Announcement

Collapse
No announcement yet.

Can Not connect to Server with Remote Desktop

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Can Not connect to Server with Remote Desktop

    Following the instructions listed on this page, I've configured all of my Windows 2003 servers to accept Remote Desktop Connections. I use this to remotely take over the console when the need arrises. Very handy feature.

    Until yesterday - at some point of the long weekend it seems one of my domain controllers now refuses to accept Remote Desktop Connections. I get the following error when trying to connect:

    Code:
    The client could not connect to the remote computer.
    
    Remote connections might not be enabled or the computer might
    be too busy to accept new connections.  It is possible that
    network problems are preventing your connections.
    
    Please try connectin again later.  If the problem continues to
    occur, contact your administrator.
    As far as I can tell, none of the possible problems listed in the message are the case. I can contact the machine via browsing, it is doing DNS resolution for this office and doing most of the authentications for the office too. It's alive, running and very accessible.

    I tried to restart the Terminal Services service on the machine both physically at the console and via the "net stop/net start" commands from a remote machine. Neither worked. In fact, on the console the start/stop/restart buttons of the Services console are greyed out.

    Outside of that, I've ran the following commands both against the non-responsive and a responsive server.

    Code:
    qwinsta /server:[hostname of DC]
    On the non-responsive host I get this output:

    Code:
    No session exists for *
    And I get the same identical results from the reposive machine.

    Anyone have a clue as to why this server might be refusing connections? Right now this isn't a terrible problem, I can simply walk down the hall to the server room. But I know I'm going to be offsite one day and need this to work.

    The server in question does not have the Windows firewall enabled, nor does our anti-virus software block this type of traffic - if it did, I couldn't get to the other servers on my network, because they all use the same deployment template.

    I'd really hate to have to reboot the server to make this service become responsive again. If I have to, I may simply have to quit using this method for remote control and switch to VNC or something like it.
    --

    ScatterBrain

    "I reject your reality and substitute my own!"
    -- The Mythbusters

  • #2
    Re: Can Not connect to Server with Remote Desktop

    As far as I see, there are two possible failure points: the Terminal Services service or a network problem.
    You say there's no firewall enabled on the server. Have you checked? What about a GPO that applies on the server by mistake?
    You say you can connect to other servers from your machine. Thus taking your machine out of the suspects' circle.
    How do you connect to the server? By it's Netbios name? DNS name? IP? Maybe it's a name resolution problem?
    Can you scan the server for open ports? It will be an important thing to know if the port 3389 is open (you didn't change the TS port, do you?)
    It will be nice if you could answer to these questions.
    BTW, this:
    I may simply have to quit using this method for remote control and switch to VNC or something like it
    ? Forget it. Especially not on a DC.
    Let's solve the RDP problem first and then will get back to VNC.

    Sorin Solomon


    In order to succeed, your desire for success should be greater than your fear of failure.
    -

    Comment


    • #3
      Re: Can Not connect to Server with Remote Desktop

      Sorin: You are "The Man" -- a Tiger Woods golfing thing.

      I looked at this post and just couldn't find much to offer but you have invigorated me.

      ScatterBrain:

      Are you able to Manage the Computer (server) remotely?

      Are you able to run "Terminal Services Manager" remotely (Admin Tools Pack for W2K3) and see the target server?

      I'm wondering if RPC or something else got nuked recently.
      Cheers,

      Rick

      ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

      2006-2099 R Valstar. This post is offered "as is" for discussion purposes only with no express or implied warranty of any kind including, but not limited to, correctness or fitness for use. Nothing herein shall be construed as advice. Attempting any activity based on information in this post is done at your own risk.

      Comment


      • #4
        Re: Can Not connect to Server with Remote Desktop


        Originally posted by rvalstar View Post
        you have invigorated me.
        Again you're blaming me? What did I do this time ?!?


        Sorin Solomon


        In order to succeed, your desire for success should be greater than your fear of failure.
        -

        Comment


        • #5
          Re: Can Not connect to Server with Remote Desktop

          rvalstar:

          Thanks for the reply...see below.

          Originally posted by rvalstar View Post
          ScatterBrain:

          Are you able to Manage the Computer (server) remotely?

          Are you able to run "Terminal Services Manager" remotely (Admin Tools Pack for W2K3) and see the target server?

          I'm wondering if RPC or something else got nuked recently.
          If you mean using Computer Management to attach and manage the server remotely, then yes I can do this.

          The "Terminal Services Manager" works both locally at the server and remotely from my laptop - as long as I'm running it as an Administrator, which I think is normal. Only thing showing there is the console. No other sessions or users connected to the machine.
          --

          ScatterBrain

          "I reject your reality and substitute my own!"
          -- The Mythbusters

          Comment


          • #6
            Re: Can Not connect to Server with Remote Desktop

            Sorinso:

            Thanks for the reply. Here's what I have for you:

            Originally posted by sorinso View Post
            As far as I see, there are two possible failure points: the Terminal Services service or a network problem.
            You say there's no firewall enabled on the server. Have you checked? What about a GPO that applies on the server by mistake?
            Yes I've checked. No there is not a GPO that applies to this DC that doesn't apply to all the DCs and other servers.

