Terminal Services - Disconnected when Remote Controlling

I have two Windows Server 2008 R2 Datacenter Edition with Terminal Services Role installed. Both are using the same GPO. On only one of the servers, when I open tsadmin.msc and try to remote control a user’s session the users session is immediately disconnected. I have tested using Windows 7 and XP with the same result. The Windows 7 client Network level authentication is supported and on the XP machine it isn't. I see in the event view the application popup where I am requesting control. The only other log entry that I can see would be in the security log. Any ideas?
The Windows Filtering Platform has blocked a bind to a local port.

Application Information:
	Process ID:		492
	Application Name:	\device\harddiskvolume1\windows\system32\svchost.exe

Network Information:
	Source Address:
	Source Port:		59965
	Protocol:		17

Filter Information:
	Filter Run-Time ID:	0
	Layer Name:		Resource Assignment
	Layer Run-Time ID:	36

Open in new window

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Does the machine have a local firewall policy that the other machine does not?  Try disabling Windows Firewall on the target machine and trying again - that will help narrow it down.
DowntownITAuthor Commented:
Group policy is setting all three of the firewall profiles of the TS to off. As for both clients, the firewall is disabled. I am able to remote control using our other TS.
Has someone enable IP Filtering (not part of the firewall product) under the network card on that machine?
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

DowntownITAuthor Commented:
Where would I check that?
If you're not using IPSec or Windows Firewall, disable the BFE Service under Service Manager - see if this resolves the issue.  You can disable it later if you do decide to actually do filtering - but it looks like this is a known bug that others have had issues with.
DowntownITAuthor Commented:
The security log error is gone but problem remains.
Interesting - so the error message isn't necessarily linked to your problem - but is just indicative of the errors that others are seeing (reference link: http://social.msdn.microsoft.com/Forums/en/wfp/thread/774026e6-a771-418a-b531-22183ef399f8 ) with respect to the IP Filtering not configuring correctly during install..

To play it safe, I'd re-enable BFE (as I'm unsure what else it may affect in your environment) - and if I can think of any other suggestions, I'll try to post them...
Also - in  terminal services configuration manager - check the option 'Restrict each user to a single session' and make sure it's not set to 'yes'?
Also - please read this article, which MAY be related to your issue:

If it is not, please identify the differences in your situation - and/or try the possible fixes identified.
DowntownITAuthor Commented:
check the option 'Restrict each user to a single session' and make sure it's not set to 'yes'
on both TS's it is set to yes, I changed it on the TS that isn't able to remote control with the same result. I will look through that link now

DowntownITAuthor Commented:
I tried this with no luck

Windows Server 2008 R2

1. Logon to the Remote Desktop Services Session Host computer as an administrator
2. Start--Run gpedit.msc
3. In the left pane, under Computer Configuration, navigate to following:

Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Remote Session Environment

4. In the right pane, double-click on Set compression algorithm for RDP data
5. Select Enabled, and choose Balances memory and network bandwidth
6. Click OK to save the change

I'm sorry, I don't have any other suggestions for you at the moment.
Have you applied this hotfix?: http://support.microsoft.com/kb/2273487

Experts Exchange Solution brought to you by ConnectWise

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.