Custom Search
| Home | Sitemap | Feedback | About... |
Custom Search
|
Other FAQ sections: Installation | Server configuration | Client resources | User issues | Licensing | Printing | Connectivity | Profiles | Performance | Applications | Administration & Monitoring | More FAQS
Q: Remote Desktop session window won't stay minimized
Last modified: June 17, 2007
A: Symptoms: the Remote Desktop session window keeps popping to the foreground every now and then when it is idle and minimized.
Cause: the underlying cause is a network problem. Your session gets disconnected, and when it auto-reconnects, the session maximizes and comes to the foreground. So you should monitor your network and solve the frequent disconnections.
Top of page | FAQ | Home
Q: How do I get rid of the yellow connection bar?
Last modified: September 22, 2007
A: To disable the yellow connection bar, go to the display tab in the RDP client and uncheck "Display the connection bar when in full screen mode." This setting is equivalent to
displayconnectionbar:i:0in the .rdp file. The connection bar will still be visible for 5 seconds when you log on, but then it will automatically slide out of view. Moving your mouse to the top of your desktop will give you the connection bar back.
If you want to get rid of it alltogether, add this registry key to your profile:
HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client "PinConnectionBar" = REG_DWORD:0Now the connection bar will not return, even if you move the mouse to the top of the screen.
907478 - Description of a design change in Remote Desktop Protocol version 5.2 where the "Connection" bar is always displayed for the first five seconds of a user session in Windows XP
Top of page | FAQ | Home
Q: When users start a program, they get an error message:
"Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item."
Last modified: September 7, 2008
A: Internet Explorer Enhanced Security (IEES) restricts access to scripts, executable files, and other potentially unsafe files on a UNC path unless the UNC path is added to the Local Intranet zone explicitly. For example, if you want to access \\server\share\setup.exe, you must add \\server to the Local Intranet zone.
On the Terminal Server, go to Control Panel - Internet Options - Security - Local Intranet zone. Add the UNC name of the server where the application is located, something like \\server.
Or configure this in a GPO:User Configuration - Windows Settings - Internet Explorer Maintenance - Security zones and Content ratings "Local intranet"
Set the "Launching applications and unsafe files" setting for your Local Intranet zone to "Enable".
If this setting is configured as "Disable", then the users will get the above error message.
If you are running Windows 2008, you can fine-tune your settings by using this GPO setting:
User Configuration - Administrative Templates - Windows Components - Attachment Manager "Inclusion list for moderate risk file types"Set this policy to "Enable" and type in the name of your application. This will override the default security settings for the zone.
For more details, check this:
Internet Explorer Maintenance Extension Technical Reference
Managing Internet Explorer Enhanced Security Configuration
942091 - You may be unable to run an executable file or a script file from a UNC path when you have Windows Internet Explorer 7 installed on a Windows Server 2003-based computer
Top of page | FAQ | Home
Q: When users start a program, they get a security warning:
"The publisher could not be verified. Are you sure that you want to run this software?"
Last modified: September 7, 2008
A: Internet Explorer Enhanced Security (IEES) restricts access to scripts, executable files, and other potentially unsafe files on a UNC path unless the UNC path is added to the Local Intranet zone explicitly. For example, if you want to access \\server\share\setup.exe, you must add \\server to the Local Intranet zone.
On the Terminal Server, go to Control Panel - Internet Options - Security - Local Intranet zone. Add the UNC name of the server where the application is located, something like \\server.
Or configure this in a GPO:User Configuration - Windows Settings - Internet Explorer Maintenance - Security zones and Content ratings "Local intranet"
Set the "Launching applications and unsafe files" setting for your Local Intranet zone to "Enable".
If this setting is configured as "Prompt", then the users will get the above security warning.
If you are running Windows 2008, you can fine-tune your settings by using this GPO setting:
User Configuration - Administrative Templates - Windows Components - Attachment Manager "Inclusion list for moderate risk file types"Set this policy to "Enable" and type in the name of your application. This will override the default security settings for the zone.
For more details, check this:
Internet Explorer Maintenance Extension Technical Reference
Managing Internet Explorer Enhanced Security Configuration
942091 - You may be unable to run an executable file or a script file from a UNC path when you have Windows Internet Explorer 7 installed on a Windows Server 2003-based computer
Top of page | FAQ | Home
Q: When users start a Remote Desktop Connection or a RemoteApp, they get a dialog box: "a Website wants to start a remote connection. The publisher of this remote connection cannot be identified."
Last modified: September 27, 2008
A: This security warning is introduced in rdp client 6.1. and is shown when the client cannot verify the identity of the server.
The method to avoid it is to use certificates on the server. You can digitally sign the file that launches the RemoteApp in RemoteApp Manager.
If the client trusts the certificate that was used in signing the file, then user can disable the pop-up warning.
There is no way to get rid of the dialog without having the RDP files signed by the publisher.
You can obtain SSL certificates from public certification authorities (one of the cheapest: GoDaddy.com), or from an enterprise CA in your public key infrastructure hierarchy (free).
For more details, check this:
“Unknown Publisher”? Where did this dialog box come from?
Top of page | FAQ | Home
Q: How can I allow my left-handed users to configure their mouse buttons properly?
Last modified: January 30, 2008
|
A: You can give your users access to only one or more specific Control Panel applets, without giving them
access to the complete Control Panel. This is done with a a Group Policy setting (main.cpl is the Mouse applet): User configuration - Administrative templates - Control Panel - Policy "Show only specified Control Panel applets" List of allowed Control Panel applets: "main.cpl"
For a list of all Control Panel applets, see:
For a different approach, see: |
Top of page | FAQ | Home
Q: Extended characters with the right Alt key don't work
Last modified: June 17, 2007
A: This is caused by a bug related to keyboard hooks. The workaround is to disable keyboard hooking. In the Remote Desktop Client, choose:
Options - Local Resources - Apply Windows Key Combinations = 'On this Computer Only'More information:
Top of page | FAQ | Home
| Copyright © 2002-2008 Vera Noest |