This object monitors the Remote Desktop Services per user client access licenses.
In Windows Server 2008 R2, you can use the Remote Desktop Licensing Manager tool to create (generate) reports to track the Remote Desktop Services Per User client access licenses (RDS Per User CALs) that have been issued by a Remote Desktop license server. RDS Per User CAL tracking and reporting is supported only in domain-joined scenarios because the information about the RDS Per User CAL that has been issued to a user is stored as part of the user account in Active Directory Domain Services (AD DS).
For RDS Per User CAL tracking and reporting to work, the computer account for the license server must be a member of the Terminal Server License Servers group in AD DS. If the license server is installed on a domain controller, the Network Service account must also be a member of the Terminal Server License Servers group.
To resolve this issue, check the event ID, and then view the troubleshooting information for that event in the sections below.
Resolution steps for the following event IDs: 4108, 4107
To resolve this issue, identify and fix any network connectivity problems between the Remote Desktop license server and the Active Directory domain controller by doing the following:
Determine if there is a network connectivity problem by using the ping command.
Perform additional troubleshooting steps, if necessary, to help identify the cause of the problem.
To perform these tasks, refer to the following sections.
Note: The following procedures include steps for using the ping command to perform troubleshooting. Therefore, before performing these steps, check whether the firewall or Internet Protocol security (IPsec) settings on your network allow Internet Control Message Protocol (ICMP) traffic. ICMP is the TCP/IP protocol that is used by the ping command.
To perform these procedures, you must have membership in the local Administrators group, or you must have been delegated the appropriate authority.
Determine if there is a network connectivity problem
To determine if there is a network connectivity problem between the license server and the domain controller:
1. On the license server, click Start, click Run, type cmd, and then click OK.
2. At the command prompt, type ping server_FQDN, where server_FQDN is the fully qualified domain name (FQDN) of the domain controller (for example, server1.contoso.com), and then press ENTER.
If the ping was successful, you will receive a reply similar to the following:
Reply from IP_address: bytes=32 time=3ms TTL=59
Reply from IP_address: bytes=32 time=20ms TTL=59
Reply from IP_address: bytes=32 time=3ms TTL=59
Reply from IP_address: bytes=32 time=6ms TTL=59
3. Ping other computers on the network to help determine the extent of the network connectivity issue.
4. If you can ping other servers but not the domain controller, try to ping the domain controller from another computer. If you cannot ping the domain controller from any computer, first ensure that the domain controller is running. If the domain controller is running, check the network settings on the domain controller.
5. Check the TCP/IP settings on the local computer by doing the following:
At the command prompt, type ping IP_address, where IP_address is the IP address of the domain controller, and then press ENTER.
If you can successfully ping the domain controller by IP address, but not by FQDN, this indicates a possible issue with DNS host name resolution.
If you cannot successfully ping the domain controller by IP address, this indicates a possible issue with network connectivity, firewall configuration, or IPsec configuration.
Perform additional troubleshooting steps
The following are some additional troubleshooting steps that you can perform to help identify the root cause of the problem:
1. Click Start, click Run, type cmd, and then click OK.
2. At the command prompt, type ipconfig /all, and then press ENTER. Make sure that the information listed is correct.
3. Type ping localhost to verify that TCP/IP is installed and correctly configured on the local computer. If the ping is unsuccessful, this may indicate a corrupt TCP/IP stack or a problem with your network adapter.
4. Type ping IP_address, where IP_address is the IP address assigned to the computer. If you can ping the localhost address but not the local address, there may be an issue with the routing table or with the network adapter driver.
5. Type ping DNS_server, where DNS_server is the IP address assigned to the DNS server. If there is more than one DNS server on your network, you should ping each one. If you cannot ping the DNS servers, this indicates a potential problem with the DNS servers, or with the network between the computer and the DNS servers.
6. If the domain controller is on a different subnet, try to ping the default gateway. If you cannot ping the default gateway, this might indicate a problem with the network adapter, the router or gateway device, cabling, or other connectivity hardware.
7. In Device Manager, check the status of the network adapter. To open Device Manager, click Start, click Run, type devmgmt.msc, and then click OK.
8. Check network connectivity indicator lights on the computer and at the hub or router. Check network cabling.
9. Check firewall settings by using the Windows Firewall with Advanced Security snap-in.
10. Check IPsec settings by using the IP Security Policy Management snap-in.
To resolve this issue, check the event ID, and then view the troubleshooting information for that event in the sections below.
Resolution steps for the following event IDs: 8195, 4105
To resolve this issue, do the following:
Add the computer account for the license server to the Terminal Server License Servers group in Active Directory Domain Services (AD DS).
Restart the Remote Desktop Licensing service on the Remote Desktop license server.
To perform these tasks, refer to the following sections.
Note: If the license server is installed on a domain controller, the Network Service account also needs to be a member of the Terminal Server License Servers group.
Add the computer account for the license server to the Terminal Server License Servers group
You can add the computer account for the license server to the Terminal Server License Servers group in AD DS either by using Remote Desktop Licensing Manager or by using Active Directory Users and Computers. To perform these tasks, refer to the following sections.
Add the computer account by using Remote Desktop Licensing Manager
To perform this procedure, you must have membership in the local Administrators group on the license server and membership in the Domain Admins group in AD DS, or you must have been delegated the appropriate authority.
