Troubleshooting Remote Desktop Services (RDS)

Registry_RDP_SelfSignedCertificate_Path
Registry_RDP_SelfSignedCertificate_Path

This article briefly look at ways to view registry settings for Troubleshooting Remote Desktop Services (RDS).

Remote Desktop Services (RDS) is Microsoft’s platform to provide virtualization solutions. The Virtualization platform includes Application virtualization, securely providing Remote Desktop Access.

The user has the option of accessing the Applications and Remote Desktops from the Cloud too.

What is Remote Desktop Services?

Remote Desktop Services (RDS) is a component of Microsoft Windows Server which interactively allow users to access Remote Desktops and Applications.

Registry commands / settings used for Troubleshooting Remote Desktop Services (RDS)

Listed below are the various Powershell and Command-Line commands that you can use to Troubleshooting Remote Desktop Services (RDS).

How to Check the Certificate Thumbprint used by Remote Desktop Service on Port 3389?

Powershell

Get-WmiObject -class "Win32_TSGeneralSetting" -Namespace root\cimv2\terminalservices -Filter "TerminalName='RDP-tcp'"

How to Update the Certificate Thumbprint used by Remote Desktop Service on Port 3389?

Powershell

$Thumbprint = "Thumbprint of the Certificate to be Used"

$path = (Get-WmiObject -class "Win32_TSGeneralSetting" -Namespace root\cimv2\terminalservices -Filter "TerminalName='RDP-tcp'").__path
Set-WmiInstance -Path $path -argument @{SSLCertificateSHA1Hash="$Thumbprint"}

Command Line

wmic /namespace:\\root\cimv2\TerminalServices PATH Win32_TSGeneralSetting Set SSLCertificateSHA1Hash="<THUMBPRINT>"

What is the Registry Key location for the Certificate Thumbprint for Remote Desktop Services on Port 3389?

Registry Editor

SelfSignedCertificate

Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations

ValueName: SelfSignedCertificate
Registry_RDP_SelfSignedCertificate_Path
Registry_RDP_SelfSignedCertificate_Path

TemplateCertificate

** This Registry Value and Data only appears if you use a Group Policy Object (GPO) to Issue Remote Desktop (RDP) Certificates.

Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations

ValueName: TemplateCertificate
Registry_RDP_TemplateCertificate
Registry_RDP_TemplateCertificate_Path

How to reset Remote Desktop Services License Server Grace Period via Registry?

Registry Editor

By Default, we do not have permissions to delete Values under this GracePeriod key. Hence, you will have to grant Full Control permission to the user you want to manage the key. Follow the steps listed below to grant Full Control to Administrators on the GracePeriod key:

  1. Right-click the GracePeriod folder -> select Permissions.
  2. select Administrators -> Change the Permissions to Full Control -> Click OK
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM\GracePeriod

Delete the following Value from the key mentioned above and reboot the server:
ValueName: L$RTMTIMEBOMB

What is the registry location for RDP Certificate Template Name?

The Template Name of the Certificate used by the Server for RDP connections can be found at the following registry location:

Server authentication certificate template registry location:

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\CertTemplateName

Read More..

Click here to learn more about Remote Desktop Services from Microsoft.

Click here to learn more about Remote Desktop Session Host Role.