Win 2016 RDP Black Screen

One of our clients recently started to experience the dreaded RDP Black Screen issue on their Win 2016 servers. I had read about this problem, but never witnessed it first hand. The only thing that managed to get the servers operational again was a reboot. Not good in commercial environment.

After much research, I thought I'd consolidate all my findings in this post in the hope it saves you, the reader, the same pain.

These servers were running as Virtual Machines in an Esxi 6 U2 environment and all users are using UPDs (User Profile Disks).

There are reports that restarting the Audio Service on the server rectifies the problem, but it didn't work in our case. I thought I'd document that so you have the info here:

Open an admin command prompt and type the following

net stop Audiosrv
taskkill /F /IM AudioDG.exe
net start Audiosrv

These are the changes that were made to the RDP servers that seems to have stabilised them:

  1. Ensure none of the users UPDs are full. Apparently this can cause this Black Screening for all other users of the RDP servers. You can expand their disks by following this tutorial here...
  2. This was not the case in our issue, but apparently if you have removed the Account "NT AUTHORITY\INTERACTIVE" from the Users group on the machine, this can cause this problem. You can read more about that here...
  3. Duplicate firewall rules created within the registry when users log on every day. This can lead to 10s of thousands of records created needlessly causing a slow log on experience for your users. To clear them out I've created a Schedule Task that runs a midnight each day on each RDP Server that runs a batch file with the following registry edit syntax: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System" /va /f
  4. There are now reports that this could be caused by Firefox. Apparently, Firefox creates an endless loop in the audiodg.exe process and even if Firefox is closed and the sessions terminated, the loop within audiodg.exe will remain halting windows logons just before desktop is shown. In our case we have Firefox installed so I will be uninstalling it to see if there is any improvement. You can read more about the issue here...

This has seems to have stabilised the servers in the interim and I will update this post should any further information become available or include additional remediation techniques.

 

4 Responses

  1. Worked like a charm! It would be better if you create a Registry key that deletes the above location that runs everytime a user logs in :-) HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\Configurable\System
    • Matrix7
      Yes, that is an option as well. The only concern would be whether it would impact on the log on speed. I haven't tested that, so can't confirm. That's why I went for the scheduled task route.
      • I can confirm that it works, I have tested it on an RDS Farm with 5 RDS Hosts. It reduces the logon time. Thanks
        • Matrix7
          Thanks for the feedback. Will give it a go when I next get the chance.

Leave a comment