            Originally posted by sorinso View Post
            You say you can connect to other servers from your machine. Thus taking your machine out of the suspects' circle.
            How do you connect to the server? By it's Netbios name? DNS name? IP? Maybe it's a name resolution problem?
            I've tried both by it's DNS name and by IP. Neither work.

            Originally posted by sorinso View Post
            Can you scan the server for open ports? It will be an important thing to know if the port 3389 is open (you didn't change the TS port, do you?)
            No I didn't change the TS port. No I haven't scanned for it yet, but I can. I'll report back once I've scanned the server.
            --

            ScatterBrain

            "I reject your reality and substitute my own!"
            -- The Mythbusters

            Comment


            • #7
              Re: Can Not connect to Server with Remote Desktop

              When is the next time you can reboot that server to see if the problem goes away?

              And I take it no red items in the Event Log?
              Cheers,

              Rick

              ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

              2006-2099 R Valstar. This post is offered "as is" for discussion purposes only with no express or implied warranty of any kind including, but not limited to, correctness or fitness for use. Nothing herein shall be construed as advice. Attempting any activity based on information in this post is done at your own risk.

              Comment


              • #8
                Re: Can Not connect to Server with Remote Desktop

                As promised, here's my portscan. I used nmap from a Linux machine.

                Code:
                nmap -sS -O crimson.nei.local
                
                Starting Nmap 4.10 ( http://www.insecure.org/nmap/ ) at 2007-01-17 13:55 EST
                Interesting ports on crimson.nei.local (10.200.8.201):
                Not shown: 1659 closed ports
                PORT     STATE SERVICE
                42/tcp   open  nameserver
                53/tcp   open  domain
                88/tcp   open  kerberos-sec
                111/tcp  open  rpcbind
                135/tcp  open  msrpc
                139/tcp  open  netbios-ssn
                389/tcp  open  ldap
                445/tcp  open  microsoft-ds
                464/tcp  open  kpasswd5
                593/tcp  open  http-rpc-epmap
                636/tcp  open  ldapssl
                696/tcp  open  unknown
                698/tcp  open  unknown
                1026/tcp open  LSA-or-nterm
                1027/tcp open  IIS
                1058/tcp open  nim
                2049/tcp open  nfs
                3268/tcp open  globalcatLDAP
                3269/tcp open  globalcatLDAPssl
                8081/tcp open  blackice-icecap
                MAC Address: 00:06:5B:FD:65:4F (Dell Computer)
                Device type: general purpose
                Running: Microsoft Windows NT/2K/XP|2003/.NET
                OS details: Microsoft Windows 2003 Server, 2003 Server SP1 or XP Pro SP2
                
                Nmap finished: 1 IP address (1 host up) scanned in 2.616 seconds
                According to that, port 3389 isn't open, but I don't know why. I'm sure that's the problem the though.
                --

                ScatterBrain

                "I reject your reality and substitute my own!"
                -- The Mythbusters

                Comment


                • #9
                  Re: Can Not connect to Server with Remote Desktop

                  And I realize you would rather not reboot the server but installing an alternate package like VNC isn't a better answer. The weekend is coming soon enough. You must have patching / maintenance windows. I suggest you reboot and see if the problem goes away (yes, I am a programmer so that flat tire -- we would rotate the wheels and see if the problem goes away too).
                  Cheers,

                  Rick

                  ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

                  2006-2099 R Valstar. This post is offered "as is" for discussion purposes only with no express or implied warranty of any kind including, but not limited to, correctness or fitness for use. Nothing herein shall be construed as advice. Attempting any activity based on information in this post is done at your own risk.

                  Comment


                  • #10
                    Re: Can Not connect to Server with Remote Desktop

                    You should go with rvalstar's advice.
                    The fact that the RDP port is not open means that something's wrong with the service.
                    There were a lot of updates in the last days, did you installed them?
                    And I would check the Event Viewer, something must be written there...
                    Please check and let us know.

                    Sorin Solomon


                    In order to succeed, your desire for success should be greater than your fear of failure.
                    -

                    Comment


                    • #11
                      Re: Can Not connect to Server with Remote Desktop

                      Just something else to check.

                      There is a registry key which tells the server to accept or deny connections (basically the same as putting a check in the checkbox)

                      Connect to the registry and look for the following key

                      HKLM\System\CurrentControlSet\Control\Terminal Server\fDenyTSConnections

                      Set this key to 0, 1 means deny.

                      This was not my find and i take no credit for it but i used it when i had issues with my server. If i can find the website i got it from i'll post it.

                      Comment


                      • #12
                        Re: Can Not connect to Server with Remote Desktop

                        I found this from JSI on the same topic:

                        http://www.jsifaq.com/SF/Tips/Tip.aspx?id=8429

                        It's for XP but I looked at my W2K3 stand-alone box it pretty much holds true.

                        In addition to fDenyTSConnections, wherever you have a GloballyOpenPorts key (close to the path in that JSI post), you need to have a "3389:TCP" Name with a "3389:TCP:*.Enabled..." Value.
                        Cheers,

                        Rick

                        ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

                        2006-2099 R Valstar. This post is offered "as is" for discussion purposes only with no express or implied warranty of any kind including, but not limited to, correctness or fitness for use. Nothing herein shall be construed as advice. Attempting any activity based on information in this post is done at your own risk.

                        Comment

                        Working...
                        X