Good Morning AskPerf!  Welcome to Day Fifteen of our Launch Series.  There is only one more week to go!  If you remember Windows Server 2003 R2 then you probably also remember that Terminal Services (as it was called then) didn’t change much from Windows Server 2003.  The same cannot be said for Remote Desktop Services in Windows Server 2008 R2 when compared to Windows Server 2008.  Today’s post is a brief one where we’ll be taking a look at an overview of Remote Desktop Connection Broker - not only at what is new, but how it is different from its predecessors.  In part 2, we will dive in to the specifics of how to configure and put Connection Broker to work for you in your business.

First, let’s look at a little history of Windows Terminal Services.  Since Windows Server 2003, we have had the ability within Terminal Services to be deployed as a farm where multiple servers were pooled together as a single resource.  This provided the ability to scale out and increase the number of users that could access applications over Terminal Services by distributing them amongst several servers instead connecting hundreds of users to a single server.  If you added in Microsoft Network Load balancing then you could also balance the load across servers in the farm.  This deployment presented some problems though, for example when user sessions were disconnected.  How did we make sure the user is returned to their previous session when they do not know which server they were connected to in the first place?  The solution was Session Directory, and in Windows Server 2003 this was implemented in the Terminal Server Session Directory service.  It was called Session Directory because that is basically what it was, a directory (or database) of sessions for each user in the farm.  The only job Session Directory had in Windows Server 2003 was to redirect a user to a disconnected session.  Load balancing was accomplished with Network Load Balancing or a hardware device like BIG-IP. 

In Windows Server 2008, Session Directory was extended to include load balancing support that was previously only available with hardware devices from companies like Cisco and f5, or software like Microsoft Windows Network Load Balancing.  The feature was renamed to Session Broker and has two main functions:

1. Redirect users to their disconnected sessions
2. Evenly balance the load among servers in the farm

Session Broker was able to add basic load balancing functionality by leveraging the already existing database of sessions in the farm and using that to make a basic load balancing decision.  The topology for Session Directory / Session Broker on Window Server 2003 and Windows Server 2008 looks like this:

The best things about RD Connection Broker in Windows Server 2008 R2 are not what was changed, but rather what was added. RD Connection Broker still supports the same disconnected session redirection and load balancing features of its predecessors, while adding support for pooling RemoteApps from multiple servers and brokering connections to virtual desktops that can be either personalized for each user or assigned to users from a pool of available virtualized desktops.  This is main reason for the name change, as this service now brokers more than just sessions, it brokers connections to applications and desktops that are deployed via Remote Desktop Services and Hyper-V.

The real power of RD Connection Broker is when it is used with Hyper-V and the Remote Desktop Virtualization Host to deploy entire desktops to users, where that desktop is no longer a session on a Terminal Server but a virtual machine.  Working with the RD Virtualization Host, RD Connection Broker now also manages all of these connections and allows for redirection to a standard Remote Desktop session, a RemoteApp session, a personalized virtual desktop, or a connection to a virtual machine pool.  We’re not going to go into too much detail about Remote Desktop Services Virtualization in this post – you’ll have to wait until the day after tomorrow for that!  However, in a nutshell, RD Virtualization Host uses Remote Desktop Connection Broker to determine where the user is redirected.

That’s it for today – a brief post as I mentioned, but the information here relates to the next couple of posts.  I’ll be back tomorrow with Part Two of this post.  Take care!

- Don Geddes

Share this post :

Welcome back – Happy Friday!  Day Sixteen of our Windows 7 / Windows Server 2008 R2 Launch Series is upon us. There are only six more days to go and excitement is growing!  Following on from yesterday’s post, today we’re going to take a look at the specifics of Connection Broker for Windows Server 2008 R2 in this post and look at exactly how you configure and use the new features of this enhanced technology for Remote Desktop Services.

As with other server roles and role services, installing Connection Broker is very straightforward. The easiest way to do this is by using Server Manager and selecting the Connection Broker role service under the Remote Desktop Services role service:

You should not be asked any other questions at this point and the Connection Broker service should install with no further prompts.  You will likely not even to reboot the server after the installation.  One quick note here - you will want to choose a server that is not also a RD Session Host or has other roles like RDS Gateway on which to install the RD Connection Broker if possible.  A Domain Controller makes a good candidate for a RD Connection Broker as it will usually not also have one of the other RDS roles except Remote Desktop Licensing.  Prior to Windows Server 2008 R2, the Session Broker service itself didn’t require any configuration.  There really wasn't anything you could configure anyway, since all of the settings were displayed and controlled on the Terminal Servers themselves.  You should notice right away that Windows Server 2008 R2 and Connection Broker now has a management interface:

The Remote Desktop Connection manager is used to configure the new Connection Broker features, and you will soon see that Connection Broker is now complex enough that it was obvious a management user interface was needed.  I am going to use a simple Remote Desktop Server farm with 2 Remote Desktop servers hosting RemoteApps to show how to configure Connection Broker to manage a simple farm.  Some of this was covered yesterday in Dane’s post on RemoteApp and Desktop Connection.  Previously in Windows Server 2008, if you wanted to deploy RemoteApps in a farm you had to build identical servers with the same RemoteApps on each server and then deploy the farm to users.  With Connection Broker in Windows Server 2008 R2 you now have the choice to combine RemoteApps from Remote Desktop servers that have different RemoteApps installed and present them to users on the same web page. To do this, we start by adding RemoteApp sources in Connection Manager. Click on Add RemoteApp Source:

Pay close attention to the warning icon.  The icon is there to remind you that you must add the computer account for the Connection Broker sever to the TS Web Access Computers group on the RD Session Host server.  This is a common misconfiguration so to keep this straight think of it this way: You need to explicitly grant permission to any server that will load RemoteApps from your RD Session Host server.  Remember that you get RemoteApps when you install RD Session Host on a server, and once you have installed your RemoteApp applications and configured them as RemoteApps you must allow your Connection Broker to query your RD Session Host and retrieve a list of RemoteApps.  The same thing needed to be done with TS Web Access in Windows Server 2008 and it still applies in Windows Server 2008 R2.

To view your RemoteApp sources and make sure they were successfully added, go to RemoteApp Sources under Remote Desktop Connection Manager in the left pane of Server Manager:

I have two RemoteApp servers and they both have different RemoteApps installed, so I added them both as RemoteApp sources to Connection Broker.  Now when a user visits the RemoteApp and Desktop Connection page they will see all of the RemoteApps from both servers configured as RemoteApp sources in Connection Broker, provided that I configure the page to load RemoteApps from the Connection Broker:

To complete the configuration though make sure you give the RD Web Access server the explicit permission to query the Connection Broker and retrieve a list of RemoteApps.  This is done automatically when you click Click Add under the RD Web Access servers configuration in the Remote Desktop Connection Manager:

In this example, the Connection Broker and the RD Web Access server are the same server as it has both role services installed, but this should give you the general idea.  Basically, the RemoteApps flow like this: RD Session Host Server <--> Connection Broker <--> Web Access  <—> Client

If you select one or more RemoteApp sources in the RD Web Access configuration above then you are not using Connection Broker to manage your RemoteApps and instead you would enter either a DNS farm name that resolves to one server in a farm with multiple servers that all have the same RemoteApp installed, or you must enter one or more RemoteApp sources separated by a semicolon.  This is essentially the same as how things worked in Windows Server 2008 with one exception: You could only add one RemoteApp server or a RemoteApp farm to TS Web Access.

I don’t want to get too deep into the way Connection Broker helps you deploy virtual desktops as there is going to be a separate blog post about that topic, but I do want to look at the UI of Connection Manager and how you configure the Connection Broker.

The first thing that must be done is to add an RDV server. This is done by clicking on Add next RD Virtualization Host servers:

The RDV Host is the server where RD Virtualization Host was installed, or your Hyper-V server. If Hyper-V is not installed when you install the RDV then it will be added as a required role service.

Once you have added your RDV Host server you would then add a RD Session Host redirector (which is basically a RDS Host in drain mode:

Finally, you would then assign Personal virtual desktops if you are going to use them by clicking on Assign next to Assign Personal virtual desktops to run the wizard:

That’s it for today!  CC will be back tomorrow with a look at Remote Desktop Virtualization (RDS-V).  Enjoy the rest of your Friday!

-Don Geddes

Share this post :

Good Morning AskPerf Nation!  Our Launch Series is at Day Seventeen.  There are only five more days to go!  Today we’re continuing on with Remote Desktop Services, with a look at Remote Desktop Services Virtualization (or RDS-V, for short).  You may also hear RDS-V referred to as Virtual Desktop Infrastructure (VDI).  RDS-V provides remote desktop access to managed desktop environments hosted in Hyper-V on Windows Server 2008 R2.  OK, there are way too many technical buzzwords in that last sentence, aren’t there?  Simply put, in the same way that RemoteApp makes applications available to users through individual Remote Desktop Services sessions, RDS-V provides access to specific virtual machines (desktops) through a similar mechanism.  So, what does it really do?

