003-based terminal server
• 951749 - Stop error message on a terminal server that is running Windows Server 2003 Service Pack 1 or Windows Server 2003 Service Pack 2: "Stop 0x000000AB (SESSION_HAS_VALID_POOL_ON_EXIT)" replaces all previous STOP 0xAB hotfixes

Misc. problems

• 883670 - FIX: The Terminal Services service stops responding in Windows Server 2003 and you receive an "The RPC service is unavailable" error message when you try to connect to the terminal server by using the Remote Desktop Connection program
• 930045 - A Windows Server 2003-based computer stops responding when you shut down the computer in a remote console session
• 906510 - The logon screen turns black after you press CTRL+ALT+DELETE to log on to a Microsoft Windows Server 2003-based computer
• 932039 - Two taskbars are displayed, or the Language bar is displayed two or more times on the taskbar, on a computer that is running Windows Server 2003 or Windows XP
• 914052 - Event ID 10000 is logged in the Application log on a Windows Server 2003-based computer that has Terminal Server enabled
• 932813 - Event ID number 2003 is logged in the Application log after you install Windows Server 2003 Service Pack 2
• 891315 - You cannot see all the screen element text if you use the large size (120 DPI) display DPI setting on a Windows Server 2003 Terminal Server
• 942490 - When you connect to a Windows Server 2003-based computer in a terminal server session, the remote computer may stop responding if it has East Asian languages installed

Windows 2000 specific issues

STOP errors

• 839429 - You receive a "STOP: 0x0000001E" error message on a Windows 2000-based computer that is running Terminal Services
• 899268 - You may receive error messages and you may receive frequent Stop error messages that indicate that the Srv.sys or the Netbt.sys driver has failed when you use Terminal Services to connect to a computer that is running Windows 2000 Server
• 901198 - Error message when you use the Terminal Server application on a computer that is running Windows 2000: “Stop 1E, {c0000005, a0109ba0, 0, a0cd3584}”
• 894388 - Error message on a Windows 2000 Server-based computer that has Terminal Services enabled: "Stop 0x0000001E"
• 820767 - Your computer automatically restarts or a stop error or another error occurs when you have Terminal Services enabled

Misc. problems

• 817446 - Terminal Services Stops Responding
• 323148 - Windows 2000 Server or Windows 2000 Advanced Server Computer That Is Running Terminal Services Stops Responding Immediately After You Start the Computer
• 899330 - A Windows 2000-based terminal server stops responding under a heavy load, and all users lose their terminal server sessions
• 823747 - Windows 2000 Terminal Server Stops Responding and a Black Screen Appears
• 837439 - Windows 2000 Terminal Server stops responding after you experience access violations in a Terminal Server session
• 832821 - Error 161 occurs when you use the runas command in a Terminal Services session
• 830268 - NUM LOCK and CAPS LOCK keys are out of sync when you shadow another RDP session in Windows 2000
• 893368 - Terminal services and remote desktop session events are not logged in Windows 2000 Server
• 891503 - FIX: You may receive a "Permission Denied" error message when you try to use the ls or cd command from a Terminal Services session
• 837810 - When you use Remote Desktop Connection (RDC) to connect to a Windows 2000-based terminal server, you cannot minimize a program that has stopped responding in the RDC window

Citrix specific issues

• CTX106727 - Brief Troubleshooting Guide
• CTX113035 - Microsoft Windows Server 2003 Service Pack 2 Known Issues
• CTX104982 - Issues Resolved in Service Pack 4 for Citrix MetaFrame XP 1.0
• CTX102026 - STOP 0x1E in Ntkrnlmp.exe when running the Citrix Management Console from FR3 with an ATI display driver
• CTX103253 - IMA service failed to start with error 2147483649 and failed to load plug-ins MF XP 1.0
• 816134 - Citrix Terminal Server Sessions Are Not Disconnected and Cause the Server to Stop Responding
• CTX106802 - Presentation Server 4.0 and Service Pack 2005.04 for MetaFrame Presentation Server 3.0 Cannot Be Installed on a Domain Controller
• 951032 - You may receive an error message on a Windows Server 2003-based computer that has Citrix Presentation Server 4.0 installed with Windows Installer
• 951033 - Stop error message on a Windows Server 2003-based computer that has Citrix Presentation Server 4.5 installed: "0x00000076" or "0x000000CB"

Thin clients Computing

Thin clients

Using thin clients in stead of full-fledged PCs can minimize your Total Cost of Ownership considerably. If you are planning a thin client solution, don't forget to pay attention to the following:

• do you want to convert existing PCs into thin clients, or do you want to buy thin client hardware?


