A remote session does not end immediately on a computer that is running Windows Server 2003 Service Pack 1 (901196)

Important This article contains information about how to modify the registry. Make sure to back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows registry

SYMPTOMS

You try to close a published application shortly after the application is started on a remote computer that is running Terminal Services and Microsoft Windows Server 2003 Service Pack 1 (SP1). However, the remote session does not end immediately. The Remote Desktop Connection window may stay open for up to 70 seconds.

RESOLUTION

Warning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall your operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.

To resolve this issue, create the AEExpress registry subkey in the registry of the Windows Server 2003 SP1-based remote computer that is running Terminal Services. To do this, follow these steps.

Note You have to create this registry key for every user on the Windows Server 2003 SP1-based computer.

Click Start, click Run, type regedit, and then click OK.
In Registry Editor, locate and then click the following registry subkey:
HKEY_CURRENT_USER\Software\Microsoft\Cryptography\AutoEnrollment
On the Edit menu, point to New, and then click Key.
Type AEExpress, and then press ENTER.
On the File menu, click Exit to close Registry Editor.

Note We recommend that you not to use the AEExpress registry subkey in a regular production environment. If you have to use the AEExpress registry subkey, use it on a per-user basis.

WORKAROUND

To work around this issue, follow these steps:

Click Start, click Run, type Gpedit.msc, and then click OK.
Expand User Configuration, expand Windows Settings, expand Security Settings, and then click Public Key Policies.
Double-click Autoenrollment Settings, and then click the Do not enroll certificates automatically option.

MORE INFORMATION

For more information about certificate autoenrollment in Windows Server 2003, visit the following Microsoft Web site:

http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/autoenro.mspx

Technical support for x64-based versions of Microsoft Windows

Your hardware manufacturer provides technical support and assistance for x64-based versions of Windows. Your hardware manufacturer provides support because an x64-based version of Windows was included with your hardware. Your hardware manufacturer might have customized the installation of Windows with unique components. Unique components might include specific device drivers or might include optional settings to maximize the performance of the hardware. Microsoft will provide reasonable-effort assistance if you need technical help with your x64-based version of Windows. However, you might have to contact your manufacturer directly. Your manufacturer is best qualified to support the software that your manufacturer installed on the hardware.

For product information about Microsoft Windows XP Professional x64 Edition, visit the following Microsoft Web site:

http://www.microsoft.com/windowsxp/64bit/default.mspx

For product information about x64-based versions of Microsoft Windows Server 2003, visit the following Microsoft Web site:

http://www.microsoft.com/windowsserver2003/64bit/x64/default.mspx