RDS-V uses the Remote Desktop Connection Broker to determine where the user is redirected.  If a user is assigned and requests a personal virtual desktop, RD Connection Broker redirects the user to this virtual machine.  If the VM is not turned on, RD Virtualization turns on the VM and then connects the user.  If the user is connecting to a shared virtual pool, then the RD Connection Broker checks to see if the user already has a connected session in the pool.  If the user has a disconnected session then they are reconnected to that VM.  If the user does not have a disconnected session, a VM in the pool is dynamically assigned to the user – if one is available.  A quick note here, the Hyper-V server role has to be installed on the same system that has the RD Virtualization role service installed.  Let’s take a quick look at the fairly simple high-level RDS-V topology:

The different components of RDS-V are as follows:

• Connection Broker– given an authenticated user and their associated request for an application or desktop, the Broker determines which RDS Server or VM image can best satisfy the request
• Redirector– RD Session Host Server whose purpose is to query the Broker on the RDS Client’s behalf.  After querying the Connection Broker, the Redirector sends an RDP redirection packet back to the RDS Client
• RDS Assignment Database– representation of the AD Schema extensions that provide end-user mappings to a particular VM Host image
• Web Portal– web page that shows the user all the applications / desktops they can access
• VM Host– Machine on which the VM images are hosted.  The VM Host Agent service runs on this machine.  The service is controlled by the Connection Broker and can perform certain actions such as spinning up a VM image

The diagram above breaks out the different components and their functions.  Let’s take a closer look at the Connection Broker’s functions:

There are some basic steps that the Connection Broker performs.  If the endpoint for the request is a farm, then the Connection Broker has to check the cache of user sessions to see if there is an existing disconnected session within that particular farm.  The key here is that the disconnected sessions are farm-specific. If the user does not have a session, the Connection Broker chooses the best machine or VM image within the farm.  There is also some machine logic that takes place.  Connection Broker calls into the type-specific VM Plug-in to carry out what is called Placement.  This action involves the plug-in move the necessary VM image to the best VM Host and then return the name of that host.  For VM calls specifically (as opposed to RemoteApp requests), the Connection Broker calls into the VM Host Agent to spin up the VM image.  This is called Orchestration.  The return value of this step is a list of IP addresses for the final machine / image to which the RDS Client should be redirected.  These steps are executed each time a user connects.  In addition, the Connection Broker also has a “Pool Creator”.  This component coordinates the creation of VM farms by directing VM Host Agents to create farm-joined VM instances out of template VM images.

The flowchart below outlines the logic that is followed by the Connection Broker when a VM connection request is made:

OK folks – with that, we’ve reached the end of today’s post.  A couple of quick things to keep in mind:

1. Don’t install the Remote Desktop Virtualization (RD Virtualization) role service on the same system on which you have installed the Remote Desktop Connection Broker (RD Connection Broker) role service
2. The RD Virtualization server is only needed if you plan to deploy and configure virtual machines as virtual desktop pools or personal virtual desktops
3. Before configuring the Remote Desktop Session Host (RD Session Host) server to provide redirection to virtual desktops, ensure that the computer account for the RD Session Host server is a member of the Session Broker Computers group on the Remote Desktop Connection Broker (RD Connection Broker) server

Now, I know that we didn’t do a full walkthrough on the “How To’s” for this entire process.  If that’s something that you would like us to go over – let us know.  And now, we really are at the end of our post.  I’ll be back tomorrow with a look at Remote Desktop Services IP Virtualization.  Until tomorrow …

- CC Hameed

Share this post :

Happy Sunday everyone!  It’s Day Eighteen of our Windows 7 / Windows Server 2008 R2 Launch Series – only four more days to go till the big day!  Today we’re wrapping up our look at some of the new Remote Desktop Services features with a quick overview of Remote Desktop IP Virtualization (RD IP Virtualization).  RD IP Virtualization allows IP addresses to be assigned to remote desktop connections on a per-session or per-program basis.    Prior to Windows Server 2008 R2, every session on a remote desktop server had the same IP address.  I’m sure some of you are wondering, “Well, OK – big deal.  Why does that matter?”  Think about applications that require a unique IP address for each instance of the application.  Clearly having a single IP for all the sessions, can cause a number of application compatibility problems – consider the scenario below where the backend database server refuses the second and third client connections based on their use of the same IP address as the first connection.

OK, let’s take a quick look at the architecture of the RD IP Virtualization feature.  User mode applications using WinSock will be able to get Virtual IP’s – the application itself does not need to be aware of RD IP Virtualization or need to be changed in any way.  However, there are some caveats – services in Session 0 will not be virtualized, nor will applications and services running inside the a remote administrator session.  In addition, applications that use named pipes or any other mechanism besides sockets will not be virtualized.  The RD IP Virtualization Service depends on a valid DHCP Server being active.  A pool of static addresses can also be configured.  The actual process for assigning the IP Addresses is as follows (the diagram below shows the sequence):

1. The RD IP Virtualization Client Layered Service Provider (LSP) intercepts WinSock bind() and connect() calls.  It calls the RD IP Virtualization Service and requests IP addresses
2. The RD IP Virtualization Service calls into the DHCP client.  This call returns either a Machine IP (MIP), Virtual IP (VIP) or an access denied error
3. The RD IP Virtualization Client writes the VIP address to the WTSInfoClass which is returned by WTSQuerySessionInformation().
   • In order to determine what users have what IP’s at what time, WTSEnumerateSessions is called to get a list of sessions
   • For sessions in the list, WTSQuerySessionInformation is called to get the IP Address.  The session is not virtualized if the call fails and GetLastError() returns ERROR_NOT_SUPPORTED or RPC_S_SERVER_UNAVAILABLE
   • WTSQuerySessionInformation is also called to retrieve the user name for the session

Now let’s look at how applications get their IP Addresses and what RD IP Virtualization does in each case.

WinSock provides a pluggable Service Provider Infrastructure (SPI) that facilitates the interception of the WinSock API calls.  Applications don’t know about the SPI – they make their normal WinSock API calls to get network addresses.  Transport Service Providers (TSP) are services that set up the connection or transfer data.  There are two different types of TSP – Layered Service Providers, that we mentioned above, that intercept the WinSock API calls, and Base Service Providers (BSP) that implement lower-level protocols such as TCP/IP.  Namespace Providers (NSP) are services that associate network addresses with human-friendly names.  Since the applications using Namespace Service Providers are also WinSock applications, they are intercepted and assigned VIP’s as well.  The diagram below gives you an idea of how this all interacts:

Now that we’ve looked at some of the underlying architecture, let’s take a look at the functional pieces.  RD IP Virtualization is installed as part of the Remote Desktop Server Session Host role service, but by default it is set as “Not Enabled”.

To enable IP Virtualization, check the box as shown below, and click on Apply.  You can then select if you are going to use Per Session or Per Program mode as well as select which NIC to use to host the Virtualized IP Address.

Important: If your computer has more than one network adapter, you must choose per program. Using per session Remote Desktop IP Virtualization with more than one network adapter installed on the computer is not supported.

Before we wrap up, let’s take a look at how to configure a Static IP Pool for RD IP Virtualization.  Normally you would allow your DHCP server to handle the addresses, but if you want to set up a specific set of IP addresses (possibly due to firewall rules etc), here’s how you go about doing that.  Remember that these addresses need to be excluded from the list of addresses that your DHCP server can hand out so that you can avoid IP Address conflicts!  The basic steps are to turn on Static IP via the registry (there is no UI method to do this), then choose your IP Virtualization mode (per-app or per-session) and add your IP address information.  Let’s walk through the process.

The first step is to pop open REGEDIT.EXE and navigate to the HKLM\SYSTEM\CurrentControlSet\Control\TerminalServer\TSAppSrv\VirtualIP key.  Once you are at that key, you’ll need to add the following values:

• EnableVirtualIP – set this to a DWORD value of 1
• VirtualMode – set this to a DWORD value of either 0 (per-session mode) or 1 (per-application mode)
• AdapterAddress – set this to a String (REG_SZ) value with  the MAC address of Physical Network card that you are using for the IP Address Virtualization
• IPPool – set this to a String (REG_SZ) value of %SystemRoot%\system32\TSVIPool.dll

Once you have these values configured, you’ll need to go in and add the IP Address information.  Navigate to HKLM\SYSTEM\CurrentControlSet\Control\TerminalServer\TSAppSrv\VirtualIP\IPPool and create the following values as String (REG_SZ) values:

• Start – the starting IP address for your VIP addresses
• End – the ending IP address for your VIP addresses
• SubnetMask – the subnet mask for your VIP address range

If you chose to set up your server in per-application mode, you will need to add the applications you want to virtualize.  You can do this via the UI – ensure that the “Per program” radio button is selected and use the “Add Program” button to add the applications:

OK – that’s it for today’s post.  That also wraps up our segment on some of the new Remote Desktop Services features.  Tomorrow, Dane Smart will be back with a quick look at AppLocker.  Until next time …

- CC Hameed

Share this post :

Happy Monday everyone.  It’s Day Nineteen of our Launch Series, which means that there are only three more days until Windows 7 appears on store shelves!  Today, we’re going to provide a really quick overview of AppLocker, which is a new feature in Windows 7 and Windows Server 2008 R2.  AppLocker replaces the Software Restriction Policies (SRP’s) that many of you are probably familiar with.  With AppLocker, an administrator has the ability to control how users run all types of applications – scripts, excecutables, Windows Installer files (.msi and .msp files) and Dynamic Link Libraries (DLL’s).  Seasoned admins have probably made use of SRP’s in the past, but some of you may be wondering why this is even an issue.

Most of us on the Performance team were IT Administrators at one time or another prior to joining Microsoft.  Believe me when I tell you that we all have our fair share of horror stories.  We’ve all been in environments where end-users have brought in software from home or downloaded some sort of shareware or freeware and installed it on their machine.  In most of these cases, there was no real business need for these apps – let’s face it, is having a “cool” screensaver really a justifiable business application?  Probably not in the vast majority of cases.  Of course, almost inevitably, the software would cause other issues – leading to more helpdesk calls, some fairly angry end-users and of course, some really angry IT folks.  Enter SRP’s, where administrators could create rules and policies to block the installation of some of the more … popular … pieces of unauthorized software.  We’re really not going to get into the workings of Software Restriction Policies – if you need more information, refer to this TechNet Article.

