[Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Vista RDP clients cannot connect to Windows 2008 Terminal

Posted on 2011-05-06
10
Medium Priority
?
527 Views
Last Modified: 2012-05-11
Windows Vista RDP users cannot connect to a new Windows 2008 Terminal Server. The error is: :Remote Desktop cannot connect to the remote computer because the authentication certificate received from the remote computer is expired or invalid."

1 - It's not a time discrepancy issue
2 - Already made sure the Terminal manager is set to allow connections from all versions of RDP
3 - Vista clients can connect to our 2003 Terminal, just not the 2008.
4 - XP and 7 clients can connect

Thank you for any assistance - David
0
Comment
Question by:szagoria
  • 5
  • 5
10 Comments
 
LVL 8

Expert Comment

by:steinmto
ID: 35706754
If you open the rdp client and go to the advanced tab what is the box under server authentication set to?  
0
 
LVL 1

Author Comment

by:szagoria
ID: 35706771
Yes, forgot to mention that I set that as well to ignore any errors and connect.
0
 
LVL 8

Expert Comment

by:steinmto
ID: 35706772
Just to make sure you have checked the time zones also I have seen people image computers and set the wrong time zone in their image.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 8

Assisted Solution

by:steinmto
steinmto earned 2000 total points
ID: 35706780
Hey All,
 
 
 
You can treat this error through two ways:
 
 
 
1.       Is to issue a valid certificate that’s from a trusted root CA trusted by the client machines (which is the recommended action as it’s more secure). To do this follow the steps below:
 
 
 
·         Issue the required TS certificate from trusted CA, and install it in the local computer store on TS server.
 
·         Open Terminal services configuration.
 
·         Right click RDP-tcp then Properties.
 
·         On General Tab you ll find certificates section click select and choose the certificate you have installed.
 
 
 
2.        Is to tell the Terminal service server to not negotiate security layer for with the RDP clients and make it RDP security layer. To do this follow the steps below:
 
 
 
·         Open Terminal services configuration.
 
·         Right click RDP-tcp then Properties.
 
·         On General Tab change security layer from negotiate to RDP security layer.
 
 
 
0
 
LVL 1

Author Comment

by:szagoria
ID: 35706851
Thanks, I"ll try #2 since the client does not want to purchase a cert.  Will it interrupt current rdp sessions?
0
 
LVL 8

Expert Comment

by:steinmto
ID: 35706877
Not that I am aware of.  I have made changes there and they only affect new sessions.
0
 
LVL 1

Author Comment

by:szagoria
ID: 35706952
OK.  I've made the change as per #2 and will test once I get on a Vista pc.  Thanks.
0
 
LVL 1

Accepted Solution

by:
szagoria earned 0 total points
ID: 35707019
Great.  It worked.  Thanks for the help.  Really appreciate the time.
0
 
LVL 8

Expert Comment

by:steinmto
ID: 35707951
Glad to help/
0
 
LVL 1

Author Closing Comment

by:szagoria
ID: 35735897
Appreciated the quick replies and clean cut answer.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Suggested Courses

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question