• the type and version of the operating system on the thin client: Linux, Windows CE or Windows XP embedded


• do you need to interact with hardware like a scanner or a microphone, connected to the thin client?

If the hardware device needs a locally installed driver, you'll probably need Windows XP embedded
• the version of the RDP and ICA client software on the thin client
• do you need Internet Explorer on the thin client?
• how easy is it to update the firmware, the OS and the Terminal Server client software?


• the management program that usually comes with the hardware

Check for easy and centralized management of your (thin) clients. Is the management software vendor specific or not?

For more tips, download Choosing the right thin client devices, OS & management software from 2X

Software thin clients and management systems

• SimplyRDP - a software thin client, enables diskless connectivity to a terminal Server via PXE network boot
• ThinClientServer - management system for thin clients and PCs
• RES PowerFuse - configure, secure and monitor all desktops
• ThinStation

Thin client manufacturers

• Athena - Custom build thin client images
• Wyse
• BOSaNOVA
• ChipPC
• Hewlett Packard
• IGEL
• Netvoyager
• ThinPath (formerly NCD)
• VXL
• DLSE Green Computing - (Singapore Base Thin Client company)
  

Useful information

• ThinPlanet - White Papers
• Thin World - Thin Clients, Terminal Server, Citrix

Administrator tools

Administrator tools

Connection management tools

• visionapp Remote Desktop (vRD) - Freeware multi-tab remote connections tool
• iShadow Desktop - by Teknica. Universal rdp, ica and vnc client
• Remote Desktop Manager - by Devolutions. Free utility to collect and organize your remote connections
• Remote Desktop - by Frameworkx. Freeware Windows Vista's sidebar gadget to collect and organize your remote connections
• Remote Desktops snap-in from the Windows Server 2003 Service Pack 1 Administration Tools Pack

(Remote) Administration and management tools

Windows Server 2008

• Terminal Services Command Reference
• 947723 - Changes to remote administration in Windows Server 2008
• 941314 - Description of Windows Server 2008 Remote Server Administration Tools for Windows Vista Service Pack 1
• Installing RSAT (Remote Server Administration Tools) components unattended - by Kurt Roggen
• RSAT (Remote Server Administration Tools): what's included and what's NOT!! - by Kurt Roggen
• RSAT and ADUC: Getting the Terminal Services Tabs to Appear in AD Users and Computers
• WS2008: Terminal Server Management and Administration - an overview of available tools and methods
• WS2008: RDC Enhancements and Administrative Sessions
• Managing Terminal Services attributes with PowerShell - by Dmitry Sotnikov
• Remotely managing your Server Core using RDP - by Sander Berkouwer
• Introducing Terminal Services Server Drain Mode
• 947729 - Error message when you try to use the Active Directory Service Interfaces extension for Terminal Services to read the properties for a user on a Windows Server 2008-based computer: "The directory property cannot be found in the cache"

Windows Server 2003 / W2K

• Terminal Services Tools and Settings
• 306624 - HOW TO: Install Terminal Services in Remote Administration Mode in Windows 2000
• 814590 - How to enable and to configure Remote Desktop for Administration in Windows Server 2003
• Remote Administration of Windows Servers Using Remote Desktop for Administration White Paper - 2003
• 256588 - Using Terminal Services for remote administration of Windows 2000 or Windows Server 2003 domain controllers in Directory Service Restore mode
• 243202 - Windows 2000 Terminal Services Session Management Tools
• 302801 - The Use of Tscon.exe Can Leave a Previously-Locked Console Unlocked
• 277689 - You May Not Be Able to Switch Back and Use the Terminal Services Manager
• 281307 - Windows XP and Windows Server 2003 Are Not Advertised as Terminal Services Servers
• 255591 - Internal Error 2755 Installing Windows 2000 Resource Kit on a Terminal Server
• 839941 - You cannot enter a password that has more than 14 characters when you try to connect to a session from Task Manager or from Terminal Services Manager in Windows Server 2003
• CTX108104 - Error: Could not Contact any Web Interface Configuration Servers ..or the (Create Site) option is not available - ASC on PS4
• The realities of the new admin interface in Citrix Presentation Server 4.5 - by Brian Madden

Remote Control, Shadowing, Remote Assistance

• 232792 - HOW TO: Use the Terminal Services Remote Control Feature - W2K
• 320191 - HOW TO: Use the SHADOW Command to Remotely Monitor an Active Session of Another User in Windows 2000 Terminal Services
• 278845 - How to Connect to and Shadow the Console Session with Windows Server 2003 Terminal Services
• 292190 - How to Shadow a Terminal Server Session Without Prompt for Approval
• 233365 - Err Msg: Session ID [Session Number] Remote Control Failed
• 281156 - Cannot Remotely Control a Disconnected Session
• 281909 - Terminal Services: You Receive No Warning When Shadowed Session Ends
• 301527 - How to configure a computer to receive Remote Assistance offers in Windows Server 2003 and in Windows XP

Utilities

If you have a very specific need, then chances are that there is a very specific tool for it! Here is the 10+-most-wanted list of Terminal Server utilities.

