?
Solved

how to RDP into SBS...?

Posted on 2006-05-28
14
Medium Priority
?
791 Views
Last Modified: 2008-03-10
if i try to remote desktop into the SBS, it doesn't work.  it says that the server may have too many connections.  This is if i try it via the internal LAN or from the internet.

Port 3389 is port forwarded to the SBS.

And here's another question.  If i changed the port for RDP, would it mess up sharepoint, vpn, owa, or anything else??

---todd
0
Comment
Question by:fl4ian
  • 9
  • 5
14 Comments
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 16781556
You may have closed out Terminal Sessions that are not logged off, thus they remain open and take up your two available sessions.  Are you logging on with the same username and password as you have in the past?

Try connecting again, but use a /console after the IP or FQDN of your server in the RDP Client's connection settings.

If you log on locally to the server, you can open Administrative Tools > Terminal Services Manager and see if there are any sessions open.  If there are, right click them to either log off or reset.

Why would you want to change the port for RDP?

Jeff
TechSoEasy
0
 

Author Comment

by:fl4ian
ID: 16781874
thanks for the tip on where to find stuck sessions, but there are no sessions open in the terminal services manager.

here's the full error msg:

-----------------------
The client could not establish a connection to the remote computer.  

The most likely causes for this error are:
1) Remote connections might not be enabled at the remote computer.
2) The maximum number of connections was exceed at the remote computer.
3) A network error occurred while establishing the connection.
-----------------------

It doesn't matter if i use the netbios name or ip address, or if i have the port specified or start via command line, etc...

.......

The only reason i was asking about changing the port for RDP, is because i thought that maybe after configuring all the sharepoint stuff, remote web workplace, etc., you could no longer use RDP to get into the server.  However, i tried using RWW to get into the server, and it didn't work either.

Any suggestions?


0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 16784315
Please make sure that the following ports are open on your router and  pointed to the SBS's IP:
25 - SMTP
443 - HTTPS (for RWW and OWA)
444 - SharePoint
1723 - PPTP VPN
3389 - RDP for remote administration
4125 - Remote Web Workplace

Your assumption about RDP's port is incorrect you can still use it.  But all of that is configured automatically when you run the CEICW (Configure Email and Internet Connection Wizard).  RWW wouldn't work unless you had port 4125 open, but it should work from a workstation on your LAN or even directly on the server by entering http://servername/remote

If opening those ports doesn't work for you, please post an IPCONFIG /ALL from your SBS to analyze further.

Jeff
TechSoEasy
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 

Author Comment

by:fl4ian
ID: 16784578
for clarification purposes, when i said above "However, i tried using RWW to get into the server, and it didn't work either," i meant that the RDP started from RWW didn't work either, not that the RWW itself wasn't working...  When i try RDP through RWW (Remote Server Management link), it gives the same error msg as what i listed above.  I think you got that already, but i didn't want to lead you down another path.

In any case, I've double-checked the port-forwarding from the router to the SBS internal ip, and they're all correct.  They're all forwarding on TCP ports, should i add UDP for all the ports also?

I'll be posting the ipconfig /all from the SBS shortly.
0
 

Author Comment

by:fl4ian
ID: 16784592
o.k.  i just tried to login at the console, and it says: "the local policy of this system does not permit you to logon interactively."

this is a problem.
0
 

Author Comment

by:fl4ian
ID: 16784647
it says the same thing on all logins. (only three setup)...  

i did a hard power-off (it won't let me get to a shutdown prompt), and rebooted.  the situation remains the same...

So...  Do I need to reinstall the Server OS?  Which honestly, i was planning on doing in the next day or so anyway...  but what could i have done that caused this?  I certainly don't want to have the perfect install, and then biff it up like this.
0
 

Author Comment

by:fl4ian
ID: 16784730
after some research, i think i found out what i did to cause this:  i added all the users (all three, Administrator and two others) to the Remote Operators group.  I don't remember why i did this, actually.  But anyway, i bet this was the cause.

HOWEVER, i understand that i can't logon at the console with these accounts, but why can't i RDP with them?

I would think that i should be able to RDP into them, change the REmote Operators group membership, and then be able to logon locally again.

??
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 16785160
That would be the case if you were a member of either the Remote Operators or Domain Power Users groups.  You should be creating all of your users with the Add User Wizard which will apply a preconfigured user template to the account assigning the appropriate groups.  It's quite possible that your manual changes have now prohibited you from logging on either locally or remotely.

If that is the case, you can modify the group membership quite easily by installing the Windows Server 2003 Administrative Tools on any Windows XP Workstation that is a member of your domain.  Then you can access Active Directory settings.

Jeff
TechSoEasy
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 16785183
And regarding the RWW login comments... I did understand what you were saying... but wanted to make sure that you had the appropriate ports open.  You need 443 to get to RWW's main menu, and then 4125 to connect to a remote desktop.  The RDP in RWW does not use 3389 directly.  But any modification of 3389 as the default RDP port on ANY machine will break RWW as well as the Server Management Console's "Connect to Computer" link.

Jeff
TechSoEasy
0
 

Author Comment

by:fl4ian
ID: 16786052
any if i don't have any windows xp workstations currently joined??

aren't i supposed to add them to the server first, then do the connectcomputer wizard from the computer??

....

also, why would 3389 break if 443 and 4125 are the ones RWW uses??  that's odd.

0
 

Author Comment

by:fl4ian
ID: 16786187
o.k......  this is strange.

remember the hard power-off i did?  i just checked the rdp, and it now works.  (but not console).

i guess maybe the thing had an error and needed to be rebooted.  strange.

any other ideas on why it happened?
0
 

Author Comment

by:fl4ian
ID: 16786207
are the two most powerful group memberships, the Administrators group and the Doman Admins group?  In other words, if you have those two, then you can do anything, correct?
0
 

Author Comment

by:fl4ian
ID: 16793131
any ideas on why it happened?
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 2000 total points
ID: 16797186
Sorry, I took a couple days off... :-)

>>> "why would 3389 break if 443 and 4125 are the ones RWW uses??"

Because 443 and 4125 are used between the remote machine and the server and 3389 is used from the server to the LAN workstation.  You don't need to configure these ports within your LAN, but they ARE used.

>>> "are the two most powerful group memberships, the Administrators group and the Doman Admins group?  In other words, if you have those two, then you can do anything, correct?"

Not necessarily...  Some functions require you to be a member of Enterprise Admins or Schema Admins.  Also, there are some default "DENY" settings for Domain Admins such as Mailbox Access in Exchange.  Also, if you are a member of the Administrators group and Domain Admins group, but are ALSO a member of ANY group that has a DENY setting the DENY setting will prevail.  The most common problem people have is if they put themselves in the Remote Operators or Power Users group which has a bunch of DENY settings including local logon.

As for what happened?  I think you had quit your RDP sessions and they didn't end in Terminal Services Manager.  So, you therefore couldn't establish another one.  The fact that you were being denied logon at the console made it so that you couldn't log on directly to fix the problem.  Rebooting reset the remote sessions.

Jeff
TechSoEasy
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've often see, or have been asked, the question about the difference between the Exchange 2010 SP1 version, available as part of Small Business Server (SBS) 2011, and the “normal” Exchange 2010 SP1 Standard. The answer to the question is relativ…
I work for a company that primarily works with small businesses as their outsourced IT vendor. As such the majority of these customers utilize some version of Small Business Server. Due to the economics of running a small business, many of these cus…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …
Suggested Courses

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question