Bug in Remote Desktop Client and/or Certificate Revocation Check?

-

one of our branch locations has been implementing split network configuration, part of network behind proxy server.

to effect, have proxy-auto-config set (i think using wpad.dat) , computers not behind proxy set not try proxy-auto-config.

99% of problems people have connecting new computer network can fixed unchecking box in "control panel->internet options->connections->lan settings->automattically detect settings".

the problem have found remote desktop client tries use proxy anyway perform certificate revocation check on terminal services certificate. prevents users connecting ts unless move them on proxy network, because rdp client considers missing revocation information fatal error.

 

i not sure if rdp client bug, underlying system bug (or else).

is there other workaround this? there soemwhere else rdp client looks proxy configuration info?

hi,

when rdp client performs crl check, use winhttp proxy settings. if winhttp proxy configuration not set manually,  retrieve static proxy or direct configuration registry not inherit browser proxy settings. winhttp not share proxy settings internet explorer.

the winhttp proxy configuration set 1 of these mechanisms.

•the proxycfg.exe utility on windows xp , windows server 2003 or earlier.
•the netsh.exe utility on windows vista , windows server 2008 or later.
•winhttpsetdefaultproxyconfiguration on platforms.

if “netsh winhttp show proxy” command not return anything, winhttp try auto detect proxy settings running wpad protocol (contact dns/dhcp, download & compile proxy pac script etc). in  scenario, may consider bypassing wpad protocol altogether putting url in bypass list of winhttp proxy settings.

netsh winhttp set proxy proxy-server="proxyservername" bypass-list="*.<yourdomain>.<com>"

please replace proxyservername , bypass list appropriate one.

netsh commands windows hypertext transfer protocol (winhttp)
http://technet.microsoft.com/en-us/library/cc731131(ws.10).aspx#bkmk_5

shaon shan |technet subscriber support in forum |if have feedback on our support, please contact tngfb@microsoft.com


Windows Server  >  Remote Desktop Services (Terminal Services)



Comments

Post a Comment

Popular posts from this blog

Motherboard replacement

-
running windows 10 technical preview, need replace motherboard can run the  sysprep  command restoring pc ? or there easier  or more preferred way ? thanks if replace motherboard within same family of chipsets (i.e. intel > intel or amd > amd), should okay restarting pc twice. carey frisch Windows 10 Insider Preview  >  Windows 10 Insider Preview General
Read more

Cannot create Full Text Search catalog after upgrading to V12 - Database is not fully started up or it is not in an ONLINE state

-
in order access new full text search capiblities of sql azure, upgraded our azure sql v12. (a day later), when try create new catalog: create fulltext catalog mycatalog default i following message: msg 9972, level 16, state 100, line 1 database not started or not in online state. try full-text ddl command again after database started , becomes online. hi scott, apologies inconvenience caused you. known issue on service side , fix going included in next update. specific case mitigated, should able use full-text search syntax now. thanks, mihaela Microsoft Azure  >  Azure SQL Database
Read more

Remote Desktop App - Error 0x207 or 0x607

-
hi all, i manage windows 2012 r2 network, including connection broker, session hosts , remote apps virtual servers.  i've used remote desktop app on own android phone, no issues @ - connects published gateway url , can login , access network. we looking move business onto nokia handsets ms operating system (currently on blackberry), not able connect via remote desktop app on nokia lumia handset. setup, per android config , brings remote apps , remote desktop screen, know can connect.  when select remote desktop, shows following process: initiating remote connection securing remote connection certificate can't verified - choose connect it digitally signed cert (digicert sha2), pc name different physical connection broker name (inherited domain name old gov project - can't publish publicly) initiating establishing securing connection error have been 0x207 getting 0x607 a bit baffled, work on android (and ipad @ home using app). assume ms use d...
Read more