• RemoteApp Filter - a freeware extension to Windows 2008 TS Web Access to filter out applications based on user's group membership
• Citrix Published Applications Utility (PAU) - change properties of multiple published applications
• Process Monitor - FileMon and Regmon combined, for W2K SP4 anf higher, from SysInternals
• DumpSec, DumpReg & DumpEvt - dump NTFS permissions, registry information and EventLogs. From SystemTools.Com
• RegTimeStamp - set the time stamp of shadow keys, by Donald Fens
• RegToADM - create custom ADM from exported REG file, by Yizhar Hurwitz
• TSRemoteExec - freeware utility to execute any command on the local client from within a remote session, by Thomas Tran
• Bandwidth Analysis Tool - for monitoring ICA and RDP traffic patterns, from WBISoft.com
• ThreadMaster - application based CPU Quota management tool. Freeware utility, by Soren M. Pedersen
• Performance Guard - application monitoring tool, from PremiTech
• TSDropCopy - Server to client file transfer utility. Requires latest RDP client
• Virtual IP - session-based IP addresses, from Provision Networks
• GETTSCIP - a freeware command-line tool to obtain the current session's client IP address, by Ctrl-Alt-Del IT Consultancy
• ReconnAct! - utility which runs a script when client IP or name changes or on session disconnect or reconnect
• SetLocale - Set the input-locale and keyboard-layout. By Spectro Display
• TimeMachine - Set the timezone on a per-user basis. By Solution-Soft
• RecordTS - record everything your users are doing on your Terminal Servers, by Cláudio Rodrigues
• ObserveIT - Window Session auditing and recording of all Terminal Server sessions
• AppScape Lockdown Utility - turn off the X button

Applications

Applications

Installation

Checklist: Install applications

Before installing applications on a Terminal Server, you must put the server into "install mode". In this mode, all changes made to the registry and to ini-files will be monitored and copied to the shadow area in the registry. This process ensures that all users will receive their personal copy of those registry keys and ini-files. You can put a Terminal Server in Install mode by using the Add/Remove Programs tool in Control Panel, but this method does not work when you install applications directly from the web.

A method which gives you more control over the process is to put the server into install mode from the command prompt:

1. Open a command window (Start - Run - cmd)
2. Type "change logon /disable" (without the quotes) to disallow new connections to the server
3. Use Terminal Services Manager to verify that there are no user sessions; send a message to connected users, requesting them to log off
4. Type "change user /install" (without the quotes) to put the server into install mode
5. Install your application
6. When the installation is completely finished, type "change user /execute" to put the server back into it's normal execute mode
7. Type "change logon /enable" to allow users to connect again

Troubleshooting application issues

If a program doesn't execute as expected after installation, check the following articles and troubleshooting tools:

• CTX101709 - How to Effectively Troubleshoot Application Integration Issues
- by Citrix, but most methods apply to rdp as well.
• My application runs fine for Administrators, but not for normal users
• My application runs only for the Administrator who installed the application, but not for normal users or other accounts with Administrator rights
• 252330 - Toggling Terminal Services to Application Server Mode May Cause Programs Not to Work
• 195950 - How and why ROOTDRIVE is used on Windows Terminal Server
• 297379 - Programs Can Revert to the Default Settings on Terminal Server
• 255582 - BUG: An error occurs running Windows Installer installation on Terminal Server or Remote Desktop connection
• 223300 - How to Enable Windows Installer Logging
• 883514 - Terminal server host applications may intermittently stop responding in Windows 2000
• 311727 - An Assigned Program Is Not Installed in Terminal Services Remote Administration Mode

• Terminal Services Application Analyzer Beta
• Download Hosting Applications with Terminal Server - 2003
• Application Compatibility Toolkit - for 2003 and XP
• How Applications use the Registry in Terminal Server Environments - by Brian Madden
• 186498 - Terminal Server Application Integration Information
• Program compatibility flags
• CTX106100 - Application Isolation Environment Supported Applications
• CTX109254 - Application Isolation Environments - Compatibility Issues

