Cannot Remote Desktop to Server

We have a Windows Server 2003 Standard. It is a File Server that has been around for a long time. It is a member server of our domain and everything has been working fine until a recent restart. All of a sudden I can no longer connect to it. I am connecting with a NetworkAdmin acct. I can connect to other servers with my NetworkAdmin acct just fine. Also, its not just my machine that cant connect. I tried from other machines, and other servers. None of the machine can Remote Desktop (mstsc) either.
Who is Participating?
sk_raja_rajaConnect With a Mentor Commented:
If you right-click the My Computer icon and select properties - remote, does it still show remote desktop still enabled or It specifically says the port is blocked ????

To enable the port 3389 try this,
on the command line enter
  netstat  -an  |find  "3389"
You should get the following result:
TCP    listening
If not go to Start  | Run | services.msc and see if Terminal Services is started and set to automatic
PberSolutions ArchitectCommented:
Has it recently been patched?  I've seen this lots in the last little while.  Reboot again and it works.
Also check the event logs for TermDD errors, see this: 
Make sure the firewall is turned off on the server
Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

pzozulkaAuthor Commented:
No recent patches applied since early September, and no TermDD errors in the event logs. Below is the general error message received after attempting to RDP.
1.Can you ping the PC?
Is Remote Desktop enabled on the PC?
Is a Remote Desktop exception enabled in the windows firewall on the PC?
How many NIC cards are in the server ?
Did you check for all the ip address configuration on the server ?
Did you try to mstsc /console with ip address ?

General troubleshooting help for standalone XP Remote Desktop connections...

2..Logon to the server locally
Click Start, Run, type "tscc.msc /s" (without quotation marks) and click OK
In the Terminal Services Configuration snap-in double-click Connections, then RDP-Tcp in the right pane
Click the Network Adapter tab, select the correct network adapter and click OK
Make sure that you can establish an RDP connection to the server
The change takes effect immediately. No need for a restart.
pzozulkaAuthor Commented:
The Windows Firewall Service is turned OFF on all our servers. There is no problem connecting to other servers with their firewalls turned off.

1. Yes, I can ping the server.
2. Remote Desktop is enabled.
3. Windows Firewall is turned off.
4. Dual NIC. One of the adapters is DISABLED.
5. Server ipconfig returns only one static (correct) IP address.
6. Tried mstsc /console with ip address, same results.