Getting back to AppLocker, there are several enhancements:

• Ability to define rules based on attributes derived from a file’s digital signature, including the publisher, product name, file name and file version.  SRP supports certificate rules, but they are less granular and are a bit more difficult to define
• More intuitive enforcement model – only a file specified in an AppLocker rule will be allowed to run
• Audit-Only enforcement mode that allows administrators to determine which files would be prevented from running if the policy were in effect
• New interface accessed through an MMC snap-in extension to the Local Policy and Group Policy snap-ins.  The Software Restriction Policies snap-in is still available in Windows 7 / Windows Server 2008 R2 for compatibility reasons.

AppLocker requires the Application Identity Service.  This service performs all of the rule conversions for the AppLocker policy.  In order for an AppLocker policy to be evaluated on the system, the services has to be started.  The Application Identity is set to Manual by default.

The effects of AppLocker rules may be viewed in the AppLocker Operational event channel in Event Viewer.  Each event in the AppLocker operational log contains the following information:

• The file affected and the path of the file
• Whether the file was allowed or blocked
• The rule type (path, file, hash or publisher)
• Rule name
• SID for the user targeted in the rule

Something to note – AppLocker rule and Software Restriction Policy rules are completely separate.  You cannot use AppLocker rules to manage pre-Windows 7 systems.  If you define any AppLocker rules in a GPO, only those rules will be applied.  In other words, you should define your AppLocker rules in a separate GPO from your SRP rules to ensure interoperability.

And that’s all for AppLocker.  The resources below have more information.  Tomorrow, Jerry Ciferri will provide a quick overview of Windows Federated Search. 

Additional Resources:

• Windows 7 Walkthrough:AppLocker
• AppLocker Technical Documentation

- Dane Smart

Share this post :

Hi all, and welcome to Day 21 in our Windows 7 / Windows Server 2008 R2 Launch Series.  Tomorrow is the big day!  To wrap up our Launch Series, I want to talk today about a really cool tool included in Windows 7 and Windows Server 2008 R2 called Problem Steps Recorder.  I am sure we have all had situations where we needed to be able to reproduce a complex issue and just can’t seem to get it.  Often we work with end users, who may be across the country (or planet) from us, and need to be able to understand what they are doing that results in something that we need to fix.  Working through steps over the phone can be problematic at best, and connecting remotely to see what is happening on the other end is often not feasible.  Enter Problem Steps Recorder.

Problem Steps Recorder is a tool that collects and records basically everything you do within a certain scenario and packages it up for easy transport.  Problem Steps Recorder can be invoked by clicking the handy Start button   and typing in “Problem Steps Recorder” or PSR. Just click and it will then launch the application, which should look like this:

Then, you just click the Start Record button and reproduce the problem.  When you are done, click the Stop Record button and it will automatically collect the data and save it as a .ZIP file for easy upload.  Inside the ZIP file will be a file with a name similar to Problem_20090924_1612.mht.  This is a web page archive file and can be opened in Internet Explorer.  I used an application called BadApp32.exe which is just a small app that crashes when you run it.  Once I ran Problem Steps Recorder and ran the app to cause the crash, I stopped recording and then viewed the MHT file. Here is what the output web page looks like:

Recorded Problem Steps

This file contains all the steps and information that was recorded to help you describe the problem to others.

Before sharing this file, you should verify the following:

• The steps below accurately describe the problem.
• There is no information below or on any screenshots that you do not want others to see.

Passwords or any other text you typed were not recorded, except for function and shortcut keys that you used.

You can do the following:

• Review the recorded problem steps
• Review the recorded problem steps as a slide show
• Review the additional details

Problem Steps

Problem Step 1: (9/24/2009 4:28:55 PM) User Comment: "I double-clicked this icon."

Problem Step 2: (9/24/2009 4:28:57 PM) User left double click on "Badapp32.exe (list item)"

Problem Step 3: (9/24/2009 4:29:26 PM) User Comment: "Then, I click the little picture of the bomb."

Problem Step 4: (9/24/2009 4:29:28 PM) User left click in "Bad App"

Problem Step 5: (9/24/2009 4:29:53 PM) User Comment: "This causes the application to crash."

Problem Step 6: (9/24/2009 4:29:55 PM) User left click on "Close program (push button)" in "Badapp32.exe"

Additional Details

The following section contains the additional details that were recorded that can help find a solution for your problem.

These details help accurately identify the programs and UI you used while recording the problem steps.

This section may contain text that is internal to programs that only very advanced users or programmers may understand.

Please review these details to ensure that they do not contain any information that you would not like others to see.

Recording Session: 9/24/2009 4:28:29 PM - 4:29:56 PM

Problem Steps: 6, Missed Steps: 0, Other Errors: 0

Operating System: 7600.16385.x86fre.win7_rtm.090713-1255 6.1.0.0.2.1

Problem Step 1: User Comment: "I double-clicked this icon."

Program:

UI Elements:

Problem Step 2: User left double click on "Badapp32.exe (list item)"

Program: Windows Explorer, 6.1.7600.16385 (win7_rtm.090713-1255), Microsoft Corporation, EXPLORER.EXE, EXPLORER.EXE

UI Elements: Badapp32.exe, FolderView, SysListView32, SHELLDLL_DefView, WorkerW

Problem Step 3: User Comment: "Then, I click the little picture of the bomb."

Program:

UI Elements:

Problem Step 4: User left click in "Bad App"

Program: BADAPP32.EXE, BADAPP32.EXE

UI Elements: Bad App, BadApp

Problem Step 5: User Comment: "This causes the application to crash."

Program:

UI Elements:

Problem Step 6: User left click on "Close program (push button)" in "Badapp32.exe"

Program: Windows Problem Reporting, 6.1.7600.16385 (win7_rtm.090713-1255), Microsoft Corporation, WERFAULT.EXE -U -P 3520 -S 224, WERFAULT.EXE

UI Elements: Close program, &Close program, Button, CtrlNotifySink, DirectUIHWND, Badapp32.exe, #32770

The output describes what the user did as well as screen shots of what was going on at the time.  In addition, the screenshots included are clickable to view full size. You may also notice that some of the pictures include an entry called User Comment above them.  PSR has an additional button titled Add Comment.  When you click this button, it allows you to highlight an area of the screen and type in a comment.  This allows you to specify additional comments to the repro steps to make it easier to follow during a complex recording.  The section at the bottom of the page above describes in text exactly what you did at each step, what program was involved and what UI elements were invoked.

The repro I did was very small and pretty much included nothing more than running an app and then clicking inside the app to cause it to crash.  However, you can use Problem Steps Recorder to record much longer or more complex scenarios, and it will track everything you did between the time you click the Start Record and Stop Record buttons.  This makes Problem Steps Recorder a powerful tool in your bag of tricks.  As soon as you can get your hands on Windows 7 or Windows Server 2008 R2, I recommend playing around with this tool and as soon as you do I am sure you will be able to find plenty of scenarios to use it.

Problem Steps Recorder Command-Line Syntax

psr.exe [/start |/stop][/output <fullfilepath>] [/sc (0|1)] [/maxsc <value>]
 [/sketch (0|1)] [/slides (0|1)] [/gui (0|1)]
 [/arcetl (0|1)] [/arcxml (0|1)] [/arcmht (0|1)]
 [/stopevent <eventname>] [/maxlogsize <value>] [/recordpid <pid>]
 
/start        Start Recording. (Outputpath flag SHOULD be specified)
/stop         Stop Recording.
/sc           Capture screenshots for recorded steps.
/maxsc        Maximum number of recent screen captures.
/maxlogsize   Maximum log file size (in MB) before wrapping occurs.
/gui          Display control GUI.
/arcetl       Include raw ETW file in archive output.
/arcxml       Include MHT file in archive output.
/recordpid    Record all actions associated with given PID.
/sketch       Sketch UI if no screenshot was saved.
/slides       Create slide show HTML pages.
/output       Store output of record session in given path.
/stopevent    Event to signal after output files are generated.
 
PSR Usage Examples:

psr.exe

psr.exe /start /output fullfilepath.zip /sc1 /gui 0 /record <PID>
 /stopevent <eventname> /arcetl 1
 
psr.exe /start /output fullfilepath.xml /gui 0 /recordpid <PID>
 /stopevent <eventname>
 
psr.exe /start /output fullfilepath.xml /gui 0 /sc 1 /maxsc <number>
 /maxlogsize <value> /stopevent <eventname>

psr.exe /start /output %temp%\%computername%_PSR.zip /sc 1 /gui 1 /arcetl 1 /arcxml 1 /sketch 1 /slides 1
 
psr.exe /stop
 

So, that is all for this post, thanks again for tuning in.  Remember – LAUNCH DAY is tomorrow!

- Tim Newton

Share this post :

That’s right folks!  It’s October 22nd – the big day is finally here!  Over the last twenty-one days, we’ve touched on a number of different features of Windows 7 and Windows Server 2008 R2.  We hope you’ve enjoyed our Launch Series.  Don’t fret – we have plenty more to write about regarding both operating systems.

