I've found myself in the same scenario as you. Deploying Remote Desktop on a standalone Server 2012 box is quite hard, because the guys at Microsoft don't let you run this on a domain-less network and if you do, you can't manage all the settings.
So, you can install a workgroup-based-box and get the Remote Desktop roles working on it. We need also to install Remote Desktop Licensing features on the same machine. But, once at this point, even if you have proper RDS CALs installed on the server, when the user logs in, receives the message that the trial period is on.
I've finally managed to get it working, at least something like the good-old Terminal Services we used to know. That's working for me on two production machines of small clients who need RDS but can't afford having two servers on their network.
Here we go:
Install the Remote Desktop Licensing and the Remote Desktop Session Host role services using the following steps:
- Open Server Manager
- Click on Manage and select Add Roles and Features
- Select Role-based or Feature-based installation
- Under Remote Desktop Services, choose Remote Desktop Licensing and Remote Desktop Session Host role services.
- Proceed with installation
Add the License Server to Terminal Server License Servers group and restart the Remote Desktop service (you can use licmgr.exe
)
Add the licenses to the license server.
Configure the Remote Desktop Session Host role with to use the local Remote Desktop Licensing server. Follow these steps:
- Open PowerShell as administrator
- Type the following command on the PS prompt and press Enter:
$obj = gwmi -namespace "Root/CIMV2/TerminalServices" Win32_TerminalServiceSetting
Run the following command to set the licensing mode (Note: Value = 2 for Per device, Value = 4 for Per User, we use per-user)
$obj.ChangeMode(4)
Run the following command to replace the machine name with License Server (mylicenseserver
is the name of your server):
$obj.SetSpecifiedLicenseServerList("mylicenseserver")
Run the following command to verify the settings that are configured using above mentioned steps:
$obj.GetSpecifiedLicenseServerList()
You should see the server name in the output.
Once done this, reboot the system and log in with any user (if using a workgroup, you know your users must be part of the Remote Desktop Users
) and the trial period message will dissapear.
Source of all this mess: http://support.microsoft.com/kb/2833839
Managing with Powershell
There are a few things you can manage with Powershell
. To see the commands try:
import-module RemoteDesktop
get-command -module RemoteDesktop
There is a list of commands you can execute via Powershell to manage your box. However, I've tried a few but some of them require you to have some extra features installed, that can't be deployed on the scenario we are talking about.
If none of the above works for you, there is a way to reset the grace period to the initial 120 days. Of course, I don't recommend doing this, as the user will keep noticing the message. Of course, you'll need to purchase proper licenses.
To reset the counter, just delete this registry key:
HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM\Grace Period
Of course, you'll need extra-privileges to do that, executing regedit
as administrator will not work. Try this:
- Get PSEXEC
- Start a cmd as administrator
- run
psexec -s -i regedit.exe
- delete the desired key
- reboot
Hope some of this works for you. If you do some advances with Powershell and RDS, let us know.
Start by checking the basics as described in Microsoft's technet article on event 1130:
Make sure the Remote Desktop server has network connectivity to the licensing server. If you can ping the licensing server, you're probably OK as far as the basics go (but see below).
Make sure the license server is configured to be automatically discovered. Use the "Review Configuration" Action in the Remote Desktop Licensing Manager.
Check that the Remote Desktop server can discover the license server. Using the Licensing Diagnosis option in Remote Desktop Session Host configuration, make sure the licensing server appears in the list.
Check that the licensing service is running on the license server. The service name is TermServLicensing, the friendly name may be "Terminal Services
Licensing" or "Remote Desktop Licensing" depending on the version of Windows.
If you are using Windows Firewall, check that the Remote Desktop Licensing Server exceptions are enabled on the license server. If you are using a third-party firewall, or if there is an external firewall between the Remote Desktop server and the licensing server, make sure all the relevant ports are opened. See this forum thread, and also Which ports are used by a RDS 2012 deployment? on Technet.
In my case, however, the problem was with the Local Security Policy on the license server, specifically the "Access this computer from the network" option under User Rights Assignment. Although it does not appear to be documented, the Active Directory computer objects representing the Remote Desktop servers must be granted this right, either explicitly or indirectly. (The default setting includes Everyone, which is sufficient to allow Remote Desktop licensing to work.)
Once this access right was granted, the next Remote Desktop logon caused the missing X509 Certificate registry entries to be created, and event ID 1130 stopped appearing.
You should also check the "Deny access to this computer from the network" setting, which takes precedence, and any other configuration changes you might have made to the licensing server which could affect the Remote Desktop server's ability to establish an IPC logon. The security event log on the licensing server may be useful in determining whether the IPC logon is successful or not.
Additional notes:
If one of your Remote Desktop servers is experiencing this or any similar problem, you can still log into it remotely for troubleshooting purposes using this command line:
mstsc /admin /v:servername
In case the link in the question goes dead, you can reset the grace period as a temporary workaround by deleting the REG_BINARY
value in this key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM\GracePeriod
(This is of course unsupported and should be used only with due care and at your own risk.)
If you have experienced the same problem but due to a cause not covered by my self-answer, please post another answer (preferably) or a comment. Thanks in advance!
Best Answer
For the basic setup under
You will need to make-sure you have installed and configured
The error above looks as though the the database that the Connection Broker uses can't be accessed, by default it will use a windows internal database unless you have configured the server as High Availability using a shared databases.
If you run through the Remote Desktop Services Installer again to verify your installation.
It is not recommended to run Remote Desktop Services role and Active Directory Domain services on the same server, I am guessing your DC is separate but your are not clear in your in question. Personally I would never run it in Server 2012 Environment it was next to impossible and required an update.