HOWEVER, I find this strange. It does not seem to be listening on port 3389. See below.
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\Documents and Settings\Zeuss>netstat -a
Active Connections
  Proto  Local Address          Foreign Address        State
  TCP    shaker:ftp             shaker.bcr.local:0     LISTENING
  TCP    shaker:http            shaker.bcr.local:0     LISTENING
  TCP    shaker:epmap           shaker.bcr.local:0     LISTENING
  TCP    shaker:microsoft-ds    shaker.bcr.local:0     LISTENING
  TCP    shaker:1025            shaker.bcr.local:0     LISTENING
  TCP    shaker:1026            shaker.bcr.local:0     LISTENING
  TCP    shaker:1027            shaker.bcr.local:0     LISTENING
  TCP    shaker:1279            shaker.bcr.local:0     LISTENING
  TCP    shaker:3527            shaker.bcr.local:0     LISTENING
  TCP    shaker:3999            shaker.bcr.local:0     LISTENING
  TCP    shaker:5010            shaker.bcr.local:0     LISTENING
  TCP    shaker:5011            shaker.bcr.local:0     LISTENING
  TCP    shaker:5091            shaker.bcr.local:0     LISTENING
  TCP    shaker:5633            shaker.bcr.local:0     LISTENING
  TCP    shaker:6101            shaker.bcr.local:0     LISTENING
  TCP    shaker:6106            shaker.bcr.local:0     LISTENING
  TCP    shaker:10000           shaker.bcr.local:0     LISTENING
  TCP    shaker:31038           shaker.bcr.local:0     LISTENING
  TCP    shaker:http            ws100367.bcr.local:2250  ESTABLISHED
  TCP    shaker:netbios-ssn     shaker.bcr.local:0     LISTENING
  TCP    shaker:netbios-ssn     ws300003.bcr.local:1515  ESTABLISHED
  TCP    shaker:netbios-ssn     ws100069.bcr.local:1551  ESTABLISHED
  TCP    shaker:netbios-ssn     ws100350.bcr.local:1516  ESTABLISHED
  TCP    shaker:netbios-ssn     ws100367.bcr.local:2211  TIME_WAIT
  TCP    shaker:netbios-ssn     ws100367.bcr.local:2216  TIME_WAIT
  TCP    shaker:netbios-ssn     ws100367.bcr.local:2219  TIME_WAIT
  TCP    shaker:netbios-ssn     ws100367.bcr.local:2272  TIME_WAIT
  TCP    shaker:netbios-ssn     ws100102.bcr.local:1330  ESTABLISHED
  TCP    shaker:microsoft-ds    ws100356.bcr.local:1498  ESTABLISHED
  TCP    shaker:microsoft-ds    ws100367.bcr.local:1179  ESTABLISHED
  TCP    shaker:microsoft-ds    ws100121.bcr.local:1100  ESTABLISHED
  TCP    shaker:1052            shaker.bcr.local:1279  ESTABLISHED
  TCP    shaker:1060            shaker.bcr.local:1279  ESTABLISHED
  TCP    shaker:1086            shaker.bcr.local:1279  ESTABLISHED
  TCP    shaker:1096            shaker.bcr.local:1279  ESTABLISHED
  TCP    shaker:1097            shaker.bcr.local:1279  ESTABLISHED
  TCP    shaker:1102            shaker.bcr.local:1279  ESTABLISHED
  TCP    shaker:1103            shaker.bcr.local:1279  ESTABLISHED
  TCP    shaker:1279            shaker.bcr.local:1052  ESTABLISHED
  TCP    shaker:1279            shaker.bcr.local:1060  ESTABLISHED
  TCP    shaker:1279            shaker.bcr.local:1086  ESTABLISHED
  TCP    shaker:1279            shaker.bcr.local:1096  ESTABLISHED
  TCP    shaker:1279            shaker.bcr.local:1097  ESTABLISHED
  TCP    shaker:1279            shaker.bcr.local:1102  ESTABLISHED
  TCP    shaker:1279            shaker.bcr.local:1103  ESTABLISHED
  TCP    shaker:1279            shaker.bcr.local:3506  ESTABLISHED
  TCP    shaker:1999            martini.bcr.local:ldap  CLOSE_WAIT
  TCP    shaker:2301            shaker.bcr.local:0     LISTENING
  TCP    shaker:2381            shaker.bcr.local:0     LISTENING
  TCP    shaker:3479            milla.bcr.local:1026   ESTABLISHED
  TCP    shaker:3506            shaker.bcr.local:1279  ESTABLISHED
  TCP    shaker:5010            ws100356.bcr.local:1497  TIME_WAIT
  TCP    shaker:5010            ws100085.bcr.local:1664  TIME_WAIT
  TCP    shaker:5010            ws100085.bcr.local:1665  TIME_WAIT
  TCP    shaker:5010            ws100069.bcr.local:1635  TIME_WAIT
  TCP    shaker:1087            shaker.bcr.local:1088  ESTABLISHED
  TCP    shaker:1088            shaker.bcr.local:1087  ESTABLISHED
  TCP    shaker:1094            shaker.bcr.local:1095  ESTABLISHED
  TCP    shaker:1095            shaker.bcr.local:1094  ESTABLISHED
  TCP    shaker:2301            shaker.bcr.local:0     LISTENING
  TCP    shaker:2381            shaker.bcr.local:0     LISTENING
  UDP    shaker:snmp            *:*
  UDP    shaker:microsoft-ds    *:*
  UDP    shaker:isakmp          *:*
  UDP    shaker:ms-sql-m        *:*
  UDP    shaker:3456            *:*
  UDP    shaker:ipsec-msft      *:*
  UDP    shaker:ntp             *:*
  UDP    shaker:netbios-ns      *:*
  UDP    shaker:netbios-dgm     *:*
  UDP    shaker:ntp             *:*
  UDP    shaker:1090            *:*
  UDP    shaker:1104            *:*
  UDP    shaker:1129            *:*
  UDP    shaker:1413            *:*
  UDP    shaker:1998            *:*
  UDP    shaker:2138            *:*
  UDP    shaker:3456            *:*
  UDP    shaker:4970            *:*
C:\Documents and Settings\Zeuss>

Open in new window

PberSolutions ArchitectCommented:
yeah, it should have that port as listening.
What do you have in your system and application event logs?
see if the windows firewall on the server blocks 3389 ? and make sure you allow this port on windows firewall.
pzozulkaAuthor Commented:
There is no info in the event logs, and as I mentioned earlier the Windows Firewall Service is STOPPED and DISABLED on the target server to which I need to RDP to.

