RDP problems
jrmeulemans
Member Posts: 74 ■■□□□□□□□□
in Off-Topic
I have a user with a machine that I cannot rdp to. It is an internal xp machine. Here is what I have tried/verified:
Can ping computer
TS registry settings are correct (I can remotely manage the machine fine)
Firewall settings are correct (exceptions, even had user re-apply netsh firewall commands)
checked out all his running services that are remote permissive or deny
No other firewalls or port blocking - our desktop management software lets me audit all his software (this means wmi is working)
can telnet 3389 successfully
can RDP from machine to other machines
System properties - allow remote connections is selected
The user can make outgoing rdp connections
no rdp or ts related event warnings/errors
We have no GPO's restricting RDP
Anyone have any other ideas? I'm stumped!
Edit: Another thing, there is no message box displayed when you try to connect with mstsc, it just trys to connect then stops.
Can ping computer
TS registry settings are correct (I can remotely manage the machine fine)
Firewall settings are correct (exceptions, even had user re-apply netsh firewall commands)
checked out all his running services that are remote permissive or deny
No other firewalls or port blocking - our desktop management software lets me audit all his software (this means wmi is working)
can telnet 3389 successfully
can RDP from machine to other machines
System properties - allow remote connections is selected
The user can make outgoing rdp connections
no rdp or ts related event warnings/errors
We have no GPO's restricting RDP
Anyone have any other ideas? I'm stumped!
Edit: Another thing, there is no message box displayed when you try to connect with mstsc, it just trys to connect then stops.
Comments
-
arwes Member Posts: 633 ■■■□□□□□□□I take it this is in a AD environment? Is everything set correctly on the user's Remote Control tab in ADUC?[size=-2]Started WGU - BS IT:NDM on 1/1/13, finished 12/31/14
Working on: Waiting on the mailman to bring me a diploma
What's left: Graduation![/size] -
jrmeulemans Member Posts: 74 ■■□□□□□□□□Don't think that is relevant to the machine. They are set though.
-
RobertKaucher Member Posts: 4,299 ■■■■■■■■■■Have you tried using mstsc on another machine to rdp to the problem PC? Have you checked that something else might be listening on 3389?
netstat -aon | find "3389"
Or that somehow the default port for RDP got changed on this machine? -
jrmeulemans Member Posts: 74 ■■□□□□□□□□yeah i tried on another machine. How do i netstat to a remote computer?
-
RobertKaucher Member Posts: 4,299 ■■■■■■■■■■jrmeulemans wrote: »yeah i tried on another machine. How do i netstat to a remote computer?
psexec [URL="file://\\nameofpc"]\\nameofpc[/URL] netstat -aon | find "3389"
here is what it looked like on my machine (pc68 ) to a remote computer (pc91):
C:\>psexec [URL="file://\\pc91"]\\pc91[/URL] netstat -aon | find "3389"
PsExec v1.95 - Execute processes remotely
Copyright (C) 2001-2009 Mark Russinovich
Sysinternals - www.sysinternals.com
TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING 1092
netstat exited on pc91 with error code 0. -
undomiel Member Posts: 2,818Another option is to see if you can telnet into port 3389 on the remote machine. That will let you know if you can get through to something listening on that port.Jumping on the IT blogging band wagon -- http://www.jefferyland.com/
-
jrmeulemans Member Posts: 74 ■■□□□□□□□□please refer my first posting, as I stated that I have already done that. I also got the end-user to netstat his machine and only svchost was listening on 3389
-
undomiel Member Posts: 2,818Sorry, somehow missed that you were able to telnet in. How about taking down the Windows Firewall on the machine, even though you do have the exceptions in it. See if that makes a difference in it. Even try completely killing the Windows Firewall service.Jumping on the IT blogging band wagon -- http://www.jefferyland.com/
-
rwwest7 Member Posts: 300Ditch RDP and pick up DameWare Mini-Remote control.
Dumb question, buy the client enabled RDP incoming connections correct? Also selected which users are allowed to connect? -
rwwest7 Member Posts: 300jrmeulemans wrote: »Edit: Another thing, there is no message box displayed when you try to connect with mstsc, it just trys to connect then stops.
-
RobertKaucher Member Posts: 4,299 ■■■■■■■■■■So here is my understanding:
* Terminal Services is running on the remote PC and is actively listening on the correct port as netstat confirmed.
* The port can be reached because you were able to connect via telnet, so really it is probably not a firewall.
* It's not an issue with groups/permissions because your connection is not being actively refused, you said there was no error message.
