Windows OS Hub / Windows Server 2019 / RDS and RemoteApp Performance Issues on Windows Server 2019/2016

May 16, 2022 Windows 10 Windows Server 2016 Windows Server 2019

RDS and RemoteApp Performance Issues on Windows Server 2019/2016

In this article, I’ve put together some solutions to common performance problems with RDS servers or published RemoteApp that I’ve encountered in my infrastructure. Before implementing any of the solutions or workarounds, check if it is suitable for your infrastructure and environment.

Contents:

Fixing RDS Performance on Windows Server 2016/2019 with UPD
Poor RDS/RemoteApp Performance Due to High Mouse Polling Rate
Slow RemoteAPP, Mouse, and Menu Lags after Windows 10 Upgrade

Fixing RDS Performance on Windows Server 2016/2019 with UPD

RDS servers running Windows Server 2019/2016 with a large number of users may experience slow performance when using User Profile Disks.

The problem is that new inbound and outbound rules are created in Windows Defender Firewall every time a user logs in. Those firewall rules are not automatically removed when the user logs out.

Over time, a lot of duplicate rules appear in the firewall, which leads to a dramatic decrease in performance of the RDS server (slow login, black screen when logging in via RDP, RDS hosts freeze, menus don’t open, and the Start button does not appear).

Check the number of rules in Windows Defender Firewall using the PowerShell command:

(Get-NetFirewallRule).count

In my case, one of the RDS hosts had 18,000 firewall rules! These rules are created for Windows UWP Store apps each time a user signs in.

To fix the issue, you must first install the latest security updates for your version of Windows Server (at least KB4467684 on Windows Server 2016 and KB4490481 for Windows Server 2019). Then create the following registry parameter on your RDSH:

Reg key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy
Type: REG_DWORD
Property: DeleteUserAppContainersOnLogoff
Value: 1

You can create a registry property using the PowerShell command:

New-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy" -Type DWord -Name DeleteUserAppContainersOnLogoff -Value 1

If you have multiple RDS hosts in your domain, you can deploy this registry parameter using GPO.

Don’t forget to manually clear the inbound and outbound rules in Windows Defender Firewall. If there are few firewall rules, you can use a PowerShell script from the TechNet thread (https://social.microsoft.com/Forums/Azure/en-US/992e86c8-2bee-4951-9461-e3d7710288e9/windows-servr-2016-rdsh-firewall-rules-created-at-every-login?forum=winserverTS).

Instead of using User Profile Disks on RDS servers, you can use modern FSLogix containers to store user profiles.

Poor RDS/RemoteApp Performance Due to High Mouse Polling Rate

Many users complain about poor RDP session performance, high latency, and mouse lags after migrating the RDS farm to Windows Server 2019. The mouse is very slow to respond to movement, the cursor shakes, and freezes.

This problem can be related to the high DPI and polling rate settings of some optical mice (usually gaming mice). For example, the popular Logitech G203 mouse has a default polling rate of 1000 times per second (1000 Hz). A high mouse polling rate seems to cause a high load on the RDP connection, and you may encounter lags when working with RemoteApps. If you reduce this value to 125 times per second (125 Hz), the mouse problem in the RDP session will disappear.

You can reduce the Polling Rate using the vendor’s mouse tools.

If you can’t reduce the polling rate, try to disable the mouse cursor shadow (uncheck the Enable pointer shadow option) and select the None scheme for the pointer in the mouse settings in the Windows Control Panel (main.cpl).

Slow RemoteAPP, Mouse, and Menu Lags after Windows 10 Upgrade

Users may experience performance issues with RemoteApps published on Windows Server 2019/2016/2012R2 RDS servers after the Windows 10 build upgrade. RDS RemoteApps may start to work much slower, any action that is caused by a mouse click is performed (drawn) 2-3 times longer, and context menus in RemoteApps are displayed slowly (menu items blink, you have to click on them several times, sometimes they do not appear at all). Similar problems occurred when upgrading Windows 10 builds on clients to 1803 and 20H2.

In this case, problems don’t occur in the full-screen RDP connection mode established with the built-in Mstsc.exe or RDCMan client.

To work around this problem, you can try to change the value of the Use Advanced RemoteFX graphics for RemoteApp parameter to Disabled using the local GPO editor (gpedit.msc) (GPO section: Computer Configuration -> Policies -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Remote Session Environment).

If graphics programs (usual, the CAD apps) are published as RemoteAPPs, then they will not work without Remote FX support.

However, there is also a workaround to replace the RDP client version with an older one. Because performance issues with RemoteApp have been encountered also in Windows 10 1709, it’s best to use RDP libraries from 1607 or 1703. The thing is that after upgrading the Windows 10 build, a new version of the RDP client is installed, which doesn’t work correctly with the programs published via RDS RemoteApp.

You can fix poor RemoteApp performance on clients by replacing the mstsc.exe and mstscax.dll files in the C:\Windows\System32 folder with the versions from a previous build of Windows 10 (1703 or 1607).

How to replace RDP client files in Windows 10?

Close all RDP connections and running RemoteApp (it is better even to restart the computer);
Download the archive with the versions of mstsc.exe and mstscax.dll from Windows 10 1607 build (mstsc-w10-1607.zip);
Copy the original mstsc.exe and mstscax.dll files from the C:\windows\system32\ to the C:\BackUp using the commands:md c:\backup\ copy C:\windows\system32\mstsc.exe c:\backup copy C:\windows\system32\mstscax.dll c:\backup
Then you need to assign your account to the owner of the mstsc.exe and mstscax.dll files in the C:\windows\system32\ directory, disable inheritance and grant yourself the permissions to modify the files:takeown /F C:\windows\system32\mstsc.exe takeown /F C:\windows\system32\mstscax.dll icacls C:\windows\system32\mstsc.exe /inheritance:d icacls C:\windows\system32\mstscax.dll /inheritance:d icacls C:\windows\system32\mstsc.exe /grant root:F icacls C:\windows\system32\mstscax.dll /grant root:F
In this example, the name of the local account with administrator permissions is root. Replace it with your account name.
Replace the files in the C:\windows\system32\ directory with the files from the archive;
Restore the original permissions on the copied files. To do this, enable inheritance of NTFS permissions and set the owner of the files to “NT Service\TrustedInstaller” using the ICACLS tool:icacls C:\windows\system32\mstsc.exe /inheritance:e icacls C:\windows\system32\mstscax.dll /inheritance:e icacls C:\windows\system32\mstsc.exe /setowner "NT Service\TrustedInstaller" /T /C icacls C:\windows\system32\mstscax.dll /setowner "NT Service\TrustedInstaller" /T /C
It remains to re-register the library::
regsvr32 C:\Windows\System32\mstscax.dll

Hint. You can also replace the system files by running a command prompt on behalf of the SYSTEM account. Also, you can copy and replace the mstsc.exe and mstscax.dll files on multiple computers in an Active Directory domain.

This will temporarily fix the RemoteApp performance issue on Windows 10 clients.

RDS and RemoteApp Performance Issues on Windows Server 2019/2016

Fixing RDS Performance on Windows Server 2016/2019 with UPD

Poor RDS/RemoteApp Performance Due to High Mouse Polling Rate

Slow RemoteAPP, Mouse, and Menu Lags after Windows 10 Upgrade

Deploying Software (MSI Packages) Using Group Policy

How to Manually Install Windows Updates from CAB and MSU Files?

Related Reading