S
spookyneo
Hi,
In our business, we have an application server that host one application and has RDP services enabled to allow multiple users to remotely connect and launch the hosted application.
The server is a VMware (ESXi 5.5 Patch 9) virtual machine running Windows Server 2012 R2 Standard. 16GB of RAM and 8 vCPU.
We've had this server in production since May and we've seen 2 occurrences of the issue so far. At one point, new users are not able to log into the server using RDP. The users that are already logged in can still work on the server/application without any issue. The new users who try to login, input their domain username and password, but stay stuck at the "Welcome" screen. They don't get disconnected, it just spins at "Welcome" forever. Interestingly enough, usually you'll be able to see the username (domain\username) on the top of the "Welcome" text, but when the issue happens, it shows "Other user". The only way to "fix" the issue is to manually Reset the virtual machine (Power Off/Power On).
The issue happened last night and I did some troubleshooting before resetting the server. At first, I believed that only the RDP protocol was affected, so I tried to log on the server using the VMware console and got the same results as the users. I left it running for about 2 hours and never got it in; was still stuck at Welcome. Users also told me that they never got in. I also tried to use "Computer Management" and connect remotely to the server and see the logs. It would never let me in, got stuck at "Connecting...". So I eventually gave up my investigation to restore the service and reset the virtual machine. After the reset, everyone were able to login again, including me.
I took a look at the Windows Events Logs after the reset and the only relevant logs that I could find within the window of the issue were multiple Evend ID 4005 the following :
Event ID : 4005
The Windows logon process has unexpectedly terminated.
I also investigated the performance metrics of the virtual machine. CPU and RAM were within normal and gave me no reason to suspect a performance issue.
All the hard drives have more than enough available space.
Network doesn't seem to be the issue either, as some already logged in users were able to work and pings were consistent/stable.
The server is restarted properly each week as a preventive measure.
I don't believe it is hardware related, but more related to Windows itself. Probably not RDP services since the console didn't work either.
Do you guys have any idea about this issue ?
Thanks,
Guillaume.
Continue reading...
In our business, we have an application server that host one application and has RDP services enabled to allow multiple users to remotely connect and launch the hosted application.
The server is a VMware (ESXi 5.5 Patch 9) virtual machine running Windows Server 2012 R2 Standard. 16GB of RAM and 8 vCPU.
We've had this server in production since May and we've seen 2 occurrences of the issue so far. At one point, new users are not able to log into the server using RDP. The users that are already logged in can still work on the server/application without any issue. The new users who try to login, input their domain username and password, but stay stuck at the "Welcome" screen. They don't get disconnected, it just spins at "Welcome" forever. Interestingly enough, usually you'll be able to see the username (domain\username) on the top of the "Welcome" text, but when the issue happens, it shows "Other user". The only way to "fix" the issue is to manually Reset the virtual machine (Power Off/Power On).
The issue happened last night and I did some troubleshooting before resetting the server. At first, I believed that only the RDP protocol was affected, so I tried to log on the server using the VMware console and got the same results as the users. I left it running for about 2 hours and never got it in; was still stuck at Welcome. Users also told me that they never got in. I also tried to use "Computer Management" and connect remotely to the server and see the logs. It would never let me in, got stuck at "Connecting...". So I eventually gave up my investigation to restore the service and reset the virtual machine. After the reset, everyone were able to login again, including me.
I took a look at the Windows Events Logs after the reset and the only relevant logs that I could find within the window of the issue were multiple Evend ID 4005 the following :
Event ID : 4005
The Windows logon process has unexpectedly terminated.
I also investigated the performance metrics of the virtual machine. CPU and RAM were within normal and gave me no reason to suspect a performance issue.
All the hard drives have more than enough available space.
Network doesn't seem to be the issue either, as some already logged in users were able to work and pings were consistent/stable.
The server is restarted properly each week as a preventive measure.
I don't believe it is hardware related, but more related to Windows itself. Probably not RDP services since the console didn't work either.
Do you guys have any idea about this issue ?
Thanks,
Guillaume.
Continue reading...