Specific application issues

• Office issues
• Internet Explorer issues
• QuickBooks issues
• Other applications: Exchange, SQL and MSDE, SMS, Lotus Notes, Adobe, COM and DCOM, Host Integration Server, SoftGrid and more

Client / server application issues

• 272582 - Windows 2000 Terminal Services Incorrectly Closes Files on Remote Shares
• 818528 - Problems When More Than One User Accesses the Same File Through Terminal Services
• 830265 - Out of memory error messages when you try to save files
• 299603 - PRB: "Error reading file" Error Message on Windows 2000 Terminal Services
• 219956 - PRB: Too Many Files Open Running VFP on Windows Terminal Server
• 294816 - Programs that are run from a network share on Terminal Services close or generate errors

Miscellaneous issues

• 816513 - Poor Program Performance Occurs in a Remote Terminal Services Session
• 80863 - Limiting Simultaneous Users of an Application
• 840342 - Applications may not run correctly in a Terminal Services environment
• 924893 - An application window may not be drawn correctly when you run the application in a remote desktop session to a Windows XP-based computer

Application streaming / launching / publishing

• Microsoft SoftGrid Application Virtualization
• Microsoft Application Virtualization 4.5 Beta - formerly known as SoftGrid
• WS2008: Terminal Server Web Access Architecture
• Windows Server 2008 Terminal Services RemoteApp Step-By-Step Guide
• 951048 - An application does not start in a Windows Server 2008 Terminal Services RemoteApp session
• Working Together - Application Virtualization from Citrix & Microsoft
• 931576 - How to publish a SoftGrid-enabled application in Citrix MetaFrame
• Download the Best Practices for Integrating Microsoft® SoftGrid® Application Virtualization with Terminal Services and Citrix® Presentation Server® White Paper
• SoftGrid and Terminal Services: Better Together



• CTX891671 - Graceful Logoff from a Published Application Keeps Sessions in Active State
• CTX644401 - Connecting to a Published Application Produces the Entire Desktop, Explorer.exe
• CTX922603 - How to Publish Explorer.exe with Specific Drives, Specific Folders, or URL



• visionapp Workspace Management 2008 - a portal-based application delivery system
• 2X ApplicationServer for Windows Terminal Services - seamlessly publish applications onto remote desktops
• Altiris Deployment Solution
• AppLauncher - allows you to deploy more than one application through Terminal Services without giving user access to the entire desktop
• Remote Application Center For Terminal Server - freeware utility to publish applications and set application permissions by user or by group

Information for developers

• Remote Desktop Protocol: Basic Connectivity and Graphics Remoting Specification
• Remote Desktop Protocol: Remote Programs Virtual Channel Extension
• Terminal Server Plug and Play Device Redirection Framework in Vista and Longhorn - part 3
• Windows Desktop Sharing API - on Vista
• Dynamic Virtual Channels
• 950118 - You cannot reuse a virtual channel handle after you disconnect and then reconnect a Terminal Services session that is established on a Windows Server 2008-based terminal server



• Terminal Services Programming Guidelines
• CTX111705 - A Guide for Application Developers, by Citrix
• Terminal Services Reference
• Wrapping the Terminal Services API for Visual Basic - by Alex Angelopoulos, MVP
• Windows Logo Program Requirements V. 3.0
• Device Driver INF Changes for Plug and Play Device Redirection on Terminal Server
• Application Compatibility Toolkit - for W2K
• Detecting If Terminal Services is Installed
• Optimizing Applications for Windows 2000 Terminal Services and Windows NT Server 4.0, Terminal Server Edition
• 923741 - Formatted text is inserted as a picture in the "Rich TextBox" control on a Windows 2000-based terminal server
• 841700 - BUG: You receive an "error reading comm device" error message when you try to read from a COM port that is on a remote computer by using the MSComm control in Visual Basic 6.0

• Local Administrator/Power User Hall of Shame

LB/Scaling

Windows Network Load Balancing

• Checklist: Enabling and configuring Network Load Balancing
• 294926 - Considerations of Terminal Services on a Server Cluster
• 243523 - Using Terminal Server with Windows Load Balancing Service
• Step-by-Step Guide Configuring Network Load Balancing with Terminal Services in Windows Server 2008
• Windows Server 2003 Virtual Conference: Designing, Deploying, and Managing a Load Balanced Terminal Server Farm
• 240997 - Configuring Network Load Balancing
• 303817 - How To Set Up TCP/IP for Network Load Balancing in Windows 2000
• 323431 - How To Set Up TCP/IP for Network Load Balancing in Windows Server 2003
• 280805 - Terminal Services Client Cannot Connect to NLB Cluster TCP/IP Address

