How to Replicate RDP (TermService) Settings and System Master Keys on Neverfail Heartbeat/Neverfail Continuity Engine with the Neverfail for IIS Plug-in Installed
Summary
This Knowledge base article provides information about replicating the system master key and TermService settings when the Neverfail Heartbeat/Engine installation includes the Neverfail for IIS Plug-in.
More Information
Symptom
RDP to the passive(s) server(s) is no longer working.
Cause
On some Neverfail Heartbeat/Engine installations with the Neverfail for IIS Plug-in installed, changes to the TermService settings and/or OS system master key may have an impact on RDP functionality for the passive server(s). When the TermService is restarted on the passive server, in some cases it generates a new self-signed RDP certificate. This new certificate causes some inconsistency between the RDP settings/certificates on the active server and those on the passive(s) and as a result, the passive server can no longer be accessed using RDP.
Resolution
Ensure that you are applying the procedure below on the Active server to which RDP is working. If that server is no longer available, consider re-importing the certificates/settings on the newly active server, verify that they work correctly, and then apply the procedure below.
- On the Active server, launch the Neverfail Advanced Management Client.
- Navigate to the Server -> Summary page and click the Stop Replication button.
- Select Do not stop protected applications and click OK.
- Confirm the stopping action by clicking OK on the Confirmation dialog.
- In the Neverfail Advanced Management Client, navigate to Data-> File Filters.
- Click the Add Filter button and add C:\WINDOWS\SYSTEM32\MICROSOFT\** in the replication set.
-
On the active server, start the Registry Editor and navigate to: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations and export this registry key.
Each time you apply this procedure please use a fresh export of the registry hive mentioned above.
- Import the registry key on the passive server(s).
- Restart replication by clicking the Start replication button from Server -> Summary tab, selecting the Do not attempt to start protected applications option.
- After the File System Check and Registry Synchronization finishes, check to confirm that the issue was resolved.
- If you have The 'unmonitored applications’. This can be fixed with a Start Applications command.
Applies To
Related Information
Related Articles
Neverfail for IIS Plug-in Version 201.5.6 - Online Help
About Neverfail for IIS Plug-in Neverfail for IIS proactively monitors and protects your IIS environment, looking for changes to web, FTP, and SMTP sites. This plug-in protects the IIS services, content and system configuration. Install/Uninstall the ...Continuity Engine Product Architecture
Learning objectives At the completion of this session, you should be able to: Identify major components of the Neverfail Continuity Engine product architecture. Describe major component configuration. Identify advantages of the Neverfail Continuity ...Neverfail IT Continuity Engine v7.1.2 - Release Notes
Summary This Knowledgebase article provides information about this specific release of Neverfail IT Continuity Engine v7.1.2 Overview This release of Neverfail IT Continuity Engine is a patch release that applies to Neverfail IT Continuity Engine ...Neverfail IT Continuity Engine v8.0 - Release Notes
Summary This Knowledge base article provides information about this specific release of Neverfail IT Continuity Engine v8.0 More Information Supporting Documentation A listing of technical documents supporting this version of Neverfail IT Continuity ...Neverfail System Plug-in Version: 401.0.2 - Online Help
About Neverfail System Plug-in The Neverfail System Plug-in for Neverfail Continuity Engine adds system performance monitoring features to identify critical hardware and operating system performance issues that could affect system availability. ...