Troubleshooting Remote Desktop Services Busy State for Specific User on Windows Server 2016


5 views

Here's what we observed on a newly deployed Windows Server 2016:

- 2/3 users can RDP normally
- 1 specific user consistently gets:
  "The task you are trying to do can't be completed because Remote Desktop Services is currently busy"
- User session resets (rwinsta) didn't help
- Password resets had no effect
- Forced logout (shutdown /l) failed
- Ultimately required server reboot

The error suggests a stuck session state in Terminal Services. Here are some technical avenues to explore before resorting to reboot:

First, check all active sessions with elevated CMD:

query session
qwinsta
query user

For detailed RDP connection states:

powershell -command "Get-RDUserSession | Format-Table -AutoSize"

Check for hung sessions in registry:

reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v DeleteTempDirsOnExit

To forcibly clear user sessions (admin CMD):

for /f "skip=1 tokens=3" %s in ('query user %USERNAME%') do @logoff %s

Check if TS Gateway is causing the block:

netsh trace start scenario=NetConnection capture=yes tracefile=C:\tsgateway.etl
# Reproduce the issue
netsh trace stop

Create a diagnostic script (Save as CheckRDPState.ps1):

# Check RDP listener state
$RDPListener = Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server" -Name "fDenyTSConnections"
Write-Host "RDP Enabled: $($RDPListener.fDenyTSConnections -eq 0)"

# Check user session state
Get-WmiObject -Namespace root\cimv2\TerminalServices -Class Win32_TSSession | 
    Where-Object {$_.UserName -eq $env:USERNAME} | 
    Select-Object UserName, SessionId, State, LogonTime

Verify these policies aren't causing conflicts:

gpresult /h C:\gp_report.html
# Check specifically for:
- Computer Configuration > Policies > Administrative Templates > Windows Components > Remote Desktop Services

When stuck in this state, try:

1. mstsc /admin /v:servername
2. psexec \\servername cmd (from SysInternals)
3. WinRM connection: Enter-PSSession -ComputerName servername

Add this scheduled task to auto-clean stale sessions (admin PowerShell):

$Trigger = New-ScheduledTaskTrigger -Daily -At 3am
$Action = New-ScheduledTaskAction -Execute "logoff.exe" -Argument "/query /server:$env:COMPUTERNAME | findstr /i \"disc\" | for /f \"tokens=2,3\" %i in ('more') do logoff %i"
Register-ScheduledTask -TaskName "CleanStaleRDPSessions" -Trigger $Trigger -Action $Action -RunLevel Highest

When setting up a new Windows Server 2016 environment, I encountered a particularly stubborn RDP issue where two domain users could connect normally, but the third user consistently received the "Remote Desktop Services is currently busy" error. Here's the complete post-mortem of how I eventually resolved it.

The affected user (let's call him jdoe) couldn't establish an RDP connection while others could. Here's what I tried initially:

# Attempted session reset
rwinsta 1 /server:localhost

# Tried logging off any existing sessions
query session /server:localhost
logoff ID /server:localhost

# Tested credential validity
runas /user:jdoe /savecred "cmd /c echo test"

When basic troubleshooting failed, I started examining specific RDS components:

# Checked Terminal Services configuration
Get-WmiObject -Class Win32_TerminalServiceSetting -Namespace root\cimv2\TerminalServices

# Examined user-specific RDP permissions
(Get-WmiObject -Class Win32_TSNetworkAdapterSetting -Namespace root\cimv2\TerminalServices).GetUserConfig("jdoe")

I discovered the user had orphaned registry entries from previous connection attempts:

# Checked for stuck sessions
Get-ChildItem 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\ClusterSettings'

# Found problematic user-specific keys
Get-ChildItem 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software' | 
Where-Object {$_.Name -like "*jdoe*"}

After exhausting all other options, I performed these steps:

  1. Forced a service restart (without full reboot): 
    Stop-Service TermService -Force
Start-Service TermService
  2. Cleared the user's RDP cache: 
    Remove-Item -Path "$env:systemroot\System32\Msdtc\*.reg" -Force
  3. Reset the user's profile flags: 
    Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-*" -Name "State" -Value 0

To avoid recurrence, I implemented these PowerShell monitoring scripts:

# RDS connection health monitor
$RDSHealth = {
    $sessions = qwinsta /server:localhost
    $active = $sessions | Select-String "Active"
    
    if ($active.Count -gt 0) {
        $active | ForEach-Object {
            $id = ($_ -split '\s+')[2]
            Reset-Session -SessionId $id -Server localhost
        }
    }
}

# Scheduled to run hourly
Register-ScheduledJob -Name "RDS Session Cleaner" -ScriptBlock $RDSHealth -Trigger (New-JobTrigger -Once -At (Get-Date) -RepetitionInterval (New-TimeSpan -Hours 1))

This experience taught me that Windows Server 2016's RDS implementation can sometimes create user-specific deadlocks that require both service-level interventions and user profile cleanup.