Windows 2008 - Session Broker Load Balancing

• Terminal Server Session Broker Overview
• Session Broker Load Balancing
• TS Session Broker Load Balancing Step-by-Step Guide
• Instantaneous Session Broker redirection leveraging CredSSP
• Introducing Terminal Services Server Drain Mode

Windows 2003 - Session Directory

• 301926 - Overview of the Session Directory Technology in Terminal Services
• Configure Session Directory settings
• Session Directory and Load Balancing Using Terminal Server White Paper - 2003
• 840695 - How to provide high availability for the Terminal Services Session Directory server in Windows Server 2003
• 908479 - The Session Directory service does not work on a Windows Server 2003-based session directory server

Citrix Load Management

• CTX357152 - Citrix Application Load Levels Defined: 10000, 10000!, 10001, 10002, 9999
• CTX103653 - Explaining Load Management and Load Bias
• Citrix Presentation Server Load Management - by Duane Bradley
• Understanding the new logon throttling load evaluator options in Citrix Presentation Server 4.5 - by Brian Madden

Other 3rd party Load Balancing products

• 2X LoadBalancer
• THINWORX
• Clusteresis RDP Load Balancer - freeware
• Provision Networks Management FrameWork
• F5 BigIP

Scaling

• Windows Server 2003 Terminal Server Capacity and Scaling White Paper
• Terminal Services Scaling and Performance on x64-Based Versions of Windows Server 2003
• CTX091649 - Citrix Server Test Kit Explained
• TLoad - a Citrix load testing application, by thinGenius
• LoadGen - free load testing tool for simulating loads of up to 150 users per server, by DeNamiK

Performance

Performance

Recommendations and Tools

• Overview of Performance Monitoring
• 186536 - Terminal Server Performance Monitor Objects and Counters
• Terminal Server Performance Tuning - by Brian Madden
• Windows System Resource Manager - 2003, Enterprise and Datacenter Ed.
• Terminal Services and Windows System Resource Manager - 2008
• Windows Performance Toolkit
• 291988 - A description of the 4 GB RAM Tuning feature and the Physical Address Extension parameter
• 909262 - Description of the changes to the mechanism that Windows Server 2003 uses to allocate resources
• 177415 - How to use Memory Pool Monitor (Poolmon.exe) to troubleshoot kernel mode memory leaks
• ThreadMaster - application based CPU Quota management tool. Freeware utility, by Soren M. Pedersen
• CTX106021 - FAQ: The CPU Utilization Management Feature PS4
• CTX106022 - Virtual Memory Optimization Feature Application Compatibility List PS4
• One reason Why Windows Server 2008 Terminal Server Will Allow You To Get More Users On A Box - by Michel Roth
• How can I measure RDP bandwidth usage?
• Bandwidth Allocation for Terminal Server connections over RDP Vista and 2008
• How To: Simulate WAN Connections in Your Own Test Lab, For Free! - by Michel Roth

Logon and logoff delays

If you have a problem with long logon and logoff times, don't forget to check the EventLog on the Terminal Server. If the problem is caused by a profile load or unload error, you will find an event saying so. In that case, check the TS/Citrix - Profiles page.

• 274740 - Initial Program List Determines When the Terminal Server Session Ends
• 324446 - Terminal Server and connected Terminal Services clients pause when a Terminal Services client logs on or logs off Lanman + LazyFlush
• 927182 - When a user logs off a Windows Server 2003 Service Pack 1-based terminal server, the terminal server may stop responding for several seconds post-SP2 hotfix
• 901196 - A remote session does not end immediately on a computer that is running Windows Server 2003 Service Pack 1 certificate autoenrollment
• 831962 - A remote desktop session may experience a long delay when you try to log off an Advanced Client computer with SMS 2003
• 944003 - Terminal Servers performance slow down or hang with TrendMicro OfficeScan
• 829485 - You Experience Performance and Logon Problems When You Use Terminal Services NT 4.0 + W2K

File access delays / SMB problems

• 317249 - How to troubleshoot Event ID 2021 and Event ID 2022 Lanman - all OS
• 888562 - You experience slow performance when you use Windows 2000 Server or Windows Server 2003 to access files on a computer that is running Windows 2000 Server or Windows NT 4.0 Lanman
• Does Your Environment Need SMB Tuning? - by Michel Roth
• 232476 - Terminal Server Client Connections and Logon Limited by MaxWorkItem and MaxMpxCt Values Lanman - W2K + NT4.0



