pzozulka
asked on
Cannot Remote Desktop to Server
We have a Windows Server 2003 Standard. It is a File Server that has been around for a long time. It is a member server of our domain and everything has been working fine until a recent restart. All of a sudden I can no longer connect to it. I am connecting with a NetworkAdmin acct. I can connect to other servers with my NetworkAdmin acct just fine. Also, its not just my machine that cant connect. I tried from other machines, and other servers. None of the machine can Remote Desktop (mstsc) either.
Make sure the firewall is turned off on the server
ASKER
No recent patches applied since early September, and no TermDD errors in the event logs. Below is the general error message received after attempting to RDP.
RDP-failure.bmp
RDP-failure.bmp
1.Can you ping the PC?
Is Remote Desktop enabled on the PC?
Is a Remote Desktop exception enabled in the windows firewall on the PC?
How many NIC cards are in the server ?
Did you check for all the ip address configuration on the server ?
Did you try to mstsc /console with ip address ?
General troubleshooting help for standalone XP Remote Desktop connections...
http://theillustratednetwork.mvps.org/RemoteDesktop/RemoteDesktopSetupandTroubleshooting.html#Troubleshooting
2..Logon to the server locally
Click Start, Run, type "tscc.msc /s" (without quotation marks) and click OK
In the Terminal Services Configuration snap-in double-click Connections, then RDP-Tcp in the right pane
Click the Network Adapter tab, select the correct network adapter and click OK
Make sure that you can establish an RDP connection to the server
The change takes effect immediately. No need for a restart.
Is Remote Desktop enabled on the PC?
Is a Remote Desktop exception enabled in the windows firewall on the PC?
How many NIC cards are in the server ?
Did you check for all the ip address configuration on the server ?
Did you try to mstsc /console with ip address ?
General troubleshooting help for standalone XP Remote Desktop connections...
http://theillustratednetwork.mvps.org/RemoteDesktop/RemoteDesktopSetupandTroubleshooting.html#Troubleshooting
2..Logon to the server locally
Click Start, Run, type "tscc.msc /s" (without quotation marks) and click OK
In the Terminal Services Configuration snap-in double-click Connections, then RDP-Tcp in the right pane
Click the Network Adapter tab, select the correct network adapter and click OK
Make sure that you can establish an RDP connection to the server
The change takes effect immediately. No need for a restart.
ASKER
The Windows Firewall Service is turned OFF on all our servers. There is no problem connecting to other servers with their firewalls turned off.
1. Yes, I can ping the server.
2. Remote Desktop is enabled.
3. Windows Firewall is turned off.
4. Dual NIC. One of the adapters is DISABLED.
5. Server ipconfig returns only one static (correct) IP address.
6. Tried mstsc /console with ip address, same results.
HOWEVER, I find this strange. It does not seem to be listening on port 3389. See below.
1. Yes, I can ping the server.
2. Remote Desktop is enabled.
3. Windows Firewall is turned off.
4. Dual NIC. One of the adapters is DISABLED.
5. Server ipconfig returns only one static (correct) IP address.
6. Tried mstsc /console with ip address, same results.
HOWEVER, I find this strange. It does not seem to be listening on port 3389. See below.