We are launching some tools and resources to help customers upgrade to Windows 7 – the Windows 7 Upgrade Advisor and the Window 7 Compatibility Center.  Both tools are available at the Windows Compatibility Center.  The Windows 7 Upgrade Advisor scans your PC to see if it’s ready for Windows 7.  It checks to see if your PC meets the system requirements, lets you know if your processor is capable of running 64-bit versions of Windows 7 and gives guidance on your upgrade options.  It also tells you about any known compatibility issues with the most commonly installed software programs and devices connected to your PC.  If an issue can be resolved, it suggests next steps for you to take before installing Windows 7.  The Windows 7 Compatibility Center helps you easily check the compatibility of thousands of devices and software programs for 32-bit or 64-bit versions of Windows 7.  Usually, you won’t need to do anything to ensure compatibility.  If you do, the site goes beyond just telling you what will or will not work. It also provides links to drivers and software updates to help get your PC running with the latest software.  For more information, check out the Windows 7 Team Blog.

We are also launching an exciting new online competition called 7 Ways to Change the World and we need your help!  The competition encourages people to create a two minute video explaining how they believe a Windows PC could help a nonprofit make a greater impact.  It could be helping a food bank manage their inventory or helping to deliver after school care for kids, the possibilities are endless!  There will be 7 winners, and each person who submits a winning entry will receive a new PC with Windows 7 and a $7,000 grant for their chosen nonprofit organization.  The competition runs from October 21st until November 11th.  Each day from November 16th until November 24th we will announce one of the 7 winners.  You can get the latest news on the event via Twitter and Facebook.

It’s certainly going to be a fun day – I suspect we’ll see lots of items from this collection around the office today:

And with that, we’re done with our Launch Series!  Again, we certainly hope you’ve enjoyed it.  We’d love to get your feedback:

• What did you think about our Windows 7 / Windows Server 2008 R2 Launch Series?
• What do you think about the AskPerf blog in general?
• Are there any topics you would be interested in seeing on AskPerf?

You can leave your feedback as a comment, or send us feedback via the Contacting AskPerf … link at the top of the page.  We’re going to take a short hiatus and we’ll be back to our regular posting schedule in a couple of weeks.  Until then …

- CC Hameed

Good morning all – today’s post is a very brief one regarding new announcements concerning Remote Desktop Services.  The original announcements were made on the Remote Desktop ServicesTeam blog.

• RDS CAL Single Pack now available in Retail channel– Remote Desktop Client Access Licenses (CAL’s) were previously only sold in packs of 5 and 20.  There was no option to buy a single CAL.  In response to customer request, Single CAL Packs are now available for Windows Server 2008 and Windows Server 2008 R2 for both Per-user and Per-device license types
• Remote Desktop Connection 7.0 for Windows XP SP3, Windows Vista SP1, and Windows Vista SP2– Remote Desktop Connection 7.0 was released on October 28th.  KB969084 provides a detailed description of available functionality and provides links to the download package.  For details on the functionality of RDC 7.0, please refer to this post on the Remote Desktop Services team blog.  One side note – if you previously installed the fix outlined in KB968358, installing RDC 7.0 will undo the fix.  Stay tuned for updates on when this is corrected
• Remote Desktop Load Simulation Toolset– This toolset can be used to create and measure load when using Remote Desktop Services.  This toolset will be useful when conducting your own scalability testing.  The toolset and the accompanying documentation can be downloaded from the Download Center on Microsoft.com

Until next time …

- CC Hameed

Share this post :

Some of the most difficult issues we face here on the Performance Team are WMI related issues. WMI is very pervasive, and when it breaks, you can experience a myriad of symptoms that are often very difficult to troubleshoot and fix. Here are a few examples of the symptoms that can occur, and that are addressed by the hotfixes listed at the bottom of this post:

• Loss of functionality with enterprise management/monitoring software for various machines. Software examples: Microsoft SCOM/SMS,  IBM Tivoli, LANDesk Management, HP OpenView, BMC Patrol, etc.
• Loss of functionality related to Citrix terminal services load-balancing
• Loss of functionality for WMI-based scripts
• Slow user logon times on Citrix terminal servers
• Slow user logon times on Windows clients where WMI-based group policy filters are in-place
• Starting the computer may be slow (3-4 minutes to start)
• Logging onto Windows may be slow

More granular symptoms:

• Unable to connect to root\default, root\cimv2 and/or root\citrix namespaces via WBEMTEST
• Repository growing large related to OBJECTS.DATA file
• Note repeating-nested CITRIX namespace entries in WMIMGMT.MSC. WMI CONTROL > PROPERTIES > SECURITY > expand ROOT structure to note missing/repeating namespaces

And here are the hotfixes that we recommend if you are experiencing WMI problems in Windows:

Hotfix list for Windows 7 and Windows Server 2008 R2

2831347      Roaming user profiles are corrupted when a monitoring program executes a WMI query on a Windows Server 2008 R2 SP1-based RDS server
http://support.microsoft.com/?id=2831347

2705357      The WMI process stops sending events to WMI clients from a Windows 7-based or Windows Server 2008 R2-based server
http://support.microsoft.com/kb/2705357

2692929      "0x80041001" error when the Win32_Environment WMI class is queried by multiple requestors in Windows 7 or in Windows Server 2008 R2
http://support.microsoft.com/kb/2692929

2617858      Unexpectedly slow startup or logon process in Windows Server 2008 R2 or in Windows 7
http://support.microsoft.com/kb/2617858

2465990      "0x80041002 (WBEM_E_NOT_FOUND)" error occurs when you try to open a WMI namespace on a computer that is running Windows 7 or Windows Server 2008 R2
http://support.microsoft.com/kb/2465990

2492536      Msinfo32.exe takes a long time to display or export system information on a computer that has many MSI-X-supported devices and that is running Windows 7 or Windows Server 2008 R2
http://support.microsoft.com/kb/2492536

982293        The Svchost.exe process that has the WMI service crashes in Windows Server 2008 R2 or in Windows 7
http://support.microsoft.com/kb/982293

974930        An application or service that queries information about a failover cluster by using the WMI provider may experience low performance or a time-out exception
http://support.microsoft.com/kb/974930

Hotfix list for Windows Vista and Windows Server 2008

2639845      The memory usage of an application or a service keeps increasing when it loads and unloads the Netshell.dll module frequently in Windows Vista or in Windows Server 2008
http://support.microsoft.com/kb/2639845

2464876      The WMI repository is corrupted on a computer that is running Windows Server 2008 or Windows Vista
http://support.microsoft.com/kb/2464876

973243        The default gateway is missing on a computer that is running Windows Server 2008 or Windows Vista after the computer restarts if the default gateway is set by using the Netsh command
http://support.microsoft.com/kb/973243

Hotfix list for Windows Server 2003 SP2

2257980 "0x80041002 (WBEM_E_NOT_FOUND)" error code occurs when you try to open a WMI namespace on a computer that is running Windows Server 2003 SP2
http://support.microsoft.com/kb/2257980 For all supported x86-based versions of Windows Server 2003

Hotfix list for Windows XP

933062        A hotfix is available that improves the stability of the Windows Management Instrumentation repository in Windows XP
http://support.microsoft.com/kb/933062

Til next time,

Blake Morrison

Good morning AskPerf!  David Alessi here from the Windows 8 client team.  One of the biggest support issues we’ve seen is with Windows 8 Store (formerly Metro/Modern) Apps failing to start.  This post is going to cover some of the most common issues that users run into, and how to troubleshoot them.

When troubleshooting Windows 8 Apps, first establish whether or not the App is starting at all.  When a Windows 8 App is first clicked the first thing that appears is the splash screen for that particular App.  For example:

The splash screen is a solid color page typically with the App’s logo on it.  When the App is first clicked, Windows is responsible for running the splash screen while the App gets ready to run.  If the splash screen is briefly displayed and then closes, this means that Windows is opening the splash screen but the App is not starting.

• When the splash screen is displayed and then closes, we could be looking a permissions problem, group policy setting, or something configured in the Windows Firewall service - all of which could cause the start screen to not display Apps that should be there
• When an App starts properly and cannot access local resources,  NTFS file permissions should be checked
• If the App starts properly but cannot access network resources, then a likely cause is the Windows 8 App’s inability to work with authenticated proxies
• If the splash screen is never shown, it’s possible that there’s an Application control setting/tool in place.  For example, a Microsoft Software restriction and/or Applocker.  Both of these Microsoft technologies are deployed with group policy.
• Apps missing from the start screen can be caused by any of the issues covered in this article, just step through the causes one at a time

Now that I’ve laid out some common causes I’ll go over how to fix each of issues above.

To start there are a few logs that can help you narrow down on the issue. I typically start with logs when only a certain app or apps are acting up (as opposed to all of them). If this is the case, make sure to give uninstall/reinstall a shot, or at least update to the latest version of the application.

The uninstall option is accessed by right clicking an app,

And updates are managed through the store.

The first log I’ll mention is %TEMP%\winstore.log

Winstore.log tracks update and install information for your applications, if you are having issues after an install or update this would be a good place to look first.

The other logs that can be helpful are located in your event log, easiest way to get there is to type “eventvwr” with your start screen open. Run it as an administrator.

With event viewer open navigate to: Event Viewer>Applications and Services Logs>Microsoft>Windows

Logs of interest

• AppModel-Runtime: Issues starting, running, terminating apps, does not report most issues. Events are generic.
• Apps: Start screen operations, most Windows 8 app issues will show up here, although the errors are not always informative.
• AppXDeployment and AppXDeployment-Server: Appx refers to the Windows 8 Store app type, as they are .appx file types. These logs track issues during install, deployment, update, and uninstall.