• 830265 - You receive an "Out of memory" error message when you try to save a file third-party file system filter driver
• 915377 - You experience slow performance when you try to access shared resources by using Windows Explorer on a client computer that is running Windows XP or Windows Server 2003 DFS - XP + 2003 hotfix
• 813546 - Slow Performance During a Remote Assistance Session File Transfer 2003
• 947773 - A Windows Server 2003-based computer responds slowly to RDP connections or to SMB connections that are made from a Windows Vista-based computer TCP autotuning
• 923360 - You may experience various problems when you work with files over the network on a Windows Server 2003-based or Windows 2000 Server-based computer with Symantec or eTrust antivirus software
• 822219 - You experience slow file server performance and delays occur when you work with files that are located on a file server with anti-virus and backup software
• 948572 - A handle leak occurs in a Server Message Block (SMB) session between two Windows Vista-based computers or between two Windows Server 2008-based computers

Application performance problems

• 816513 - Poor Program Performance Occurs in a Remote Terminal Services Session EmulateGetUiEffects
• Secrets for Optimizing Flash Performance Part 1 and Part 2 Citrix PS

Misc. performance problems

• 950086 - A memory leak may occur in the nonpaged pool memory on the Windows Server 2008-based terminal server when you log on to and log off from a Windows Server 2008-based terminal server through an RDP connection
• 312362 - Server is unable to allocate memory from the system paged pool
• 934330 - The Csrss.exe process in a terminal-server session continuously consumes more than 50 percent of CPU resources on a Windows Server 2003-based terminal server
• 817532 - Thread in the Csrss.exe process consistently uses 25 percent of the CPU on your Windows 2000 Server
• 837585 - Several orphaned Csrss.exe processes cause performance issues on a terminal server that is running Windows 2000 or Windows Server 2003
• 827350 - Clients cannot connect to a Terminal server when Csrss.exe and Termsrv.exe spike at 100 percent CPU usage
• 937375 - You experience slow performance and high CPU utilization on a Windows Server 2003 Terminal Server post-SP2 hotfix
• 840214 - Terminal Server users experience degradation in performance when they run 16-bit programs W2K
• 822834 - Spooler Failure Causes High CPU Usage in the Winlogon.exe and Spoolsv.exe Processes on a Windows 2000 Terminal Server
• 294745 - The Performance of the Remote Desktop Connection or the Terminal Services Client Is Affected by Animation

Citrix specific performance problems

• CTX101705 - Troubleshooting Slow Logons
• 936655 - A Citrix process uses 4 gigabytes (GB) of nonpaged pool memory on a Microsoft Windows Server 2003-based computer
• 839953 - A Citrix session may respond very slowly when you log on to the session from a Windows XP-based computer
• 821225 - A Windows 2000 Terminal Server That Is Configured with Citrix Metaframe Software Can Become Slow and Unresponsive
• 824309 - Very Long Logon and Logoff Times When You Try to Connect to Citrix MetaFrame or Citrix 1.8

User profiles

User profiles

Users should never use the same profile for their normal workstation logon and their TS sessions (to avoid profile corruption).
To set a TS-specific roaming profile:

1. Use the "Terminal Services Profile" tab in the AD account properties

or
2. use a Group Policy, linked to the OU which contains the Terminal Server machine account, and configure the setting

Computer Configuration - Administrative templates - Windows components - Terminal Services
"Set path for TS roaming profiles"

Note that you should not add %username% here, just something like \\server\TSprofiles.

To avoid filling up your system disk on the TS, combine both options above with the following setting (see KB 274152):

Computer Configuration - Administrative templates - System - User profiles
"Delete cached copies of roaming profiles"

And to make troubleshooting of user profiles a bit easier, configure this setting as well:

Computer Configuration - Administrative templates - System - User profiles
"Add the Administrators security group to roaming user profiles"

Vista / 2008

User profile design has changed with Vista and Windows 2008. Here's information about the new Version 2 user profiles and how to migrate from Version 1 (XP, 2003) profiles to Version 2 profiles:

• 947025 - Support guidelines for migrating roaming user profiles data to Windows Vista or to Windows Server 2008
• Managing Roaming User Data Deployment Guide

