Learn How to Fix RDS Black Screen and other Common RDS Issues
The App Readiness service is responsible for getting applications ready for use the first time a user logs into a session host and also when adding new applications. However, in Remote Desktop Services (RDS) deployments, it may sometimes cause black screen issues. This blog post outlines some possible solutions for RDS black-screen issues and explains other common problems that may prevent the service from working properly, including potential ways to address them.
What Is RDS?
Microsoft RDS, formerly known as Terminal Services, is a general term used to group certain roles of Microsoft Windows Server that allow users to access Windows desktops and applications remotely by using the Remote Desktop Protocol (RDP).
Below are the main roles within an RDS environment:
- Remote Desktop Session Host: Hosts the Windows desktop or applications for remote access.
- Remote Desktop Connection Broker: Manages and handles incoming connections to both collections of full desktops and remote applications.
- Remote Desktop Gateway: Used to grant users on public networks access to RDS resources located on an internal corporate network. Secure Sockets Layer (SSL) is used to keep communications encrypted between clients and session hosts.
- Remote Desktop Web Access: Provides access to desktops and applications through a web portal and launches them through the device’s native Microsoft Remote Desktop client application.
- Remote Desktop Licensing: Manages the client access licenses.
What Are Some Common Issues with RDS?
Some common issues that may prevent RDS from working properly and possible ways of fixing them are described below:
Firewall blocking connection
RDP uses port 3389 by default, and the session host must have this port accessible from the end-user devices for internal connections or from the Remote Desktop Gateway for external connections.
Ensure that the port your RDS environment uses isn’t being blocked by an existing firewall between the client and the session host, including the Windows Defender Firewall if it is enabled on the session host.
Certificate issues
Remote Desktop Gateway requires a certificate to be installed because it uses SSL encryption. Clients must trust the certificate authority that issued the certificate to guarantee a successful connection with the session hosts.
Open the Certificates Microsoft Management Console (MMC) on the client device, and check that a copy of the certificate authority’s root certificate has been imported to the Trusted Root Certification Authorities store.
Remote access rights
Users accessing RDS resources must be granted the Allow log on through Remote Desktop Services right over the session hosts they are connecting to.
Open the Group Policy Object Editor by running GPEdit.msc from the command prompt. Navigate through the console tree to Computer Configuration > Windows Settings > Security Settings > Local Policies > User Rights Assignment. Double click on Allow log on through Remote Desktop Services and include the necessary users or groups.
DNS problems
Domain Name System (DNS) inconsistencies due to Internet Protocol (IP) changes or other issues can cause different connection problems when using RDS services.
Ensure that the existing DNS entries for the session hosts and the infrastructure components are configured with the correct IP address.
CredSSP unpatched version
Credential Security Support Provider protocol (CredSSP) is an authentication provider used to process authentication requests for other applications. Microsoft detected a remote code execution vulnerability in unpatched versions of CredSSP and requires both the client and session host to use an updated cloud solution provider (CSP) to work properly.
Ensure that both the client and session hosts are running patched versions of CredSSP.
Capacity problems
Ensure that your RDS setup always has available resources and licenses to host new, incoming user connections. For instance, when working with personal virtual desktop infrastructure (VDI) pools, new users’ connections will be rejected if all deployed machines are already hosting other users’ sessions.
What Are Possible Solutions for “Black Screen of Death” When Using Remote Desktop?
Below are possible solutions that may fix the “black screen of death” issue in RDS scenarios:
Connect using a different resolution or color depth.
Confirm video drivers are updated both on client and session host.
.
Run CTRL+ALT+END. This combination will sometimes open the entire desktop or at least the Task Manager. If only the Task Manager is available, run File-> Run new task and type explorer.exe.
Run Group Policy Editor (GPEdit.msc) on the client device. Navigate through the console tree to Computer Configuration > Administration Templates > Windows Components > Remote Desktop Services > Remote Desktop Connection Client. Double-click on the Turn Off UDP On Client setting, and select Enabled.
Remotely restart the Remote Desktop Services service (TermService) or the entire machine via command line using administrator credentials.
- Restart service via Services MMC:
Run services.msc.
Click on the Services name in the left pane, go to Action, then Connect to another computer… ,and enter the name of the remote computer.
- Search for Remote Desktop Services, right-click on it and click on the Restart option.
- Restart the entire machine:Open a command prompt, and run shutdown /r /m ServerName /t 60. Refer to these definitions: /r Full shutdown and restart the computer. /m \\computer Specify the target computer. /t xxx Set the time-out period before shutdown to xxx seconds.Notes:
- The valid range for the time-out period is 0–315360000 (10 years), with a default of 30.
- If the timeout period is greater than 0, the /f parameter is implied.
How to Configure App Readiness to Avoid Black Screen on Log On
As has already been explained in this blog post, there can be multiple possible causes for black screens in RDS scenarios. However, it has been found that the App Readiness service may be responsible for this behavior when using Azure Virtual Desktops and FSLogix Profile Containers.
If you are experiencing black screen issues under this scenario, check the following alternatives:
- Install the latest available security updates for all session hosts by navigating to Settings > Update & Security > Windows Update > Check for updates.
- If your session hosts are not patched, install the optional KB4571744 update that can be downloaded from the Microsoft Update Catalog website.
- Reduce the default service timeout by editing the following registry keys that will change the initial sign-in timeout to 30 seconds (remember to back up the existing registry keys prior to making changes):
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AppReadinessPreShellTimeoutMs Data Type: DWORD Value:0x7530
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\FirstLogonTimeout Data Type: DWORD Value:0x1e
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DelayedDesktopSwitchTimeout Data Type: DWORD Value:0x1e
The App Readiness service can also be stopped or disabled, but this is not a recommended workaround because this service is involved in other common tasks such as the Windows Update process.
Parallels RAS Removes Complexity from Deploying and Managing VDI Solutions
You can use Parallels® Remote Application Server (RAS) to deploy and manage your VDII solutions with ease. Take advantage of the following benefits:
- Easy deployment: Parallels RAS helps companies to deploy and manage VDI solutions easily, thanks to intuitive wizards and a central administration point, the Parallels RAS Console.
- Hypervisor flexibility: Parallels RAS supports different virtualization technologies including Microsoft Hyper-V and VMware ESXi, hyperconverged infrastructures such as Nutanix Acropolis and Scale Computing HC3, and cloud-based providers such as Microsoft Azure. Therefore, companies have different alternatives to choose the virtualization solution that best fits their needs. Additionally, Parallels RAS is fully compatible with Microsoft’s Azure Virtual Desktop.
- Simplified VDI management: The auto-provisioning and auto-scaling features included in Parallels RAS provide companies with on-demand scalability when provisioning VDI workloads based on pre-created templates. This optimizes resource usage and reduces costs.
You can give Parallels RAS a try by downloading our free, 30-day trial.