There are more logs that track Windows 8 app information, I’m not going to go over them because I have not found them helpful but to name a few: All-User-Install-Agent, AppHost, AppxPackagingOM, PackageState-Roaming, PushNotifications-Platform, and Store-Licensing.

Group policy

The easiest way to test if group policy is the issue is to test behavior of a fresh machine.  That is, using the image and deployment process where you determined there was an issue in the first place (MDT, PXE, etc.).

• Do NOT join the machine to the domain at this point
• If the machine still does not work post-deployment, pre-domain joined, then we could possibly be looking at something wrong in the image
• If the App works soon after it’s joined to the Domain, then breaks after a reboot, a group policy setting could be the culprit

If you suspect that a group policy setting is breaking the App, then the following steps should be performed on the problem machine and/or user session:

• Elevated CMD Prompt: “Gpresult /h gpreport.html /user <DOMAINNAME>\<USERNAME>”
• Registry and file system permissions can be set via group policy so search your group policy reports for changes
• Make note of any Services modified by Group Policy, especially Windows Firewall - if Windows Firewall is disabled then Windows 8 Apps will not work
• Look for “software restriction”, “Application control” or “Applocker settings”
• All 3 of these can be configured to block Applications using certain file extensions.  Windows 8 Apps use the .Appx extension which is not present in previous versions of Windows

When applocker is responsible for blocking an application, the user is typically presented with the prompt “This app has been blocked by you system administrator” however, this is not always the case.

To verify whether applocker is causing you issues open your event log and open:

Application and Services Logs>Microsoft>Windows>Applocker

• Applocker will report events when it blocks apps so you can check here to verify, a blocked app will show up as an 8022

Permissions

As mentioned above, file system permissions, whether in the image, in a logon/startup script, or in group policy, can affect Windows 8 Store Apps.

In Windows 8, there is a new principle used to run Windows 8 Apps - ALL APPLICATION PACKAGES. To check for this principle: right-click on a folder or file in the file system>Properties>Security Tab>Advanced.

Here you can see a list of all security principles on that location and their permissions. Notice ALL APPLICATION PACKAGES at the bottom.

ALL APPLICATION PACKAGES need the following permissions to execute properly:

• Read & execute, List folder contents and Read in the following locations
• C:\Windows
• C:\Program Files (x86)
• C:\Program Files
• List folder and read data, Create Folders and Append Data
• C:\Users\<userName>\AppData\Local\Microsoft\Windows\WER
• Read
• HKEY_CLASSES_ROOT
• HKEY_LOCAL_MACHINE\Drivers
• HKEY_LOCAL_MACHINE\HARDWARE
• HKEY_LOCAL_MACHINE\SAM
• HKEY_LOCAL_MACHINE\SOFTWARE
• HKEY_LOCAL_MACHINE\SYSTEM
• HKEY_USERS

Other Causes

The other major issues with Windows 8 Store Apps are authenticated proxies.  Windows 8 Apps do not have the architecture built in to pass credentials, cookies, certificates or any other authentication methods to proxies – which will fail when loading.  Some of these symptoms include the following:

• Applications will start but not be able to connect to resources on the internet
• You may be able to browse the Store, however downloads will fail, “App couldn’t be installed” or something similar
• Other generic network related errors, not connected to internet, no network connection, problems checking for updates

This issue has been fixed in 8.1 but if you really want to know before committing to an upgrade collect a netmon trace from the client while attempting to access internet resources in a Windows 8 App.

• Once collected, filter the trace on “http”
• You will see the client initiating HTTP GET requests and the server repeatedly responding with “proxy authentication required”
• Typically, the client will initiate a GET request, the server will send a “proxy authentication required” the client with authenticate and function normally
• With windows 8 Apps you will see “proxy authentication required” several times

Here is the KB detailing this known issue and it’s workarounds: Using authenticated proxy servers together with Windows 8.

Lastly, the Windows Firewall service needs to be set to automatic and running for Windows 8 Store Apps to work.  It’s also required for a lot of other functionality in Windows 8 and so should not be turned off for any reason.

If you use a 3^rd party Firewall product, then we recommend to configure Windows Firewall to not block any inbound or outbound traffic.

Finally, if all other steps fail, you can try clearing the Windows Store cache by running the following command:

WSRESET.EXE

Additional Resources

• What to do if you have problems with an app
• Apps troubleshooter (AppsDiagnostic.diagcab)

-David

Hello AskPerf! My name is Prachi Singh and today I will be talking about a behavior that can occur when users attempt to pull licenses from a 2012 R2 License server via a 2008 R2 Session Host. Under these circumstances, you may see a line item in your 2012 R2 license manager that says “Windows Server 2008 or Windows Server 2008 R2 -Installed TS or RDS Per User CAL”. Under “License Program” you then see “Built-in Overused”.

In the case above, the license server is used to issue RDS CALs to users when they connect to both Windows Server 2008 R2 and Windows Server 2012 R2 Session Host Servers. When a user connects to a Windows Server 2012 R2 Session Host, a Windows Server 2012 "per User" RDS CAL is issued.

However, when a user connects to a Windows Server 2008 R2 RDS Server, a Windows Server 2008 R2 "Built-in OverUsed" RDS CAL category appears and shows the value only for the issued RDS CAL. The "Total" and "Available" values remain 0. Additionally, the issued RDS CAL amount is not deducted from the total Windows Server 2012 RDS CALs.

What is the "Built-in OverUsed" group and is it ok to have it?

The "Built-In Overused" group was also used in earlier operating systems if the licensing mode was being set to Per User but no "per user" CALs were installed on the license server and the users will still connect to the terminal servers. This was an indication for admins that they must install licenses. After the applicable licenses get installed, this group goes away and the number of licenses issued gets synchronized with the installed license group.

Why are Windows Server 2008 R2 RDS CALs not deducted from the installed Windows Server 2012 RDS CALs?

By default, a license server attempts to provide the most appropriate RDS CAL for a connection. For example, a license server running Windows Server 2008 R2 tries to issue a Windows Server 2008 R2 RDS CAL for clients connecting to an RD Session Host server running Windows Server 2008 R2, and a Windows Server 2003 TS CAL for clients connecting to a terminal server running Windows Server 2003. If the most appropriate RDS CAL is not available, a license server running Windows Server 2008 R2 issues a Windows Server 2008 R2 RDS CAL, if available, to a client connecting to a terminal server running Windows Server 2003 or Windows Server 2000.

Why are the "Built-In Overused" RDS CALs “issued” counted but not the “total” and “remaining” too?

Starting with Windows Server 2012 R2 license server, when only Windows Server 2012 RDS CALs are installed and a user logs on to a Windows Server 2008 R2 RDS Server, the "Built-in OverUsed" group is displayed and the user gets a 2008 R2 "Built-In Overused" RDS CAL. Here, in this case it is just a reporting mechanism to tell that these number of users have logged in without an appropriate CAL. This is to make admins visible that 2012 licenses were issued for older terminal servers for which no dedicated (in this case the 2008 R2) RDS CALs are installed.

Since, this group is displayed separately, the number of licenses will not be deducted directly from the 2012 RDS CAL group. The "Built-In Overused" group will display only the number of licenses issued and no " Remaining" or "total", because in the background the 2008 RDS CALs are not actually installed. The column “Built-in Overused” represents the number of user connections to Windows Server 2008 R2 servers where a Per User license was issued.

Do you need to install additional Windows Server 2008 R2 RDS CALs too, or is this a compatibility behavior?

Server 2012 RDS requires a Server 2012 RD Licensing server.  A 2012 RD Licensing server will serve 2012/2008 R2/2008/2003 servers, so you may consolidate your RDS CALs onto a Server 2012 RD Licensing server if you would like to.

RDS CALs are not forward compatible, only backward compatible. Meaning that Windows Server 2012 CALs will work with Server 2008 R2

Windows Server 2012 RDS CALs can be issued to 2003, 2008/R2 terminal server. For more detailed info, you may check below article:

RDS and TS CAL Interoperability Matrix

The above screenshot shows that there are 4 users who are connecting to 2008 R2 Session Host Server and 1 user who connects to 2012 R2. With respect to reporting, the admin has the number of issued RDS CALs (Built-in OverUsed + 2012 RDS CALs) and they should make sure that the total does not exceed the number of installed RDS CALs.

The RDS CAL reports will contain information about both (Built-in Overused + 2012 RDS CALs)

Are the "Built-In Overused" RDS CALs handled like any other CALs, especially regarding license renewal?

Per user "RDS CALs are valid 60 days but can be extended automatically if the user logs on again to the RDS server. If the license it has is within seven days of expiring, then the RD Session Host server attempts to obtain a license for the User at each login. If the server cannot find a license server to renew the license before it expires or no license is available, the license will expire. If the server has the licenses available, it will issue it to the user. This is how a "Built-in OverUsed" per user CALs as well as all other "normal" per user RDS CALs behaves.

When a user (which got "Built-In Overused" RDS CAL issued) logs on to a Windows Server 2012 R2 RDS server, the built-in overused CAL gets converted to 2012 RDS CAL. Once converted, the user will continue using 2012 RDS CAL even if he connects to 2008 R2 RDS server ( once "upgraded" the license is no longer "downgraded").

The report will look something like this:

-Prachi

Hello AskPerf! Ishu Sharma here again from Microsoft Performance team.  Today I will be discussing an issue where multiple per device Remote Desktop Services CALS are issued to the same device.
Before we dive into this topic, I would like to recall the below facts about RDS Per Device Licensing.

