To resolve this issue, add the computer account for the terminal server to the Session Directory Computers local group on the TS Session Broker server.
Important: If the computer that was denied access is not part of a terminal server farm that is serviced by the TS Session Broker server where the condition was logged, no further action is required.
To perform this procedure, you must have membership in the local Administrators group, or you must have been delegated the appropriate authority.
To add the computer account for the terminal server to the Session Directory Computers local group:
On the TS Session Broker server, open the Local Users and Groups snap-in. To open Local Users and Groups, click Start, click Run, type lusrmgr.msc, and then click OK.
If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
In the left pane, click Groups.
In the right pane, right-click the Session Directory Computers group, and then click Properties.
Click Add.
In the Select Users, Computers, or Groups dialog box, click Object Types.
Select the Computers check box, and then click OK.
Locate and then add the computer account for the terminal server that will use the TS Session Broker server.
Click OK to close the Select Users, Computers, or Groups dialog box, and then click OK to close the Session Directory Computers Properties dialog box.
| Target | Microsoft.Windows.Server.2008.TerminalServicesRole.Service.TSSessionBroker | ||
| Category | EventCollection | ||
| Enabled | True | ||
| Event_ID | 1016 | ||
| Event Source | Microsoft-Windows-TerminalServices-SessionBroker | ||
| Alert Generate | True | ||
| Alert Severity | Error | ||
| Alert Priority | Normal | ||
| Remotable | True | ||
| Alert Message |
| ||
| Event Log | System |
| ID | Module Type | TypeId | RunAs |
|---|---|---|---|
| DS | DataSource | Microsoft.Windows.EventProvider | Default |
| Alert | WriteAction | System.Health.GenerateAlert | Default |
Home
ENU <Rule ID="Microsoft.Windows.Server.2008.TerminalServicesRole.Service.TSSessionBroker.EventCollection.1016" Enabled="onStandardMonitoring" Target="Microsoft.Windows.Server.2008.TerminalServicesRole.Service.TSSessionBroker" ConfirmDelivery="true" Remotable="true" Priority="Normal" DiscardLevel="100">
<Category>EventCollection</Category>
<DataSources>
<DataSource ID="DS" TypeID="Windows!Microsoft.Windows.EventProvider">
<ComputerName>$Target/Host/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>
<LogName>System</LogName>
<Expression>
<And>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="UnsignedInteger">1016</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="String">PublisherName</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="String">Microsoft-Windows-TerminalServices-SessionBroker</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
</And>
</Expression>
</DataSource>
</DataSources>
<WriteActions>
<WriteAction ID="Alert" TypeID="SystemHealth!System.Health.GenerateAlert">
<Priority>1</Priority>
<Severity>2</Severity>
<AlertName/>
<AlertDescription/>
<AlertOwner/>
<AlertMessageId>$MPElement[Name="Microsoft.Windows.Server.2008.TerminalServicesRole.Service.TSSessionBroker.EventCollection.1016.AlertMessage"]$</AlertMessageId>
<AlertParameters>
<AlertParameter1>$Data/EventDescription$</AlertParameter1>
</AlertParameters>
<Suppression>
<SuppressionValue>$Data/Params/Param[1]$</SuppressionValue>
</Suppression>
<Custom1/>
<Custom2/>
<Custom3/>
<Custom4/>
<Custom5/>
<Custom6/>
<Custom7/>
<Custom8/>
<Custom9/>
<Custom10/>
</WriteAction>
</WriteActions>
</Rule>