How do I enable the target server to start listening on port 3389.
1. If you can connect by replacing "tserv" with the Terminal Server's IP address but not the host name, you may have a DNS or WINS resolution problem.  
2. If you can connect when "tserv" is the host name, but cannot connect when "tserv" is the computer name, then you may have a NetBIOS name resolution issue with WINS or an LMHOSTS file.  
3. If you cannot connect when "tserv" is the IP address, the host name, or the computer name, then it is likely that port 3389 is blocked somewhere in your WAN
4.also make sure that you have selected "accept incoming connections" on the computer you are trying to connect to.  my computer->properties->remote tab
5.c:\>netstat -a

You'll see something like for port 3389:

Active Connections

  Proto  Local Address          Foreign Address        State
  TCP    gemarti:3389     LISTENING

Does netstat indicate that it is listening?

If it is listening try pinging the machine using the computer name? Is your ping returned?
If it isn't returned try remotely connecting to the machine with it's IP address? Can you connect now?

Does this machine dual boot?
6. Ref this link http:Q_21578598.html for a listner.
7.Also check the policies on the server.
Start |Run... |gpedit.msc
Computer configuraation |Administrative Templates| Windows Component| Terminal Services
8.Here is the info on how to change the listening port:

This may or may not be your problem though, especially if you think you have a virus... Anything in the Event Logs? Have you scanned your machine for viruses?

Here are some links to online virus scanners:
8.Go for windows updates and install all patches on the server and go for a restart..
pzozulkaAuthor Commented:
It is not listening on PORT 3389. How do I make it listen?
1. It won't work if it is not listening. Just to double check try simply
  netstat -an
This will list all open or listening ports. Manually go through the list. Should see under local address unless you have used the registry hack to manually change the port remote desktop uses. If it is there but not shown as "listening" perhaps it thinks it is in use. If it is not there ,
2. Run this script
You can probably easily add this by a command/script:

reg add hklm\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\globallyopenports\list /v "3389:TCP" /d "3389:TCP:*:Enabled:@xpsp2res.dll,-22009"

pzozulkaAuthor Commented:
I tried netstat -an, and is not on the list. Did NOT use any registry hacks to modify RDP port.
I tried taht script and nothing happened. I think its because the WINDOWS FIREWALL SERVICE is DISABLED on the target server.
yeah..try to start the firewall and try the script and then RDP
pzozulkaAuthor Commented:
No luck, I think if I somehow make the server listen on port 3389 that should fix it.

The only question is how do I force it to listen on that port?
Hi pzozulka,

When trying to connect do you see a black screen by chance?
pzozulkaAuthor Commented:
No I do not, in fact I get a response immediately. The error message is posted above.
pzozulkaAuthor Commented:
There is no black screen, the error comes up right away. Its happening only to this one server. I can RDP to all other servers/workstations.
pzozulkaAuthor Commented:
My Computer > Remote = Enabled

netstat  -an  |find  "3389"  <--------- Does not find anything.

Start > Run > services.msc > Terminal Services is set to Manual and is "Started". However, I cannot STOP/RESET it. The options to stop or reset Terminal Services is greyed out. I tried Disabling it, and re Inabling it, but it always says STARTED.
Can you scan the machine for spyware.....
download and run
Scan for viruses also
I had the same issue and performed a change in the servers registry and fixed it, I will try and find it for you.
TDKDConnect With a Mentor Commented:
On one Server I had the GUI to enable RDP connection was still disable even though through the Windows GUI I enabled it. So While I am looking for the fix I used on yet another Server, just check to make sure the registry is interacting correctly with the Windows GUI.

In the remote machine's registry browse to the following key: "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" Under the "Terminal Server" key find the value named fDenyTSConnections (REG_DWORD). Make sure the value data is 0 (Remote Desktop enabled).
pzozulkaAuthor Commented:
Yeah it was set to 0.
pzozulkaAuthor Commented:
I was really dreading this. It takes 20 min to restart this server. Had to perform an off-hours restart. Fixed the problem. Wish I could have found a solution. Thanks to all that helped.
I would change it to 1, then save save it and exit. Then open it and change it back to 0, just for a test.
All Courses

From novice to tech pro — start learning today.