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\Zeuss>netstat -a
Active Connections
Proto Local Address Foreign Address State
TCP shaker:ftp shaker.bcr.local:0 LISTENING
TCP shaker:http shaker.bcr.local:0 LISTENING
TCP shaker:epmap shaker.bcr.local:0 LISTENING
TCP shaker:microsoft-ds shaker.bcr.local:0 LISTENING
TCP shaker:1025 shaker.bcr.local:0 LISTENING
TCP shaker:1026 shaker.bcr.local:0 LISTENING
TCP shaker:1027 shaker.bcr.local:0 LISTENING
TCP shaker:1279 shaker.bcr.local:0 LISTENING
TCP shaker:3527 shaker.bcr.local:0 LISTENING
TCP shaker:3999 shaker.bcr.local:0 LISTENING
TCP shaker:5010 shaker.bcr.local:0 LISTENING
TCP shaker:5011 shaker.bcr.local:0 LISTENING
TCP shaker:5091 shaker.bcr.local:0 LISTENING
TCP shaker:5633 shaker.bcr.local:0 LISTENING
TCP shaker:6101 shaker.bcr.local:0 LISTENING
TCP shaker:6106 shaker.bcr.local:0 LISTENING
TCP shaker:10000 shaker.bcr.local:0 LISTENING
TCP shaker:31038 shaker.bcr.local:0 LISTENING
TCP shaker:http ws100367.bcr.local:2250 ESTABLISHED
TCP shaker:netbios-ssn shaker.bcr.local:0 LISTENING
TCP shaker:netbios-ssn ws300003.bcr.local:1515 ESTABLISHED
TCP shaker:netbios-ssn ws100069.bcr.local:1551 ESTABLISHED
TCP shaker:netbios-ssn ws100350.bcr.local:1516 ESTABLISHED
TCP shaker:netbios-ssn ws100367.bcr.local:2211 TIME_WAIT
TCP shaker:netbios-ssn ws100367.bcr.local:2216 TIME_WAIT
TCP shaker:netbios-ssn ws100367.bcr.local:2219 TIME_WAIT
TCP shaker:netbios-ssn ws100367.bcr.local:2272 TIME_WAIT
TCP shaker:netbios-ssn ws100102.bcr.local:1330 ESTABLISHED
TCP shaker:microsoft-ds ws100356.bcr.local:1498 ESTABLISHED
TCP shaker:microsoft-ds ws100367.bcr.local:1179 ESTABLISHED
TCP shaker:microsoft-ds ws100121.bcr.local:1100 ESTABLISHED
TCP shaker:1052 shaker.bcr.local:1279 ESTABLISHED
TCP shaker:1060 shaker.bcr.local:1279 ESTABLISHED
TCP shaker:1086 shaker.bcr.local:1279 ESTABLISHED
TCP shaker:1096 shaker.bcr.local:1279 ESTABLISHED
TCP shaker:1097 shaker.bcr.local:1279 ESTABLISHED
TCP shaker:1102 shaker.bcr.local:1279 ESTABLISHED
TCP shaker:1103 shaker.bcr.local:1279 ESTABLISHED
TCP shaker:1279 shaker.bcr.local:1052 ESTABLISHED
TCP shaker:1279 shaker.bcr.local:1060 ESTABLISHED
TCP shaker:1279 shaker.bcr.local:1086 ESTABLISHED
TCP shaker:1279 shaker.bcr.local:1096 ESTABLISHED
TCP shaker:1279 shaker.bcr.local:1097 ESTABLISHED
TCP shaker:1279 shaker.bcr.local:1102 ESTABLISHED
TCP shaker:1279 shaker.bcr.local:1103 ESTABLISHED
TCP shaker:1279 shaker.bcr.local:3506 ESTABLISHED
TCP shaker:1999 martini.bcr.local:ldap CLOSE_WAIT
TCP shaker:2301 shaker.bcr.local:0 LISTENING
TCP shaker:2381 shaker.bcr.local:0 LISTENING
TCP shaker:3479 milla.bcr.local:1026 ESTABLISHED
TCP shaker:3506 shaker.bcr.local:1279 ESTABLISHED
TCP shaker:5010 ws100356.bcr.local:1497 TIME_WAIT
TCP shaker:5010 ws100085.bcr.local:1664 TIME_WAIT
TCP shaker:5010 ws100085.bcr.local:1665 TIME_WAIT
TCP shaker:5010 ws100069.bcr.local:1635 TIME_WAIT
TCP shaker:1087 shaker.bcr.local:1088 ESTABLISHED
TCP shaker:1088 shaker.bcr.local:1087 ESTABLISHED
TCP shaker:1094 shaker.bcr.local:1095 ESTABLISHED
TCP shaker:1095 shaker.bcr.local:1094 ESTABLISHED
TCP shaker:2301 shaker.bcr.local:0 LISTENING
TCP shaker:2381 shaker.bcr.local:0 LISTENING
UDP shaker:snmp *:*
UDP shaker:microsoft-ds *:*
UDP shaker:isakmp *:*
UDP shaker:ms-sql-m *:*
UDP shaker:3456 *:*
UDP shaker:ipsec-msft *:*
UDP shaker:ntp *:*
UDP shaker:netbios-ns *:*
UDP shaker:netbios-dgm *:*
UDP shaker:ntp *:*
UDP shaker:1090 *:*
UDP shaker:1104 *:*
UDP shaker:1129 *:*
UDP shaker:1413 *:*
UDP shaker:1998 *:*
UDP shaker:2138 *:*
UDP shaker:3456 *:*
UDP shaker:4970 *:*
C:\Documents and Settings\Zeuss>
yeah, it should have that port as listening.
