RDP Clients unable to connect

Windows 2003 Terminal Server, my Licensing Server is on a differnent server which is a AD Controller, multiple clients use the RDP sever from mulitple sites. About 3 weeks ago one site was unable to connect. This particular remote site is not admistered by me, but another entity. but according to him nothing has changed on his end either. Scenario, they connect to my MS VPN server just fine, but when they try to use RDP to connect to our RDP server they get an error that pops-up (I have attached the screenshot for this). I cannot find anything in the event viewer on my licensing server nor my RDP server & the other gentleman has said that there are no events being recorded on the client PC's on his side that need this connection. I do show the PC's that have attempted to connect as having a temporary license issued to them via my licensing server... I can ping them via their assigned VPN address & I can even RDP into them... but they cannot RDP into my terminal server...

The gentleman on the remote end has also followed the instructions in the following two KB articles, cc756826 and cc775526, but there was no change.

Thanks in advance for the help!
RDP-error.JPG
ZappaMangAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Scott AndersonPrincipal Support EngineerCommented:
Hmmm... a couple of things you can do here..

Firstly, you may have a failure to locate/communicate between your TS Server and the TS Licensing Instance.  The TS server will try to contact the Licensing server on port 135, which is normally open on a DC - or it wouldn't be functioning as a DC...  So it's more likely that it's a "locating" problem.  You can specify where the TS server should look for the TS Licensing Instance by specifying it in the TS Configuration Tool (AdminTools:TerminalServices:TerminalServicesConfiguration).
Other troubleshooting options are here:
http://technet.microsoft.com/en-us/library/cc758805(WS.10).aspx


Another option is to "whack" the temp key off the client workstations to see if that gets you by, although the problem will reappear in 90-120 days...  
http://support.microsoft.com/kb/187614
0
Scott AndersonPrincipal Support EngineerCommented:
Forgot to mention...
- Make sure the TS Licensing mode matches the TS Licenses that are installed on the TS License server (Per Device vs. Per User).
- Make sure you've got Firewall turned down on your DC...
0
ZappaMangAuthor Commented:
Scooter, thanks for the help. On the Terninal Server itself, in TSAdmin I had already specified my license server under the "License Server Discovery Mode" entry & my licensing Mode is per Device & that does match the 155 DEV CAL's that I have registered with my TS License Server. The Domain Controller's do not have any software firewalls on them, so that shouldn't be a factor in this.

I also looked at the KB article that you have posted above, but it does not cover Windows XP Pro, which is the OS of the PC's having this issue. Oddly enough, they do have a Vista Ultimate machine @ that problem location & it can connect fine, but the XP Pro machines cannot! Don't know what that is all about., but that may shed some light on this issue. but the article did have some interesting info... According to it, a temp license is issued to clients connecting, once they disconnect they still have a temp license, but upon a succesful 2nd connection the license goes from temp to a regular DEV CAL.. I have 3 temp licenses in my RDP Licensing Server, & all 3 are for the 3 troubled machines at that location. I agree, there is a communication problem somewhere but I can't find it! The gentleman at the other location did try & blow out the registry keys, I can only assume it went through the same steps the above article was getting at, only for XP Pro. Thanks again for your help!
0
Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

Scott AndersonPrincipal Support EngineerCommented:
How about the RDP client version on the XP boxes?
Also could check on the 2008 server to see what level of security it's running (Network Level Authentication):
  - Go to System Properties & "Remote" tab.
  - Check Security option "Allow connections... running any version of Remote Desktop (less secure).

Also, are you running TS Gateway Services or have it installed??  If you do & are not using it - remove it.  It'll add on a fair bit of security (TS-RAP & TS-CAP policies) that could prevent connections...
0
ZappaMangAuthor Commented:
The guy on the remote end updated the RDP client on his XP machine to the newest version, but the results remained the same, nothing changed. My RDP & licensing servers are both Windows Server 2003 Std. Ed., so there is no "Network Authentication" area in my System Properties under the remote tab, unless I'm missing it. & There was no TS Gateway Services installed when this was setup. I don't see anything on either server that indicates TS Gateway Services is there.
0
ZappaMangAuthor Commented:
I figured out a work around & I'm not 100% sure as to why it worked. I had that particular site install the SonicWall Global VPN software & I had them connect to that VPN server instead of using my MS VPN server. They were able to connect to my RDP server & get a license delegated to them. Not sure what the issue was, but its gone now. Thanks for the help.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.