Configuration

• 246132 - User Profile and Home Directory Behavior with Terminal Services
• Using User Profiles in Windows Server 2003
• sepagoPROFILE: A comprehensive profile solution - white paper describing the concepts behind Windows user profiles and explaining common pitfalls and how to avoid them
• CTX110351 - User Profile Best Practices for MetaFrame Presentation Server
• 325364 - HOW TO: Create a Custom Default User Profile in the Windows Server 2003 Family
• 305709 - HOW TO: Create a Custom Default User Profile - W2K
• 321281 - The Desktop.ini File Does Not Work Correctly When You Create a Custom Default Profile - XP, 2003
• 236621 - Cannot Move or Rename the Documents and Settings Folder - W2K, 2003
• 817361 - Force Local Profile Option in Windows 2000
• 843261 - You cannot use Group Policy settings to configure Terminal Services roaming user profiles on a Windows 2000-based Terminal server - preSP5 hotfix
• 243535 - Terminal Services Client Roaming Profile Is Inconsistent or Overwritten
• 287566 - The Cache Option for Offline Files Must Be Disabled on Roaming User Profile Shares
• 327259 - Windows Server 2003 Checks for Pre-Created Roaming Profile Folders When You Make a Roaming User Profile
• 327462 - Windows XP SP1 and Windows 2000 SP4 Check for Existing Roaming User Profile Folders When a Roaming User Profile Is Created
• 320186 - HOW TO: Clean Profiles By Using the Cprofile Command in Terminal Services
• 944917 - Windows Vista uses the profile path that is defined on the Terminal Services Profile tab instead of on the Profile tab when a user logs on to a Windows Vista-based client computer by using a Remote Desktop session

Profile Load and Unload errors during Logon & logoff

• Download UPHClean v1.6 for 32-bit OS - the User Profile Hive Cleanup service helps to ensure user sessions are completely terminated when a user logs off
• Download UPHClean v2.0 beta for 64-bit OS
• CTX101705 - Troubleshooting Slow Logons
• 837115 - Troubleshooting profile unload issues
• 887434 - "Failed to load Terminal Server Profile path" event message is logged on a Windows Server 2003-based computer
• 911805 - You cannot load or unload a roaming user profile if it contains EFS files on a Windows XP-based or a Windows Server 2003-based client
• 928096 - A Windows Server 2003-based terminal server crashes when 30 to 40 users use roaming profiles to log on to or log off the terminal server - with Citrix MF and old version of UPHClean
• 933562 - Index.dat files are not deleted from the server when a user logs off a Terminal Services session to a Windows Server 2003-based computer
• 935642 - Error message and the terminal server roaming profile is not loaded when you log on to a Windows Server 2003-based terminal server
• 935649 - Error message when you try to log on to a Windows Server 2003-based terminal server: "Windows cannot load the user's profile but has logged you on with the default profile for the system"
• 944984 - The user profile may not be correctly unloaded when you log off from a Windows Server 2003-based computer, and event 1517 is logged
• 949665 - Roaming profiles do not work after migration from Windows 2000 to Windows Server 2003
• 951029 - User profiles are corrupted after you log off from a remote desktop session to a Windows Server 2003 Terminal Server on which Symantec AntiVirus 10.1 is installed


Windows 2000 specific
• 289564 - Issues When Windows 2000 Loads and Unloads Profile
• 293660 - Cannot Save Terminal Services Profile Locally If You Are a Member of a Guest Group on the Terminal Server
• 817171 - Roaming Profiles Are Not Unloaded on a Computer That Is Running Terminal Services - IE 6 on W2K
• 827825 - "Windows Cannot Unload Your Registry Class File" Error Message When You Log Off Terminal Services - pre-SP5 hotfix
• 828153 - UsrClasses Hive Does Not Unload During Logoff Because of an Intermittent Handle Leak in Spoolsv.exe - pre-SP5 hotfix
• 893104 - The Winlogon.exe system process quits without unloading the user profile when the screen saver starts on a Windows 2000 Terminal Server at the same time that you log off from a Terminal Services session - preSP5 hotfix

3rd party Profile management solutions

• sepagoPROFILE

Group Policies - GPOs

GPOs

When configuring a Terminal Server, Group Policies should be your first choice, rather than using the Terminal Services Configuration tool. The main advantage is that the settings will be applied to all servers in your farm, ensuring identical settings on all servers.

A crucial option in any TS-related GPO is loopback processing. This setting allows you to define a set of user settings, which will only be applied to users when they log on to the Terminal Server, without affecting them when they log on to their workstation.