What do you have in your system and application event logs?
What do you have in your system and application event logs?
see if the windows firewall on the server blocks 3389 ? and make sure you allow this port on windows firewall.
ASKER
There is no info in the event logs, and as I mentioned earlier the Windows Firewall Service is STOPPED and DISABLED on the target server to which I need to RDP to.
How do I enable the target server to start listening on port 3389.
How do I enable the target server to start listening on port 3389.
1. If you can connect by replacing "tserv" with the Terminal Server's IP address but not the host name, you may have a DNS or WINS resolution problem.
2. If you can connect when "tserv" is the host name, but cannot connect when "tserv" is the computer name, then you may have a NetBIOS name resolution issue with WINS or an LMHOSTS file.
3. If you cannot connect when "tserv" is the IP address, the host name, or the computer name, then it is likely that port 3389 is blocked somewhere in your WAN
4.also make sure that you have selected "accept incoming connections" on the computer you are trying to connect to. my computer->properties->remo te tab
5.c:\>netstat -a
You'll see something like for port 3389:
Active Connections
Proto Local Address Foreign Address State
TCP gemarti:3389 gemarti.gemarti.com:0 LISTENING
Does netstat indicate that it is listening?
If it is listening try pinging the machine using the computer name? Is your ping returned?
If it isn't returned try remotely connecting to the machine with it's IP address? Can you connect now?
Does this machine dual boot?
6. Ref this link http:Q_21578598.html for a listner.
7.Also check the policies on the server.
Start |Run... |gpedit.msc
Computer configuraation |Administrative Templates| Windows Component| Terminal Services
8.Here is the info on how to change the listening port:
http://support.microsoft.com/default.aspx?scid=187623
This may or may not be your problem though, especially if you think you have a virus... Anything in the Event Logs? Have you scanned your machine for viruses?
Here are some links to online virus scanners:
http://housecall.trendmicro.com/
http://security.symantec.com/
http://www.pandasoftware.com/activescan/com/activescan_principal.htm
8.Go for windows updates and install all patches on the server and go for a restart..
2. If you can connect when "tserv" is the host name, but cannot connect when "tserv" is the computer name, then you may have a NetBIOS name resolution issue with WINS or an LMHOSTS file.
3. If you cannot connect when "tserv" is the IP address, the host name, or the computer name, then it is likely that port 3389 is blocked somewhere in your WAN
4.also make sure that you have selected "accept incoming connections" on the computer you are trying to connect to. my computer->properties->remo
5.c:\>netstat -a
You'll see something like for port 3389:
Active Connections
Proto Local Address Foreign Address State
TCP gemarti:3389 gemarti.gemarti.com:0 LISTENING
Does netstat indicate that it is listening?
If it is listening try pinging the machine using the computer name? Is your ping returned?