If an unlicensed client connects to a Remote Desktop Server for the first time, the Remote Desktop Licensing Server issues the client a temporary RDS Client Access License (CAL). After the user has logged into the session, the RDS server instructs the License Server to mark the issued temporary RDS CAL token as being validated. The next time the client connects, an attempt is made to upgrade the validated temporary RDS CAL token to a full RDS CAL token. If no license tokens are available, the temporary RDS CAL token will continue to function for 90 days.
When a client device receives an RDS Device CAL from an RDS Host, it receives it in the form of a digital certificate from a license server. That certificate is saved in the below location on Licensing server:

[HKLM\Software\Microsoft\TermServLicensing\Certificates]
[HKLM\System\CurrentControlSet\services\TermservLicensing\Parameters\Certificates.000]
[HKLM\System\CurrentControlSet\services\TermservLicensing\Parameters\Certificates.001]

The digital certificate is an actual certificate copied to the client device. Once a client device connects to an RDS Host, an RDS CAL digital certificate is transferred from the license server to the client device. The license server loses one of its licenses from its inventory, and the client device has the digital certificate that it can present to any RDS Host on future connections.

Clients store their license under the key:

[HKEY_LOCAL_MACHINE\Software\Microsoft\MSLicensing]

The MSLicensing key contains two sub-keys used to store both unique client-specific information and any license certificates obtained from license servers.

HardwareID
Store

HardwareID stores a Random 20-byte identifier specific to the client machine and is generated automatically by Windows. This ID uniquely identifies the machine to the license server. When a client is allocated an RDS CAL from the license server, this HardwareID is recorded in the licensing database to associate the client with the CAL. This entry is made when clients are allocated both temporary CALs and permanent licenses.

Store is used to store the terminal services CAL allocated from the license server.  Entries are contained in sub key named License00x, where X is a numerical ID beginning with 0.  Each License00x entry contains a separate CAL.

The License00x entry contains four binary components that comprise a terminal services CAL certificate:

• ClientLicense
• CompanyName
• LicenseScope
• ProductID

Every time the client device connects to an RDS Host, it presents its RDS CAL certificate to the server. The server checks not only whether the client device has a valid certificate, but also the expiration date of that certificate. If the expiration date of the certificate is within 7 days of the current date, the RDS Host connects to the license server to renew the license for another random period of 52 to 89 days.

Ideally each Client device should be issued only one RDS CAL. However, there would be times where License Server Manager will show multiple per device CALS being issues to the same device as shown in the below picture:

Now this is intriguing!! Why is the same device consuming multiple RDS CALS? The administrators usually notice this issue when they start running out of per device CALS and when they check the list of issued per device CALS in RDS licensing Manager, they notice that multiple RDS CALS have been issues to the same device.
To temporarily get around this issue you can revoke licenses but the catch is that you can only revoke 20% of the CALS at one time. This may not help if you have very few CALS left and you see that multiple per device CALS are being allocated to multiple machines.

Below are the possible reasons which can cause this issue:

1.    If you have built multiple machines using the same image:

a)    There could be times when you used a syspreped image or Citrix provisioned machines where the HardwareID was defined in the image because of which each device which was built using that image got the same hardware ID. This would result in the below situation:

• If Client1 has HWID xxxx and logs into the RDS, it will get license 1
• Then Client 2 which also has HWID xxx logs in and does not have license 1, so it's issued a new license, license 2
• If Server 1 tries to log in again, the xxx HWID is now associated with license 2, which Client 1 does not have, so Client 1 will get issued a new license, license 3
• Now the XXX HWID is associated with license 3
• Every time that HWID logs in, no matter what machine it is, its license will be compared to what's in the database for HWID XXX
• That's where the problem comes in — machines are constantly getting new licenses, even when they aren't needed.

Resolution In order to get around this issue, you need to rectify the image itself and use a syspreped image which does not have MSLicensing Key information of the original machine hardcoded to it

b)    You Create a Citrix Provisioned machine where all the machines are booted from a pre-defined image and all the changes are lost after reboot. So every time the machine connects it gets a new ClientHWID and this is lost on the next boot. The next time the machine connects to the RDS Host, it gets a new Client HWID and hence a new RDS license is issued. Citrix XenDesktop provisioned machine with different hardware ID which can cause the license server to recognize it as different device and issue duplicate licenses

Resolution It is recommended to use Per-User RDS licensing in these scenarios, because the licenses are reverted when the user logs off, hence the number of licenses will not be affected.

2.    This could also happen if you have a script in place which deletes MSLicensing Key at shutdown.

Resolution Remove the script

3.    Different machines using same name.

If machines are cloned, sometimes third party cloning tools do not wipe out all the stale information and the cloned clients although with a different hardware it would give the same computer name to the RDS Host.

Though the Hardware ID might be different, if two different machines have the same name, looking at the Licensing Manager you might think that the same device is using multiple CALS but it is not.

4.    Machine was re-built:

For some reason if a machine that got a CAL once is re-built then due the new installation it got a new hardware ID and when connected again to Remote desktop server and hence got another CAL.

Assume that a client device successfully authenticates to an RDS Host and is granted a full RDS CAL certificate that was (worst case) randomly selected to expire at the 89 day maximum. When it passes down the certificate, the license server decrements its total RDS CAL license count by one, also noting that particular certificate's expiration date. Now, assume that a catastrophic event occurs at the client, causing its local operating system to be reinstalled and its local RDS CAL certificate to be lost. When that client authenticates to an RDS Host, the RDS will request a new RDS CAL certificate from the license server and the license server (again) decrements its RDS CAL inventory by one. At this point there have been two RDS CAL licenses given out to that one client, but the first one will never be renewed because the certificate was lost when the client was rebuilt. After 89 days (the randomly selected duration of the first certificate), the first RDS CAL is returned to the pool by the license server.

Resolution The old CAL will be freed within next 52-89 days after being issued or you can simply revoke the old CAL.

5.     Multiple Hardware ID’s in the MSLICENSING Reg key of the client machine:

This could happen if the license has been corrupted. If it has already been corrupted, a new hardware ID will be generated automatically for the client during next RDS Host logon and hence you may notice duplicate CALS for that device.

Resolution To determine which one you need to delete, go to the server, and open PowerShell “As Administrator” on the RDS License server, and execute the following command: get-wmiobject Win32_TSIssuedLicense | export-csv [outputfile]
Then in the output file, find out the client who is issued with multiple licenses, then record the hardware ID within the license which is not the most recently issued.
Then go back to the client, open registry, locate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSLicensing\HardwareID and check the ClientHWID which matches the one you just record, delete the HardwareID subkey.

DATA collection

1.    Look at TerminalServices-Licensing event logs.
2.    Generate per device RDS Per device Cal report to verify if the issue is because of multiple Hardware ID’s issued to the same machine, or same hardware ID issued to different machines or due to duplicate Machine names with different Hardware IDs.

Script for RDS Per Devices CALs (PowerShell)

This shows Keypack ID, License ID, Name of the client device along with Hardware ID and Expiration date of the CAL as shown below.

3. Use the RDS Client License Test tool (TSCTST.EXE) provided with the Windows Server 2003 Resource Kit on the client machine for which you see multiple CALS to display details about the license token residing on a client device. It is a command-line utility that displays the following information by default:

• Issuer
• Scope
• Issued to computer
• Issued to user
• License ID
• Type/Version
• Valid From
• Expires On

By using the /A switch, the following additional information is displayed:

• Server certificate version
• Licensed product version
• Hardware ID
• Client platform ID
• Company name

3. If you are still not able to find the cause, Microsoft professional can help you collect an RDS Licensing ETL trace while reproducing the issue. The etl trace should tell what name / HWID was used to request new licenses.

Quick Workarounds

1.    If all per device CALS are exhausted and you are working to find the case of multiple RDS CALS being issued to same device, temporarily you can change the licensing mode to per user to allow remote sessions. However, this should not be a practice as it will be a breach of Microsoft Licensing agreement.

2.    Regenerate the ClientHWID and Rebuild the License server database (KB273566) and reinstall the CAL Packs to restore all the CALS.

The hardware ID can be regenerated by deleting the below keys manually:

Reg Delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSLicensing\HardwareID

Reg Delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSLicensing\Store /f

The next time you need to take an Remote session as an admin to regenerate the hardware ID as normal users do not have permissions on this registry key. Or you can use tools (RegenerateHDWID) to regenerate the hardware ID’s on the fly.

-Ishu

Hello AskPerf blog readers! Jeff here from the Windows Performance Team once again. I am happy to announce that the new version of WMIDIAG is finally here. It’s now compatible for Windows 8/8.1 as well as Sever 2012/2012R2. Some of you may have been aware that the previous version used to also show a lot of errors and that majority of them were erroneous or false positives simply due to wmi class name changes between OS versions. That has been all cleaned up and all errors have been corrected. When you run the new version it should look a lot cleaner and what errors you do see should be accurate and deserving of attention.

The WMI Diagnosis Tool is a VBScript based-tool for testing, validating, and analyzing WMI installation/issues. The tool collects data from WMI installations on all Microsoft Operating Systems at any or no service pack level.

WMI Diagnostics 2.2 requires you to have Local Administrator rights as well as Windows Script Host (WSH) enabled.

To download this tool, please click here.

After you download WMIDiag.exe, run it and extract the files to a local folder. If you double-click WMIDiag.vbs, the following message will appear:

If you want to see its activity, then you would run “cscript WMIDiag.vbs” from the command prompt, or you can change the default script host to the command line by running “cscript //H:CScript”.