The basic steps to use a GPO to configure a Terminal Server:

1. place the Terminal Server (not the users!) in a separate OU
2. create a TS-specific GPO
3. configure the GPO to use "loopback processing" with the "Replace" option (see KB 231287)
4. link the GPO to the OU which contains the Terminal Server machine account
5. add the Terminal Server machine account to the security list of the GPO
6. add a User group to the security list of the GPO (or keep the default entry for "Authenticated Users" if you want the settings in the GPO to apply to all users)
7. modify the rights for Administrators on the GPO: select "Deny" for the right to "Apply this policy" (see KB 816100)

How-To's, White papers

Windows Server 2008 / Vista

Windows Server 2008 introduces Group Policy Preferences, in addition to Group Policy settings. Confused? Read all about it here:

• Windows Server 2008 TechCenter: Group Policy
• Download the Group Policy Preferences overview
• Group Policy Preferences FAQ
• 943729 - Information about new Group Policy preferences in Windows Server 2008

• Windows Server 2008 & Group Policy Management Console (GPMC)
• Download the Planning and Deploying Group Policy guide
• Download the Managing Group Policy ADMX Files Step-by-Step Guide
• Download the ADMX Migrator - utility to convert your existing Group Policy ADM Templates to the new ADMX format
• 929841 - How to create a Central Store for Group Policy Administrative Templates in Window Vista
• Download the Group Policy Settings Reference for Windows Server 2008
• Group Policy Settings for Terminal Services in Windows Server 2008

Windows Server 2003 / XP / 2000

• Step-by-Step Guide for Configuring Group Policy for Terminal Services
• Download the Windows Server 2003 Group Policy Infrastructure White Paper
• Download the Group Policy Settings Reference for Windows 2003
• Download the Group Policy Management Console - 2003
• Download the Group Policy ADM Files for each OS / SP combination of W2K, XP and 2003
• 260370 - How to Apply Group Policy Objects to Terminal Services Servers
• 231287 - Loopback Processing of Group Policy
• 816100 - How To Prevent Domain Group Policies from Applying to Administrator Accounts and Selected Users in Windows Server 2003
• How can I lock down my standalone TS with a local policy without locking down the Administrator account?
• Download the Using Administrative Template Files with Registry-Based Group Policy White Paper (2003 and XP)
• 910203 - How to implement system policies for Windows XP-based, Windows 2000-based, and Windows Server 2003-based client computers in non-Active Directory environments
• 816662 - Recommendations for managing Group Policy administrative template (.adm) files (2003)



• 322143 - HOW TO: Administer GPOs in Windows 2000
• 323639 - HOW TO: Create Custom Administrative Templates in Windows 2000
• 307900 - Upgrading Windows 2000 Group Policy for Windows XP (applies also to 2003)

Known problems and trubleshooting tools

Windows 2008

• 950876 - Group Policy settings are not applied on member computers that are running Windows Server 2008 or Windows Vista SP1 when certain SMB signing policies are enabled

• 250842 - Troubleshooting Group Policy Application Problems
• Download Group Policy Log View - a utility you use to export Group Policy event data from the system and operational log into a text, HTML, or XML file
• 940122 - How to use the Microsoft Group Policy Diagnostic Best Practice Analyzer (GPDBPA) tool to collect and to analyze data
• 910206 - How to troubleshoot Group Policy object processing failures that occur across multiple forests
• 887303 - Applying Group Policy causes Userenv errors and events to occur on your computers that are running Windows Server 2003, Windows XP, or Windows 2000
• 932460 - Error message when a domain administrator or a local administrator uses the GPResult.exe tool or runs an RSoP query in Windows Server 2003: “Access denied”
• 896669 - When use the Group Policy Object Editor on a computer that is running Windows Server 2003 or Windows XP to change GPOs on a remote domain controller, the changes do not take affect for a long time
• 951059 - On a Windows Server 2003-based computer, registry-based policy settings are unexpectedly removed after a user logs on to the computer
• 555218 - Some Group Policy areas are missing from the Group Policy Editor

TS related GPO issues

• 274443 - How to dynamically create security-enhanced redirected folders by using folder redirection in Windows 2000 and in Windows Server 2003
• 888203 - How to stop Folder Redirection in Windows Server 2003 and in Windows 2000 Server
• 938380 - After you apply a GPO to redirect a folder to a network share on Windows XP-based or on Windows Server 2003-based client computers, the redirected folder is empty
• 949143 - Windows Vista-specific folder redirection policies are removed from a GPO when you connect to an AGPM server component that is installed on a Windows Server 2003-based member server



• 231289 - Using Group Policy Objects to hide specified drives
• 818465 - HOW TO: Use Group Policy to Permit Users to Redirect and Play Audio in a Remote Desktop Session to Terminal Services in Windows Server 2003
• 324807 - How To Use Group Policy to Configure Automatic Logon in Windows Server 2003 Terminal Services
• 890864 - Some idle session Group Policy settings do not work if you try to use them on a Microsoft Windows XP Professional-based computer that is in a domain environment
• 839918 - Hotfix that lets you control whether a user can save a password for Remote Desktop Connection sessions to a terminal server in Windows XP or in Windows 2000