Nowadays, many organizations, Remote Desktop Services (RDS) manages business processes using solutions. However, performance problems can sometimes occur in these systems. In this article, we will discuss the performance problems encountered in RDS and RDS Farm environments and offer solutions to these problems.
RDS in your environments Temp Profile If you have any problems, you can review the article below;
RDS in your environments Session Limits You can review the article below for its configuration;
Performance Problem and Solution for Environment Using User Profile Disk in RDS
RDS farm environments are designed to allow large numbers of users to connect. User Profile Disk (UPD) Performance problems may occur during use. These problems are usually caused by the inbound and outbound rules created on the Windows Firewall for each user.
In RDS environments, firewall rules are automatically created for each user who logs in. Failure to delete these rules over time causes performance problems on the system. Problems such as taskbar and black screen issues may be encountered, especially during RDP.
Since the rules created are not deleted, they will cause performance problems on the system after a while. Especially during RDP, you may encounter problems such as the Taskbar and black screen. Inbound and Outbound Rule looks like this:
You can view the rules created for each connected user in Windows Defender Firewall;
You can see the current number of firewall rules by using the following command in Command Prompt:
(Get-NetFirewallRule).count
Automatic Deletion of Windows Firewall Rules in RDS
To solve performance problems, the relevant firewall rules should be automatically deleted when the user logs off. You can do this with the following registry key:
For solving this problem Regedit You can create the following key on it and the relevant rules Logoff You can then have it automatically deleted.
- Reg key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy
- Type: REG_DWORD
- Property: DeleteUserAppContainersOnLogoff
- value:
1
PowerShell If you want to add with, the line that should be used is;
New-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy" -Type DWord -Name DeleteUserAppContainersOnLogoff -Value 1
You can clean the firewall rules manually or use the following PowerShell script to clean them automatically. This script removes non-unique login and logout rules from the system:
# Giriş kurallarını temizleme
$FWInboundRules = Get-NetFirewallRule -Direction Inbound | Where {$_.Owner -ne $Null} | Sort Displayname, Owner
$FWInboundRulesUnique = $FWInboundRules | Sort Displayname, Owner -Unique
if ($FWInboundRules.Count -ne $FWInboundRulesUnique.Count) {
$rulesToRemove = Compare-Object -ReferenceObject $FWInboundRules -DifferenceObject $FWInboundRulesUnique
$rulesToRemove | Select -ExpandProperty InputObject | Remove-NetFirewallRule
}
# Çıkış kurallarını temizleme
$FWOutboundRules = Get-NetFirewallRule -Direction Outbound | Where {$_.Owner -ne $Null} | Sort Displayname, Owner
$FWOutboundRulesUnique = $FWOutboundRules | Sort Displayname, Owner -Unique
if ($FWOutboundRules.Count -ne $FWOutboundRulesUnique.Count) {
$rulesToRemove = Compare-Object -ReferenceObject $FWOutboundRules -DifferenceObject $FWOutboundRulesUnique
$rulesToRemove | Select -ExpandProperty InputObject | Remove-NetFirewallRule
}
# Hizmet yapılandırılabilir kuralları temizleme
$FWConfigurableRules = Get-NetFirewallRule -PolicyStore ConfigurableServiceStore | Where {$_.Owner -ne $Null} | Sort Displayname, Owner
$FWConfigurableRulesUnique = $FWConfigurableRules | Sort Displayname, Owner -Unique
if ($FWConfigurableRules.Count -ne $FWConfigurableRulesUnique.Count) {
$rulesToRemove = Compare-Object -ReferenceObject $FWConfigurableRules -DifferenceObject $FWConfigurableRulesUnique
$rulesToRemove | Select -ExpandProperty InputObject | Remove-NetFirewallRule
}