Note: By default WMIDiag does not check repository consistency and you would need to run manually from command prompt using “cscript WMIDiag.vbs checkconsistency”

WMIDIAG can be run from Windows Explorer, or from the command line. Each time it runs, the WMI Diagnosis Tool creates the following three files in the %TEMP% directory:

• .LOG file containing all the WMI Diagnosis Tool activity as well as a WMI report at the end
• .TXT file containing the WMI Diagnosis Tool report
• .CSV file containing statistics that can be used to measure trends and issues

When the WMI Diagnosis Tool terminates, the ERRORLEVEL environment variable is set to one of the following values:

0 = SUCCESS

• WSH has a script execution timeout setup (in machine or system environment)
• Machine reports suspicious improper shutdowns
• User Account Control (UAC) status is reported (Vista and above)
• Local account token filter policy is reported (Vista and above)
• Unexpected binaries in the WBEM folder
• The Windows Firewall is enabled
• Some WMI service installed in the machine are dependent on the WMI service (i.e. "SMS Agent)
• WMI ADAP has a status different than 'running'
• Some WMI namespaces require a packet privacy encryption for a successful connection
• Some WMI permanent subscriptions or timer instructions are configured
• Some information about registry key configurations for DCOM and/or WMI was reported

1 = ERROR

• System32 or WBEM folders are not in the PATH
• WMI system file(s)\ repository is/are missing
• WMI repository is inconsistent (XP SP2, 2003 SP1 and above)
• DCOM is disabled
• WMI service is disabled
• The RPCSS and/or the WMI service(s) cannot be started
• WMI DCOM setup issues
• Expected default trustee or ACE has been removed from a DCOM or WMI security descriptor
• The ADAP status is not available
• One or more WMI connections failed
• Some GET operations\WMI class MOF representations\WMI qualifier retrieval operations failed
• Some critical WMI ENUMERATION operations\WMI EXECQUERY\WMI GET operations failed
• Some WRITE operations in the WMI repository\PUT\DELETE operations failed
• One of the queries of the event log entries for DCOM, WMI and WMIADAPTER failed
• Some critical registry key configurations for DCOM and/or WMI were reported

2 = WARNING

• System32 or WBEM folders are further in the PATH string than the maximum system length
• System drive and/or Drive type reporting are skipped
• DCOM has an incorrect default authentication level (other than 'Connect')
• DCOM has an incorrect default impersonation level (other than 'Identify')
• WMI service has an invalid host setup
• WMI service (SCM configuration) has an invalid registry configuration
• Some WMI components have a DCOM registration issue
• WMI COM ProgID cannot be instantiated
• Some WMI providers have a DCOM registration issue
• Some dynamic WMI classes have a registration issue
• Some WMI providers are registered in WMI but their registration lacks a CLSID
• Some WMI providers have a correct CIM/DCOM registration but the corresponding binary file cannot be found
• A new ACE or Trustee with a denied access has been modified to a default trustee of a DCOM or WMI security descriptor
• An invalid ACE has been found for an actual DCOM or WMI security descriptor
• WMI ADAP never ran on the examined system
• Some WMI non-critical ENUMERATION operations failed\skipped
• Some WMI non-critical EXECQUERY operations failed\skipped
• Some non-critical WMI GET VALUE operations failed
• Some WMI GET VALUE operations were skipped (because of an issue with the WMI provider)
• The WRITE operations in the WMI repository were not completed
• The information collection for the DCOM, WMI and WMIADAPTER event log entries was skipped
• New event log entries for DCOM, WMI and WMIADAPTER were created during the WMI Diagnosis Tool execution
• Some non-critical registry key configurations for DCOM and/or WMI were reported

3 = Command Line Parameter errors

4 = User Declined (Clicked the Cancel button when getting a consent prompt)

• WMIDiag is started on an unsupported build or OS version
• WMIDiag has no Administrative privileges
• WMIDiag is started in Wow environment (64-bit systems only)

When you run the WMI Diagnosis Tool via command line:

C:\>CSCRIPT WMIDiag.vbs

The generated report “%TEMP%\WMIDIAG-V2.2_WIN8.1_CLI.RTM.64_MYPC_2015.05.11_15.02.30-REPORT.TXT“ contains two types of figures:

• WARNING – Information that is useful if certain actions are executed
• ERROR – Problems that need to be solved to avoid errors reported by WMI

WMI DIAG 2.2 FAQ:

1. Where can I get the WMI Diagnosis Tool?

The WMI Diagnosis Tool can be downloaded from the Microsoft Download Center at http://www.microsoft.com/en-us/download/details.aspx?id=7684. More information about the WMI Diagnosis Tool usage can be found in the document (WMIDiag.doc) which comes along with the download.

2. Is the tool supported?

There is no official support for WMI Diagnosis Tool.

3. Can the WMI Diagnosis Tool diagnose a remote computer?

The WMI Diagnosis Tool is not designed to diagnose remote computers. This is due to the fact that WMI remote access is mainly based on the WMI infrastructure. Because the aim of WMI Diagnosis Tool is to diagnose WMI, the WMI Diagnosis Tool does not use WMI to perform its core operations. That’s why the WMI Diagnosis Tool must be run locally. However, the WMI Diagnosis Tool can be deployed remotely using Group Policy, Systems Management Server (SMS), or Microsoft Operations Manager (MOM) via a Management Pack. With Windows Vista, the WMI Diagnosis Tool can also be remotely executed through WinRM/WinRS, provided you configure and enable these features (WinRM/WinRS are not enabled by default). Microsoft SysInternals tool PSEXEC.EXE on Technet can also be used.

4. Does the WMI Diagnosis Tool fix problems it discovers?

No. The WMI Diagnosis Tool executes in read-only mode. Even though the WMI Diagnosis Tool diagnoses the situation and provides procedures to fix problems, at no time does the tool automatically fix a problem. This is by design, because the correct repair procedure depends on the context, the usage, and the list of applications installed on the computer.

I hope this new tool will help you identifying potential WMI issues in your environment. Don’t forget to read the support document (WMIDiag.doc) included in the WMIDIAG 2.2 download.

-Jeff

Hello AskPerf! Blake here with a quick blog to discuss an issue I’ve seen more frequently over the past few months. Here is the Scenario:

When you try and create a new Scheduled Task via the command line (schtasks.exe), the following error appears:

"WARNING: The task name "PERFTEST" already exists. Do you want to replace it (Y/N>?"

If you hit Y, then this message will appear:

"ERROR: Cannot create a file when that file already exists."

When you try and create the same task via the taskschd.msc snap-in, this message is displayed:

"An error has occurred for task test.  Error message: A task or folder with this name already exists."

When you click OK, the following error appears:

"Transaction support within the specified resource manager is not started or was shut down due to an error"

After you click OK, the task is not created.

Research internally as well as out on the Internet suggest that the Transaction Log is corrupted. To fix this you need to do the following:

1. Open up an elevated CMD prompt
2. Type in the following and hit enter: "fsutil resource setautoreset true c:\"
3. Reboot
4. After your machine reboots, you should be able to create new Scheduled Tasks now

NOTE I’ve only seen this on Windows 2008 R2 SP1 thus far, and will update this blog post if seen on other Operating Systems down the line.

Additional Resources

• Fsutil behavior

-Blake

Hello Askperf, my name is Naresh and today we are going to discuss how we can connect to a Windows 2012 Remote desktop collection from thin clients or other clients that are not session hints aware.

You might be thinking what are “Session hints”, so let us right away dig into the need for session hints. The connection broker in Windows 2012/R2 has changed the way clients connect to a group of RDSH/RDVH servers – earlier called farms but now we have them grouped as ‘collections’ in Windows 2012/R2. With Windows 2012, we brought changes in the way how the GUI looks, how we install different roles and how these different roles interact with each other. With all this the flow of remote desktop connections and how a client connects to the endpoint servers, changed as well.

Classical way of connecting to Remoteapps-windows server 2008 r2

In Windows 2008 R2 we deployed RemoteApps as:

1. MSI files
2. RDP files
3. Connect through RDWeb

To explain the connection flow I will walk you through the RDP file content of a RemoteApp in Windows 2008/R2 vs. Windows 2012/R2.

This is how a RDP file for a RemoteApp would look like in a 2008 R2 RDS environment:

1. The client reads the full address (of the farm) and the RDGateway properties.
2. If the client finds the RDGateway, it will authenticate against the gateway and based on the CAP and RAP policy the connection would be passed on.
3. The Client would then do a DNS query for the full address (of the farm) – assuming this is a DNS Round Robin or the farm name is pointing to a NLB – and would try to connect to the RDSH server. (If there is a dedicated redirector, then one of them will receive this connection.)
4. The RDSH (or the redirector) server receiving the connection would then contact the connection broker and if there is an existing disconnected session available for this user on an RDSH, the connection broker would send the details of the RDSH server back to the redirector. If there is no disconnected session, the connection broker would determine the best suited server as per the load balancing algorithms and would send the details of that server to the redirector.
5. Redirector would in turn pass those details to the client and the client would then directly logon to the application on the assigned server. Session established.

Change in the way we connect in 2012 -Session Hint / TSVUrl

In a 2012/R2 environment the RDP file looks like this:

1. In Windows 2012 the concept of Farms has been deprecated and replaced by collections. However, unlike Farms, collections do not have an entry in the DNS. Therefore the client reads the full address (which is for connection broker which hosts the RDS deployment and collections) and the RDGateway properties.
2. If the client finds the RDGateway, it will authenticate against the gateway and based on the CAP and RAP policy the connection would be passed on.
3. The Client would then do a DNS query for the full address, i.e. the connection broker for windows 2012 and would try to connect to the RD Connection broker. The term redirector is no longer used in Windows 2012 and instead connection broker does the redirection, but how?

