Here's the powershell script that I used on the last one that I built that seemed to work:
[CmdletBinding()]
Param(
[Parameter(Mandatory=$True,HelpMessage="Specifies the FQDN that clients will use when connecting to the deployment.",Position=1)]
[string]$ClientAccessName,
[Parameter(Mandatory=$False,HelpMessage="Specifies the RD Connection Broker server for the deployment.",Position=2)]
[string]$ConnectionBroker="localhost"
)

$Host.UI.RawUI.BackgroundColor = "Black"; Clear-Host

$CurrentUser = New-Object Security.Principal.WindowsPrincipal $([Security.Principal.WindowsIdentity]::GetCurrent())
If (($CurrentUser.IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)) -eq $false)
{
$ArgumentList = "-noprofile -noexit -file "{0}" -ClientAccessName $ClientAccessName -ConnectionBroker $ConnectionBroker"
Start-Process powershell.exe -Verb RunAs -ArgumentList ($ArgumentList -f ($MyInvocation.MyCommand.Definition))
Exit
}

Function Get-RDMSDeployStringProperty ([string]$PropertyName, [string]$BrokerName)
{
$ret = iwmi -Class "Win32_RDMSDeploymentSettings" -Namespace "root\CIMV2\rdms" -Name "GetStringProperty" -ArgumentList @($PropertyName) -ComputerName $BrokerName
-Authentication PacketPrivacy -ErrorAction Stop
Return $ret.Value
}

Try
{
If ((Get-RDMSDeployStringProperty "DatabaseConnectionString" $ConnectionBroker) -eq $null) {$BrokerInHAMode = $False} Else {$BrokerInHAMode = $True}
}
Catch [System.Management.ManagementException]
{
If ($Error[0].Exception.ErrorCode -eq "InvalidNamespace")
{
If ($ConnectionBroker -eq "localhost")
{
Write-Host "n Set-RDPublishedName Failed.nn The local machine does not appear to be a Connection Broker. Please specify then FQDN of the RD Connection Broker using the -ConnectionBroker parameter.n" -ForegroundColor Red } Else { Write-Host "n Set-RDPublishedName Failed.nn $ConnectionBroker does not appear to be a Connection Broker. Please make sure you have n specified the correct FQDN for your RD Connection Broker server.n" -ForegroundColor Red
}
}
Else
{
$Error[0]
}
Exit
}

$OldClientAccessName = Get-RDMSDeployStringProperty "DeploymentRedirectorServer" $ConnectionBroker

If ($BrokerInHAMode.Value)
{
Import-Module RemoteDesktop
Set-RDClientAccessName -ConnectionBroker $ConnectionBroker -ClientAccessName $ClientAccessName
}
Else
{
$return = iwmi -Class "Win32_RDMSDeploymentSettings" -Namespace "root\CIMV2\rdms" -Name "SetStringProperty" -ArgumentList @("DeploymentRedirectorServer",$ClientAccessName) -ComputerName $ConnectionBroker
-Authentication PacketPrivacy -ErrorAction Stop
}

$CurrentClientAccessName = Get-RDMSDeployStringProperty "DeploymentRedirectorServer" $ConnectionBroker

If ($CurrentClientAccessName -eq $ClientAccessName)
{
Write-Host "n Set-RDPublishedName Succeeded." -ForegroundColor Green Write-Host "n Old name: $OldClientAccessNamenn New name: $CurrentClientAccessName"
Write-Host "n If you are currently logged on to RD Web Access, please refresh the page for the change to take effect.n"
}
Else
{
Write-Host "n Set-RDPublishedName Failed.n" -ForegroundColor Red
}

I installed a 3rd party cert for my RDS server. It looks like it's using the cert for everything. The only problem is that the remote computer name is the local name, so when the remote app launches, I get prompted twice:


If I run a script to change the published name, I get this error:

Am I going about this wrong? I believe I used the same script on the last RDS server I built.

running powershell as admin.

Even if I try to create a new session, it bombs: (this is after running Enable-PSRemoting)

PS C:\Windows\system32> New-SessionDeployment -ConnectionBroker rds2.mydomain.com

cmdlet New-SessionDeployment at command pipeline position 1
Supply values for the following parameters:
SessionHost[0]: rds2.mydomain.com
SessionHost[1]:
New-SessionDeployment : Validation failed for the "RD Connection Broker" parameter.
rds2.mydomain.com Unable to connect to the server by using Windows PowerShell remoting. Verify
that you can connect to the server.
At line:1 char:1

• New-SessionDeployment -ConnectionBroker rds2.mydomain.com

•   + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,New-SessionDeployment

Pretty much every powershell command I do says there isn't a deployment on this server and goes like this:

PS C:\Windows\system32> Get-RDDeploymentGatewayConfiguration
Get-RDDeploymentGatewayConfiguration : A Remote Desktop Services deployment does not exist on
rds.myServer.com. This operation can be performed after creating a deployment. For information about
creating a deployment, run "Get-Help New-RDVirtualDesktopDeployment" or "Get-Help New-RDSeserveronDeployment".
At line:1 char:1

• Get-RDDeploymentGatewayConfiguration

•   + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Get-RDDeploymentGatewayConfiguration

I should add that at the moment I can pull up the web page of the remote apps and also RDP to the server, so it's kind of working, I just can't modify anything to try to fix the blocking issue.