If it isn't returned try remotely connecting to the machine with it's IP address? Can you connect now?
Does this machine dual boot?
6. Ref this link http:Q_21578598.html for a listner.
7.Also check the policies on the server.
Start |Run... |gpedit.msc
Computer configuraation |Administrative Templates| Windows Component| Terminal Services
8.Here is the info on how to change the listening port:
http://support.microsoft.com/default.aspx?scid=187623
This may or may not be your problem though, especially if you think you have a virus... Anything in the Event Logs? Have you scanned your machine for viruses?
Here are some links to online virus scanners:
http://housecall.trendmicro.com/
http://security.symantec.com/
http://www.pandasoftware.com/activescan/com/activescan_principal.htm
8.Go for windows updates and install all patches on the server and go for a restart..
ASKER
It is not listening on PORT 3389. How do I make it listen?
1. It won't work if it is not listening. Just to double check try simply
netstat -an
This will list all open or listening ports. Manually go through the list. Should see under local address 0.0.0.0:3389 unless you have used the registry hack to manually change the port remote desktop uses. If it is there but not shown as "listening" perhaps it thinks it is in use. If it is not there ,
2. Run this script
You can probably easily add this by a command/script:
reg add hklm\system\currentcontrol set\servic es\shareda ccess\para meters\fir ewallpolic y\standard profile\gl oballyopen ports\list /v "3389:TCP" /d "3389:TCP:*:Enabled:@xpsp2 res.dll,-2 2009"
netstat -an
This will list all open or listening ports. Manually go through the list. Should see under local address 0.0.0.0:3389 unless you have used the registry hack to manually change the port remote desktop uses. If it is there but not shown as "listening" perhaps it thinks it is in use. If it is not there ,
2. Run this script
You can probably easily add this by a command/script:
reg add hklm\system\currentcontrol
ASKER
I tried netstat -an, and 0.0.0.0:3389 is not on the list. Did NOT use any registry hacks to modify RDP port.
I tried taht script and nothing happened. I think its because the WINDOWS FIREWALL SERVICE is DISABLED on the target server.
I tried taht script and nothing happened. I think its because the WINDOWS FIREWALL SERVICE is DISABLED on the target server.
yeah..try to start the firewall and try the script and then RDP
ASKER
No luck, I think if I somehow make the server listen on port 3389 that should fix it.
The only question is how do I force it to listen on that port?
The only question is how do I force it to listen on that port?
Hi pzozulka,
When trying to connect do you see a black screen by chance?
When trying to connect do you see a black screen by chance?
ASKER
No I do not, in fact I get a response immediately. The error message is posted above.
ASKER
There is no black screen, the error comes up right away. Its happening only to this one server. I can RDP to all other servers/workstations.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
My Computer > Remote = Enabled
netstat -an |find "3389" <--------- Does not find anything.
Start > Run > services.msc > Terminal Services is set to Manual and is "Started". However, I cannot STOP/RESET it. The options to stop or reset Terminal Services is greyed out. I tried Disabling it, and re Inabling it, but it always says STARTED.
netstat -an |find "3389" <--------- Does not find anything.
Start > Run > services.msc > Terminal Services is set to Manual and is "Started". However, I cannot STOP/RESET it. The options to stop or reset Terminal Services is greyed out. I tried Disabling it, and re Inabling it, but it always says STARTED.
Can you scan the machine for spyware.....
download and run www.superantispyware.com
download and run www.superantispyware.com
Scan for viruses also
I had the same issue and performed a change in the servers registry and fixed it, I will try and find it for you.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Yeah it was set to 0.
ASKER
I was really dreading this. It takes 20 min to restart this server. Had to perform an off-hours restart. Fixed the problem. Wish I could have found a solution. Thanks to all that helped.
I would change it to 1, then save save it and exit. Then open it and change it back to 0, just for a test.
Also check the event logs for TermDD errors, see this:
http://support.microsoft.com/default.aspx/kb/323497