What are session hints/TSVUrls ?

If you see the above RDP file, I have also highlighted the loadbalanceinfo which consists of the TSVUrl. A TSVUrl or session hints suggests which collection in the deployment the client should connect to. So along with the Full Address and gateway information, the client also reads the loadbalancerinfo and sends that over to the connection broker.

4. The connection broker then reads the TSVUrl to determine the collection name and then suggests which RD Session host participating in the collection should take the session based on whether there is an already existing session or not.

5. If there is an existing session available for this user on an RDSH in that collection, the connection broker would send the details of the RDSH server back to the client. If there is no disconnected session, the connection broker would determine the best suited server within the collection as per the load balancing algorithms and would send the details of that server to the client.

6. The client would then directly logon to the application on that assigned server. Session established.

DefaultTsvUrl: workaround for incompatible RDClient

However, what would happen if the RD client does not understand the TSVURLs? Yes, the client would directly logon to the connection broker but since the application is not hosted there, it would error out.

We have seen a lot of customers not wanting to move over to Windows 2012 Remote desktop services because they have Clients like, old thin clients with old RD clients and some non-windows clients or some of the old Windows clients that might not understand TSVURLs. I would highly recommend upgrading the clients to the latest by getting in touch with the OEM vendor/manufacturer for getting the latest RD client for these devices (in case of old Windows fat cients either install RDC 8 or later or else upgrade to the operating system that supports RDC 8) making sure they are tsvurl aware, given the so many other benefits and features the latest RD client would bring along. However, we do understand that some of our customers would have genuine reasons to keep these clients and also while planning and implementing an upgrade, one would need to run the show in the meantime with the non-compatible clients.

For such cases, we can use the below registry key on the connection broker hosting the deployment.

Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base 322756 How to back up and restore the registry in Windows.

The following tuning recommendation has been helpful in alleviating the problem:

1. Start Registry Editor (Regedit.exe).

2. Locate and then click the following key in the registry:

HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\ClusterSettings

3. On the Edit menu, click Add Value, and then add the following registry value:

Value name: DefaultTsvUrl
Data type: REG_SZ
Value data: tsv://<TSVURL>

This registry would provide the connection broker with the default loadbalanceinfo in case the client was unable to read the loadbalanceinfo provided in the remoteapp.

To find the TSVUrl to be set in DefaultTsvUrl, you can go to the following registry on the connection broker:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\CentralPublishedResources\PublishedFarms\<CollectionName>\Applications\<RemoteApp>\

RDPFileContents REG_SZ

You can find the tsvurl in the RDPFilecontents of the collection you would like to set as your default. Then configure it as your DefaultTsvUrl . You can then keep the show running while you upgrade to newer compatible clients.

NOTE: This is being suggested as an alternate/workaround when you do not have upgrading the client as an option. It has the following caveats that one should be aware of:

1. This would only be read when the client is unable to understand the tsvurl sent in the RDP file (from the remote app) and thus does not present the tsvurl to connection broker.
2. Whenever such a client comes the DefaultTsvUrl sends it to one single collection as specified in the registry value. DefaultTsvUrl can only point to one single collection only and thus you may want to plan and create a single collection for non compatible clients that has all their required apps in it. There is no provision of defining multiple collections in this registry so if you want to use incompatible clients over multiple collections then it won't be possible.
3. In case you change that collection, you will have to change the defauDefaultTsvUrl lttsvurl registry value as well.
4. This registry is only a workaround for tsvurls and will not work if the clients are not compatible with remoteapps itself. It is only for providing a workaround for clients that were able to access remoteapps earlier in Windows 2008/R2 but cannot access them through collections as explained in the section "Change in the way we connect in 2012 -Session Hint / TSVUrl".

-Naresh

Hello folks, as I’m sure you already know, Windows 10 will be available tomorrow, July 29th.  With that said, we will be blogging some of the new features that our team will be supporting in this new OS.

We will also blog about features that some of other teams support.  Namely, how to manage Windows 10 notifications and upgrade options:

How to manage Windows 10 notification and upgrade options

Windows 10 landing page

See you soon!

-Blake

Hey Folks, quick post to let you know that the Windows 10 Remote Server Administration Tools are now available.

Remote Server Administration Tools for Windows 10

Details

Remote Server Administration Tools for Windows 10 includes Server Manager, Microsoft Management Console (MMC) snap-ins, consoles, Windows PowerShell cmdlets and providers, and command-line tools for managing roles and features that run on Windows Server Technical Preview.

Remote Server Administration Tools for Windows 10 can be used to manage roles and features that are running on Windows Server Technical Preview, with the following exceptions:

• DHCP Tools. Dhcpmgmt.msc is not available in this release of RSAT, but equivalent Windows PowerShell cmdlets are available.
• IP Address Management (IPAM) Tools. IPAM tools are not available in this release of RSAT.
• Network Policy Server Tools. The NPS console is not supported on a Windows client-based operating system, and will be removed from future releases of RSAT.
• Routing and Remote Access Tools. Routing and Remote Access Tools that are GUI-based cannot be used for remote configuration in this release of RSAT, but the equivalent Windows PowerShell cmdlets are available.

-Blake

Hello AskPerf! My name is Matt Graham and I'll be discussing an issue that you may see on your RDS Licensing Server.

SCENARIO You have both a 2008 R2 and an 2012 or 2012 R2 Licensing server in your RDS environment.  When you look under services.msc, you notice that the Remote Desktop Licensing service is stopped on the 2012 / 2012 R2 server.  You try to start it again, but after a short period of time (30 seconds to a few minutes) it stops on its own again.  In fact, every time you try to start the service, it starts for a short time and then stops on its own.

Alternatively, you may see this service crash.

ISSUE This behavior is actually by design.  You cannot have a 2008 R2 and a 2012 / 2012 R2 License server in the same RDS environment.

RESOLUTION If you are moving to a 2012 / 2012 R2 environment, then deactivate and decommission your 2008 R2 license server.  If you still want to have two or more license servers, you will need to build another matching 2012 / 2012 R2 license server.

CONSIDERATION #1 We have seen at least one case where the 2012 License Manager Service still did not start even after removing the 2008 R2 License server.  In this case, the licensing server database had become corrupt.  If this happens, you can rebuild the database using the "Manage Licenses" wizard.

WARNING If you do this, you will have to re-install your licenses after the rebuild. Be sure you have your licensing information.

1.  Open your RD Licensing Manager, right click on your server and select Manage Licenses.

2. Select Rebuild the license server database.

3.  After this, you will need to have your Retail CAL pack or your EA information in order to reinstall your licenses.

CONSIDERATION #2 In one case, a customer had to rename the "C:\Windows\System32\Lserver" folder, uninstall the RDS roles, reboot, and reinstall the RDS Licensing role in order to get the service to start again.  This should effectively do the same thing as rebuilding the license database, but I mention it because it was successful in at least one case.

Finally, when you decommission your old 2008 R2 server, be sure to think through what that will entail for your session hosts.  You may need to take inventory of your session hosts and ensure that they are pointed to your 2012 / 2012 R2 license server if they aren't already pointed to it.

-Matt

Hello AskPerf!  My name is Susan, and today we are going to discuss an issue where printing through Office applications only produce 1-2 pages out of a multi-page document.

For example, you have Windows 2003/2008 Print Server with (e.g. Lexmark Universal v2 PS3 (2.2.5.71)) and Windows 8.1 clients attempt to print from Office applications; only the first page or 2nd pages will print. 

Other symptoms you may observe:

• You can print only 2 pages, for example: page 2-3 of a 10 page document
• You print just fine out of other applications
• If you print to PDF from Office, the files print as expected

Cause There are two main causes of the behavior above.  The first is missing fonts from the Print Server – the buffer simply fills and overflows and only ~2 pages will print.  The second cause is a legacy Bluetooth service is installed as well as its add-on component.

Resolution #1

Install the missing fonts on the Print Server.  You do not need to install Office, only the fonts.

Here are the fonts that should be installed:

Fonts that are installed with Microsoft Office 2013 products

Fonts supplied with* Office 2010

Office 2010 printing errors with Calibri font when printing through a Windows Server 2003 or 2008 print server

Resolution #2

For the Bluetooth Driver, there are two pieces: the service as well as the add-on that is registered under the Office applications.  The add-ons should be disabled for all Office applications under multiple keys.

Option 1

1. Check with the vendor to determine if there are any updates to your Bluetooth device.

Option 2

1. Uninstall Bluetooth       

a.      Please confirm it is completely uninstalled via checking MSCONFIG and running Services.msc

b.      Next, you will need to modify registry keys in two  locations  and change the loadbehavior to 0 or delete. 

           For example: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\AddinsBtmoffice.connect

And also under  BTMOffice.connect is loaded in Access, Excel, Project, Outlook, Powerpoint, Word for each application.

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Access\Addins\AddinsBtmoffice.connect

And also under  BTMOffice.connect is loaded in Access, Excel, Project, Outlook, Powerpoint, Word for each application.

Option 3

1. Disable Bluetooth as a test

a.      Stop the service from running in Services.msc

b.      Change the loadbehavior in the above registry keys to 0

-Susan

Hello AskPerf!

Wanted to send you a very long overdue note on the current status of the AskPerf Blog site. We are in a transition period on ownership of this blog site going forward. I personally have moved on to another team, and the remaining Performance folks have as well. With that said, a decision will be made hopefully soon, on the future of this blog.

Thank you as always for your support and active participation in our posts.

-Blake