In some cases (DNS changes, expired certificate, etc.) you have to renew a certificate on your RD Webservers. I hat to do this today on a environment wit two RD Web Servers load balanced by a F5 Loadbalancer. But just replacing the web certificate on the RD Connection broker was not enough.
For some reason the cert was not valid after the replacement.
- Delete all the old certificates in the personal store of the RD Webservers
- Reboot the Webservers
- Request a new certificate by using certlm.msc of one of the RD Webservers
- Export the .pfx file for the Connection Broker
- Redeploy the certificate using the Server Manger / Remote Desktop Services / Deployment Overview / Tasks / Edit Deployment Settings
This should allow you to access the RD Websites without having any certificates warnings.
During a VDI deployment by one of our customer we ran into an issue with the RDS Connection Broker in HA mode. The user were unable to login to the pool.
The error in the RD Management Server Event Log showed up with Config sync failed. Following error occurred: 0x88250001
One of the reason causes this issue was the Licenensing Server which did not have a User or Device selection. So we changed that to “User” for our case.
But after this, users where still unable to login.
To get rid of this error, change the active Connection Broker Server using the Remote Desktop Management Admin Console:
Deployment Overview – Tasks – Set Active Remote Desktop Connection Broker server
This solved the logon problems to the VDI Pool.
Hope this helps someone.
Hi – It’s me, Al
Blog post updated: July 19th 2017
Remote Desktop Services (RDS) on Windows Server 2012 R2 is now on market since a while. Let’s have a look at the 2012 R2 Certificate configuration (for a Lab).
First we have to create a template on the internal Certificate Authority (CA). We use a Workstation Authentication Template for that. Open your CA Manager – Cartificate Templates – Manage
Duplicate the “Workstation Authentication” Template.
Continue reading “How to deploy Remote Desktop Services 2012 R2 Certificates using internal CA #RDS”