Also as part of my troubleshooting, I disabled the RDPguard service and firewall since it seemed like something like that was killing it. It made no difference, so I turned them back on.

I have a RDS server that seems to have gone bad. The problem started when it stopped accepting RDP logins and stopped allowing Remote Apps to be launched. We would reboot the server and it would allow people to connect again, and then in as little as 5 minutes it stopped accepting connections. Some people that were connected could stay connected, but it dropped others.

After finding nothing in the event logs, we decided to restore the server from a day before the problem started showing up. It seemed ok, and then the same problem started again. The only errors I have in the event log are a couple of TLS errors that show up sometimes at the same time I have been denied, but not always. I was about to change the cert from a 3rd party back to a server generated self signed cert, but now I can't manage the server. It thinks the RDS role is gone.

If I try to add the role, it gives mean the error:
Could not retrieve the deployment information from the RD Connection Broker Server <server name>

Any ideas?

how many computers have the card readers? Instead of messing with the rest of the company's drive letters you could script something like:

diskpart
select vol g
assign letter=b

You have to put the diskpart commands in .txt file and then specify that as the script for diskpart to use, but you get the idea. Just move the local media card reader to a letter that's not used by the company and be done with it.

vssadmin add shadowstorage /for=e: /on=e: /maxsize=100GB

did the trick. I had to use command line since this a Hyper-V core install.

I also ran this command to make sure that space was allocated:

vssadmin add shadowstorage /for=e: /on=e: /maxsize=100GB

I also checked most of the VMs (there were a couple linux ones I couldn't) and they all have plenty of free space.

For anyone else that has a bunch of Windows VMs to check for free space, you can use the command:

Get-WmiObject -Class Win32_logicaldisk -ComputerName YourVMname

to check each one without having to log in to each individual VM.

A lot of articles say that the disk is out of space. This is what I have on that volume:
E:>dir
Volume in drive E has no label.
Volume Serial Number is 525D-42DA

Directory of E:\

05/07/2014 12:04 PM <DIR> Apps Backup
09/14/2016 12:25 AM <DIR> Hyper-V
09/30/2016 12:08 AM <DIR> temp
0 File(s) 0 bytes
3 Dir(s) 2,099,514,732,544 bytes free

This event gets thrown when I try to run a backup:

The description for Event ID 23 from source volsnap cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.

If the event originated on another computer, the display information had to be saved with the event.

The following information was included with the event:

\HarddiskVolumeShadowCopy8
E:
\?\Volume{e9184b64-e4cd-49fa-9b8b-964df0eccbb5}

@Dashrender None of the other machines on the domain take that long to log in. If they did, there are tricks you can use to speed up your printer deployment.

Backups are failing on a Hyper-V host. I ran:
vssadmin list writers and they are all stable, except this one:

Writer name: 'Microsoft Hyper-V VSS Writer'
Writer Id: {66841cd4-6ded-4f4b-8f17-fd23f8ddc3de}
Writer Instance Id: {51bed8ad-30e7-4657-abb3-8161879e3d1d}
State: [7] Failed
Last error: Timed out

I shutdown all the VMs, rebooted the host, brought the VMs up and that didn't fix it.

I ran this to re-register the VSS DLLs:

Re-registering Vss Dlls

cd /d %windir%\system32
net stop vss
net stop swprv
regsvr32 /s ole32.dll
regsvr32 /s oleaut32.dll
regsvr32 /s vss_ps.dll
vssvc /register
regsvr32 /s /i swprv.dll
regsvr32 /s /i eventcls.dll
regsvr32 /s es.dll
regsvr32 /s stdprov.dll
regsvr32 /s vssui.dll
regsvr32 /s msxml.dll
regsvr32 /s msxml3.dll
regsvr32 /s msxml4.dll
vssvc /register
net start swprv
net start vss

I still have the same result. What should I try next?

As soon as I deleted the GPO my login time went from 5 minutes to a few seconds, so I knew that was the issue.

I'm not sure what the problem was, but what I ended up doing was backing up the GPO, deleting the GPO, restoring the GPO, and then linking it back where it should have been linked. I'm not sure why, but that fixed the problem.

This is more a matter of routing by port number than by DNS.

@NashBrydges said in [Ubuntu Server 2 Network Interfaces

To be clear about my intended use, I want to have HTTPS traffic from the internet continue to route to the server via its public IP address. The site-to-site VPN is to allow all other traffic. If I setup a simple site-to-site VPN, then ALL traffic will route through the VPN. This is not what I want to do since I have a dyamic IP and the server needs to be reachable via the domain name. My public DNS records can't point to my dynamic IP without having to be changed whenever my IP changes.

Is it really that much cheaper for DSL? Since the fiber is already built out, won't they let you drop the speed/rate? Normally they don't like to decrease their minimum monthly spend, but if you're going to leave them entirely, they might make an exception.

It looks like the cameras are almost double the cost. What about the NVR software? Can anyone make any recommendations? It looks like if you go with their software you pay ~$30 per device on top of the software license. (which I can't seem to find pricing on.) Does anyone have any experience with Axis pricing?

@Jason said in Ubnt NVR more than 50 cameras:

Just go with an Axis system

Why Axis? This is an honest question. I have set them up before, but a vendor gave us the cameras, so the cost of the cameras wasn't an issue. They also gave us a license of some software that I don't really care for. The camera's were nice, but seems like they cost way more than Ubiquiti.