To add the account to the group:
1. On the license server, open Remote Desktop Licensing Manager. To open Remote Desktop Licensing Manager, click Start, point to Administrative Tools, point to Remote Desktop Services, and then click Remote Desktop Licensing Manager.
2. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Yes.
3. In the left pane, click All Servers, click the name of the license server, and then on the Action menu, click Review Configuration.
4. In the Configuration dialog box, click Add to Group.
Note: If Add to Group does not appear in the Configuration dialog box, the computer account for the license server (and the Network Service account) are already members of the Terminal Server License Servers group and no further action is required.
5. Click Continue, and then click OK.
6. Restart the Remote Desktop Licensing service on the license server. To restart the Remote Desktop Licensing service, see the section titled "Restart the Remote Desktop Licensing service."
Add the computer account by using Active Directory Users and Computers
To perform this procedure, you must have membership in the Domain Admins group in AD DS, or you must have been delegated the appropriate authority.
To add the account to the group:
1. Open Active Directory Users and Computers. To open Active Directory Users and Computers, log on to a computer where Active Directory Users and Computers is installed (for example, an AD DS domain controller), click Start, click Run, type dsa.msc, and then click OK.
2. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Yes.
3. Locate the Terminal Server License Servers group. By default, the Terminal Server License Servers group is located in the Builtin container.
4. Right-click Terminal Server License Servers, and then click Properties.
5. On the Members tab, click Add.
6. Click Object Types, select the Computers check box, and then click OK.
7. In the Enter the object name to select box, type the name of the license server that you want to add to the Terminal Server License Servers group. If the license server is installed on a domain controller, add the Network Service account.
8. Click OK, and then click OK.
9. Restart the Remote Desktop Licensing service on the license server. To restart the Remote Desktop Licensing service, see the section titled "Restart the Remote Desktop Licensing service".
Restart the Remote Desktop Licensing service
To perform this procedure, you must have membership in the local Administrators group, or you must have been delegated the appropriate authority.
To start the Remote Desktop Licensing service:
1. Open the Services snap-in on the license server. To open the Services snap-in, click Start, point to Administrative Tools, and then click Services.
2. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Yes.
3. In the Services pane, right-click Remote Desktop Licensing, and then click Restart.
Confirm that the Status column for the Remote Desktop Licensing service now displays Started.
| Target | Microsoft.Windows.Server.2008R2.RemoteDesktopServicesRole.Service.RDLicensing | ||
| Parent Monitor | System.Health.AvailabilityState | ||
| Category | Custom | ||
| Enabled | True | ||
| Alert Generate | True | ||
| Alert Severity | MatchMonitorHealth | ||
| Alert Priority | High | ||
| Alert Auto Resolve | True | ||
| Monitor Type | Microsoft.Windows.2SingleEventLogManualReset3StateMonitorType | ||
| Remotable | True | ||
| Accessibility | Public | ||
| Alert Message |
| ||
| RunAs | Default |
Home
ENU <UnitMonitor ID="Microsoft.Windows.Server.RemoteDesktopServices.2008R2.NewUnitMonitor_11" Accessibility="Public" Enabled="true" Target="Microsoft.Windows.Server.2008R2.RemoteDesktopServicesRole.Service.RDLicensing" ParentMonitorID="SystemHealth!System.Health.AvailabilityState" Remotable="true" Priority="Normal" TypeID="Windows!Microsoft.Windows.2SingleEventLogManualReset3StateMonitorType" ConfirmDelivery="true">
<Category>Custom</Category>
<AlertSettings AlertMessage="Microsoft.Windows.Server.RemoteDesktopServices.2008R2.NewUnitMonitor_11_AlertMessageResourceID">
<AlertOnState>Warning</AlertOnState>
<AutoResolve>true</AutoResolve>
<AlertPriority>High</AlertPriority>
<AlertSeverity>MatchMonitorHealth</AlertSeverity>
<AlertParameters>
<AlertParameter1>$Data/Context/EventDisplayNumber$</AlertParameter1>
<AlertParameter2>$Data/Context/EventDescription$</AlertParameter2>
</AlertParameters>
</AlertSettings>
<OperationalStates>
<OperationalState ID="UIGeneratedOpStateId127c6e9765bc4310a5c2bec62b73bcd2" MonitorTypeStateID="ManualResetEventRaised" HealthState="Success"/>
<OperationalState ID="UIGeneratedOpStateIdadcc3686b4c845729120bcdc6296ba06" MonitorTypeStateID="SecondEventRaised" HealthState="Warning"/>
<OperationalState ID="UIGeneratedOpStateId05d267ced1bf4a02951d63027d6cc01c" MonitorTypeStateID="FirstEventRaised" HealthState="Error"/>
</OperationalStates>
<Configuration>
<FirstComputerName>$Target/Host/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</FirstComputerName>
<FirstLogName>System</FirstLogName>
<FirstExpression>
<And>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="UnsignedInteger">4105</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="String">PublisherName</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="String">Microsoft-Windows-TerminalServices-Licensing</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
</And>
</FirstExpression>
<SecondComputerName>$Target/Host/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</SecondComputerName>
<SecondLogName>System</SecondLogName>
<SecondExpression>
<And>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="String">PublisherName</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="String">Microsoft-Windows-TerminalServices-Licensing</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
<Or>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="UnsignedInteger">4107</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="UnsignedInteger">4108</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="UnsignedInteger">8195</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
</Or>
</Expression>
</And>
</SecondExpression>
</Configuration>
</UnitMonitor>