You are currently browsing the category archive for the ‘Windows Server’ category.


You are trying to expose an application from Windows Server 2012 Remote Desktop Gateway. It works flawless when connecting from a Windows 8/8.1 machine, but it times out when connecting from a Windows 7 machine.

The possible cause is described in this KB article ID: 2903333


Error on a MSTSC connection with RDP 8.0 on a Windows 2012 Remote Desktop Gateway Server: "This computer can not connect to the remote computer." On the Remote Desktop Gateway Server for Terminal Services Event ID is 4625 listed with the status 0xC000035B in the security log. Protocol name: Security Source: Microsoft Windows security auditing Date: 05/08/2013 16:20:00 Event ID: 4625 Task Category: Logon Level: Information Keywords: Audit Failure User: N computer: RDGW.CONTOSO.COM Description: The registration of an account failed. applicant : Security ID: NULL SID Account Name: -Account Domain: – Logon ID: 0x0 Logon Type: 3 Account in which the login failed: Security ID: NULL SID Account Name: myuserAccount Domain: Contoso error information: Error Cause: The application is an error . occurred Status: 0xC000035B Under Status: 0x0


This error occurs if the registry entry LMCompatibility has been configured to force the use of NTLMv1. By setting LMCompatibility to a value which is smaller than 3, the use of NTLMv1 is forced. forces in Windows 2012 RDP 8.0 default channel bonding. Since these bonds are not delivered when using NTLMv1, the authentication with the status 0xC000035B "The supplied from the client SSPI channel bindings are incorrect" error, indicating that the bonds are not valid.


This article describes how to change the Windows registry. information about modifying the registry, see the online Help topic "Changing Keys and Values" in Registry Editor (Regedit.exe). You should make a backup copy of the registry files (System.dat and User.dat) before you edit the registry. WARNING: Improper use of Registry Editor can cause serious problems that may require you to reinstall your operating system. Microsoft can not guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk.======================================== ==== There are two methods to resolve this error. Method 1:Adjust the registry value LMCompatibility so NTLMv1 is not enforced, by setting it to a value of 3 or a higher value. Further information about the registry value LMCompatibility see Method 2:Set the registry value EnforceChannelBinidng to zero (0) determine the associated lack of channel bindings on the RD Gateway Server be ignored for Terminal Services.  path: HKLM \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Terminal Server Gateway \ Config \ Core Type: REG_DWORD Name: EnforceChannelBinding VALUE: 0 (decimal) Note: The EnforceChannelBinidng value is not present by default on the gateway server and must be created.


This solution is posted in German at

and run through Google Translate as is. There is no equivalent in English, as far as I can tell.

Enjoy :)

Building a new VPC, whether as new dev machine or a testing box can be a time consuming task. Usually it involves a lot of installation and configuration, and you need the ISOs for the installation media.

If you are like me, and do not store the ISOs, you need to go to your trusty TechNet or MSDN subscription and download them again. And you probably are annoyed every single time with the nagging confirmation prompts if you’re doing this off the server OS you’ve just installed.

These are steps to take to disable IE ESC:

Go to Start > Administrative Tools > Server Manager. You can probably get to it through the link button to the right of the Start button also.

On your main tab, under Server Summary > Security Information click on Configure IE ESC


Configure your settings as required. I usually set it to Off for Administrators


Click OK and restart IE.

This is it. Enjoy!

so, I had to do a backup of a dll registered in GAC. If you just open explorer and point it to c:\Windows\assembly … well good luck.

Interesting enough, by going to Start > Run and typing c:\windows\assembly\gac takes you there and you can just copy the DLL you need.

Neat-o trick I just figured out.


If you’re like me, and your main machine runs Windows Server 2008 R2 x64, and you’ve just got the new Windows Phone 7, you are next looking at installing Zune on your machine and start sync-ing podcasts and other stuff.

So, you’ve downloaded the Zune client from HERE and you run it, but it complains about the OS. Basically, the installer blocks Windows Server 2008 (probably other server OS too, have not tested that scenario).

Anyway, to move on past this hick-up, run it from a command prompt, with elevated privileges (run as Administrator). Run the following commands:

ZuneSetupPkg.exe /x

this will extract the files from the package. Specify where the files are to be extracted.

Go to the folder where you’ve extracted the files (within the same cmd session), go to \x64\PACKAGES and run the installer directly. The installer is zune-x64.exe

Now follow the prompts, and you’re done.

Oh, and if your locale is Canada rather than US, for some reason you loose the ability to browse the podcasts library in Zune. Not a big deal, as you can just provide the URL to the podcasts you need to sync, but it is easier to just browse visually.


So I’ve been faced with this situation several times already. I’m logged in to a client (VPN), logged into a server, and the connection drops for whatever reason. I re-connect, but when trying to RDP onto the server I was working on, I get the “The terminal server has exceeded the maximum number of allowed connections.” message. My previous session is still active, but I can’t reconnect to it. Darn, now what?

Hopefully you have access to another server on that same network. Get onto that one, and run:

query session /server:servername

this will give you a list of all active sessions, with the session IDs and the user names. Look for the session ID associated with your username, then run the following command:

reset session ID /server:servername

You will not get any sort of output from this command, but when finished, re-run the first command to make sure your previous session is not active anymore.

Now re-connect (RDP) and you should be able to get back in. You will lose the data in your open applications if not saved.

At least you don’t have to call the network/support guys and tell them you’re locked out AGAIN.


MVP Reconnect

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 617 other followers

Follow Dynamics 365 Wizardry on