My only other question would be are all the RDP related services running on the machine? But I am stumped. No error messages in event viewer, the service is listening on the port, you can reach the port.... Are you seperated from this machine by a physical firewall? Is it on another subnet? I am grasping at straws... -
SWM Member Posts: 287Ok This may sound stupid, but on the computer giving problems, try rdping to itself. i.e run mstsc and then type in the IP of the computer you are using. If rdp is working, you will get the logon prompt, but dont login.
If you get the login prompt, you know that the registry and all associated settings are allowing 3389 connections. The fault then will lie with its firewall blocking externall 3389 connections.
If you do not get a login then you have rdp setup issues. Is the machine on a AD domain and hence does the machine have a user account with a password ? rdp will not work with out a password.
Hope this helpsIsn't Bill such a Great Guy!!!! -
RobertKaucher Member Posts: 4,299 ■■■■■■■■■■Ok This may sound stupid, but on the computer giving problems, try rdping to itself. i.e run mstsc and then type in the IP of the computer you are using. If rdp is working, you will get the logon prompt, but dont login.
If you get the login prompt, you know that the registry and all associated settings are allowing 3389 connections. The fault then will lie with its firewall blocking externall 3389 connections.
If you do not get a login then you have rdp setup issues. Is the machine on a AD domain and hence does the machine have a user account with a password ? rdp will not work with out a password.
Hope this helps
This cannot be done. You will not get a logon prompt you will be told that you cannot create another console session. The questioner is having issues with an XP system, not a server. We already know he can connect to the port because he can telnet to 3389 from another system. Windows firewall will not care if it is telnet or mstsc that is initiating the connection. If the port is blocked, it will be refused. Since the connection is not dropped, it CANNOT be that the port is closed by a firewall. -
blargoe Member Posts: 4,174 ■■■■■■■■■□The only time I have seen RDP behave like that was in a situation where I had a file server that kept running low on virtual memory. Shares still worked, though we couldn't copy large files to them, and RDP stopped working.
Dumb question: have you rebooted?IT guy since 12/00
Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
Working on: RHCE/Ansible
Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands... -
undomiel Member Posts: 2,818RobertKaucher wrote: »Windows firewall will not care if it is telnet or mstsc that is initiating the connection. If the port is blocked, it will be refused. Since the connection is not dropped, it CANNOT be that the port is closed by a firewall.
On the other hand I have seen cases of the windows firewall interfering with ports that were open, that's why I am advocating taking down the firewall service.Jumping on the IT blogging band wagon -- http://www.jefferyland.com/ -
RobertKaucher Member Posts: 4,299 ■■■■■■■■■■On the other hand I have seen cases of the windows firewall interfering with ports that were open, that's why I am advocating taking down the firewall service.
I agree. But if he can telnet to the port, it's interfering on the application layer only and I see that as improbable.
I have seen windows firewall on Vista systems have issues sharing and using RDP accross subnets. But I have not seen this on XP systems.
jrmeulemans, can you disable the windows firewall service and verify there is no other firewall running? Perhapps a user installed something.
One other thing. Has anyone ever been able to rdp to this system? -
jrmeulemans Member Posts: 74 ■■□□□□□□□□Hey guys thanks for all the responses:
Subnet exceptions - I checked these with him...not an issue...I also hopped to a server in the same site as him and tried from there
Yes he has rebooted
I am a domain admin so it isnt a permissions issue
I was able to generate an error message finally, when he was in safe mode with networking:
"The Remote Computer has Ended The Connection"
Upon googling:
I also registered some file: regsvr32 remotepg.dll
Looks like there is a way the RDP app may be corrupt? I hope I dont have to do a repair install...
anyways, thanks for the help -
maumercado Member Posts: 163check if the admin$ share is enabled... I had a problem similar to yours and was fixed enabling the admin$ share
c:\net share admin$
then
c:\net user remoteadmin /Add
and to make it autostart at boot
For NT4 Workstations, Win2K Professional, XP Professional, go to:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanManServer\Parameters
Name: AutoShareWks
Data Type: REG_DWORD
Value: 1
Note: A reboot is necessary for this to take effect. -
jrmeulemans Member Posts: 74 ■■□□□□□□□□ARGGG I should have looked at informational events:
RDPDD.dll failed to load
you would think this would be a critical or warning event
This opens a whole new issue altogether
upon google...
....disabling hardware acceleration didnt work....
updating nvidia drivers now... -
jrmeulemans Member Posts: 74 ■■□□□□□□□□Registry hack fixed it:
Brad Rutkowski's Blog : \SystemRoot\System32\RDPDD.dll failed to load
thanks everyone!! -
undomiel Member Posts: 2,818I love it when important stuff gets flagged as information events and not at least warnings! Good job on finding the fix, bookmarked it myself just in case I ever run into something similar.Jumping on the IT blogging band wagon -- http://www.jefferyland.com/