Solved

Cannot Remote Desktop to certain machines.

Posted on 2009-07-09
18
593 Views
Last Modified: 2013-11-21
Some machines on our network I cannot Remote Desktop to. The firewall is off. The Remote Desktop settings in the registry are set, but I still cannot connect to certain machines.

Any ideas??
0
Comment
Question by:Capperdog
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
18 Comments
 
LVL 6

Expert Comment

by:ahdfx
ID: 24819023
Have you mad sure that under system properties, the remote tab there is a check box in the allow users to connect?  Also if you want to remote to a pc that has been restarted and not yet logged in, you need to add users by clicking the "Select Remote Users" button

What OS and SP are they running?  are they upgrades from an older OS?
0
 
LVL 4

Expert Comment

by:bdpsg
ID: 24819979
Hi, you can try the following steps in the order listed below:

1. Go to "Control Panel" > "System" > "Remote" tab > put a tick against "Allow users to connect remotely to this computer"

2. Go to "Control Panel" > "Firewall" > "General" Tab > select "On (Recommended)"
    > "Exceptions" tab > put a tick against "Remote Desktop"

3. Go to "Control Panel" > "Administrative Tools" > "Computer Management" > Expand "Local users and group" > select "Groups" > under "Remote Desktop Users" add in the users you want to allow access.\

this will make sure that you still have protection with the firewall and at the same time allow remote access and not needing to amend the registry

if the machines are in a domain, the above can also be set through GPO...


hope this helps
0
 

Author Comment

by:Capperdog
ID: 24823582
OS is XP SP3
Local Firewall is disabled on all machines in our environment.
By default no machines in our environment have any users in the Remote Users Group, but 99.9% of our machines can be remote managed.
By making the following registry changes there is no need to make changes locally on the machine foir the machine to be remote managed.
HKLM\System\CurrnentControlSet\Control\Terminal Server Change the fAllowToGetFelp setting to 1 to enable remote connections and change the fDenyTSConnections to 0 to allow remote connections.
99.9% of the machines that these changes are made on will allow remote connection, but there are a small number of machines that this change does not seem to do anything. Additionally, I have logged in locally to one of these machines with this issue and checked to local settings and all local settings are set for Remote Management.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:Capperdog
ID: 24879930
I have had no further responses to this. I would like to get some other options to try to resolve this issue. It is a small number of machines but causes big problems with desktop security remediation efforts. Just upped the anny a bit.
0
 
LVL 66

Expert Comment

by:johnb6767
ID: 24948810
In the event you have an NVidia card.... Nvidia recently started breaking RDP, with some notable errors in the logs, regarding rdpdr.sys. In the link below there is a reg fix.
Or just drop to older drivers.....
Nvidia Drivers Break Remote Desktop
http://computingondemand.com/?p=1141
NVidia drivers do get deployed to the Windows Update site..... See if this helps....
0
 
LVL 66

Expert Comment

by:johnb6767
ID: 24948812
"fAllowToGetFelp setting to 1 "
All that does is to enable Remote Assistance requests....
If your user that you are RDPing with is already a member of the local admin group, then the RDU group is of course not needed....
0
 

Author Comment

by:Capperdog
ID: 25064521
So far the Nvidia drivers have not been the case.

All of our users are not admins on thier machines. Changing fAllowToGetHelp to 0 will keep you from being able to RDP into the machine. Only by setting it to 1 and setting the fDenyTSConnections to 0 will you be able to RDP to that machine.

I guess I will close this one in the next week if there are no further responses.

0
 
LVL 66

Expert Comment

by:johnb6767
ID: 25066003
"fAllowToGetHelp to 0 will keep you from being able to RDP into the machine"
This is incorrect, as it has no bearing on RDP. This settign is driven by the checkbox "Allow remote assistance invitations to be sent from this computer". It's the top half of the Remote Tab.....
"fDenyTSConnections" should be the only setting you need to worry about.....
0
 

Author Comment

by:Capperdog
ID: 25068964
My appologies... I just tested and you are correct.

With the Nvidia driver issue not being the case at leat on two machines I have come across do you have any other ideas as to what I may look at on these machines that I cannot RD into?
0
 
LVL 66

Expert Comment

by:johnb6767
ID: 25075738
Corrupted firewall exceptions form the Windows FW?
start>run>cmd.exe>netsh firewall reset
Then reboot, and disable it if needed....
On a machine you cannot RDP into....
Does it respond to pings?
Can you telnet to it on port 3389?
telnet IP 3389
Should go to a black box.....
0
 
LVL 66

Expert Comment

by:johnb6767
ID: 25091306
Any update?
0
 

Author Comment

by:Capperdog
ID: 25093183
Yes,
All of our machines have the Windows firewall disabled by default.

I have a machine we can work with and I was able to ping and telnet to it.

When trying to remote desktop to this machine when you press connect it just goes grey for just a second and then back like it is when you opened RD. It does not error out or anything else.

On others, even with the registry key set you get the cannot connect error message like the registry key had not been set... At the moment I do not have a machine we can work with for this problem.
0
 
LVL 66

Assisted Solution

by:johnb6767
johnb6767 earned 300 total points
ID: 25129478
OK... You should see errors in the Security Log, as well as logs in the Applications /System logs on the target PC. Maybe even something in the client PC.
Have we checked those?
Might just be we need to rebuild the TS support of the remote PC.....
This is also assuming the Terminal Services service is started on the target boxes....
0
 

Author Comment

by:Capperdog
ID: 25197840
I have very busy with other tasks and just took a look at your last response. I will take a look and see as soon as I can and get back with you.

If the problem is we need to rebuild the TS support on some of these machines what would be the procedure?
0
 

Author Comment

by:Capperdog
ID: 25283022
On the one machine I currently know of with this connection issue. Terminal Services is started.

I checked the logs and in the System log there is an error that RDPDD.dll failed to load. I verified that I caused this error by trying to RD to that machine.
0
 

Accepted Solution

by:
Capperdog earned 0 total points
ID: 25283465
Here is what I have found.

If you increase the size of the session image space then you can run remote desktop.

Add the following registry key:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management]

"SessionImageSize"=dword:00000020

The only thing I do not understand is if the solution is saying to create a DWORD value under Memory Management or to create a new Key under Memory Management.
0

Featured Post

ScreenConnect 6.0 Free Trial

Discover new time-saving features in one game-changing release, ScreenConnect 6.0, based on partner feedback. New features include a redesigned UI, app configurations and chat acknowledgement to improve customer engagement!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Customized VNC 1 54
Provide internet access from one windows PC to another 16 100
domain and forest trust 1 32
Samsung Dex 3 43
At the beginning of the year, the IT world was taken hostage by the shareholders of LogMeIn. Their free product, which had been free for ten years, all of the sudden became a "pay" product. Now, I am the first person who will say that software maker…
As with any other System Center product, the installation for the Authoring Tool can be quite a pain sometimes. This article serves to help you avoid making these mistakes and hopefully save you a ton of time on troubleshooting :)  Step 1: Make sur…
The viewer will learn how to create two correlated normally distributed random variables in Excel, use a normal distribution to simulate the return on different levels of investment in each of the two funds over a period of ten years, and, create a …
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

735 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question