Solved

Cannot connect to Server 2008 R2 RDS server

Posted on 2011-09-20
15
2,826 Views
Last Modified: 2013-11-21
Hi,

Got a problem with this server. It's a new install, Server 2008 R2 with RDS roles installed, along with DNS, DHCP and acting as a DC.

If I try to RD in from an XP machine I get:
An authentication error has occurred (Code: 0x80090330)
Remote computer: xxx.xxx.xxx.xxx

I can fix that by editing the default RDP file and adding in:
enablecredsspsupport:i:0

I suppose I got a few issues.
1) listed above
2) from a win7 computer I just get the username/password prompt then (cannot connect to the remote computer)
3) I'm just concerned that when I put the machines in onsite, their thinclients are going to have problems connecting too

This is my first RDS server, am I missing something obvious? I've got a certificate in there by the way.

This either happened after some updates or after I made it a DC. Was doing it all at once so I can't remember.

Any help would be great. Thanks
0
Comment
Question by:Talds_Alouds
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 4
  • 2
  • +1
15 Comments
 
LVL 5

Expert Comment

by:AJS2011NZ
ID: 36565319
The issue with XP is NLA. You can disable NLA on the RDP settings. Why is the RDS server a DC? This is not recommended best practice. Is it a trusted certificate or a self signed certificate? From the Win 7 workstation it will provide a reason as to why it failed to connect, can you post this?
0
 
LVL 1

Expert Comment

by:jimmernet
ID: 36566253
try downloading the latest rdp client for xp from microsoft.

http://support.microsoft.com/kb/969084

cheers
0
 

Author Comment

by:Talds_Alouds
ID: 36571027
Thanks for your responses. Well, I updated the RDP client - surprised MS update didn't offer it.
I got the same problem but with a little more info:

An authentication error has occurred.
The specified data could not be decrypted.
Remote computer: xxx.xxx.xxx.xxx

In repsonse to AJS2011NZ:
Yeah I know it's not good practice but the client only has 5 seats and an RDS server is required by a piece of software they're running. It's a self signed cert. Where exactly do I disable NLA?
I've also just had a look in the event log for error information and I don't have anything. After I punch in the IP and hit connect, it asks for the user/pass. I type that in and all I get is the picture attached.

 RDP error
0
Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

 
LVL 1

Expert Comment

by:jimmernet
ID: 36572631
for what it's worth the link to the update page I gave you contains this...

Known issues affecting Windows XP package

    By default, Network Level Authentication (NLA) is disabled in Windows XP Service Pack 3 (SP3). To enable NLA, you have to turn on the Credential Security Service Provider (CredSSP). For more information, click the following article number to view the article in the Microsoft Knowledge Base:
    951608  Description of the Credential Security Service Provider (CredSSP) in Windows XP Service Pack 3
0
 

Author Comment

by:Talds_Alouds
ID: 36572895
Ok,
and the only way to do that is to type in the command in the default rdp connection?

So what are we thinking for the win7 machine?
0
 
LVL 5

Expert Comment

by:AJS2011NZ
ID: 36585441
Hi, you can disable the require NLA on the RDS Server. You need to go to the RDP Connection options and take the check out. NLA Option
0
 

Author Comment

by:Talds_Alouds
ID: 36596379
Are you talking about TS 2003? I'm on server 2008R2.
0
 
LVL 40

Expert Comment

by:footech
ID: 36596830
No, that option is not available on Server 2003.
0
 

Author Comment

by:Talds_Alouds
ID: 36597137
Can you please tell me how to get to it? Can't find it sorry.
0
 
LVL 40

Expert Comment

by:footech
ID: 36599129
You can either dig down through Administrative Tools >  (can't remember the exact name here), or just right click on Computer in the Start Menu, choose Properties, then Remote Settings.
0
 

Author Comment

by:Talds_Alouds
ID: 36602311
Oh yeah I've checked all that. The window you posted was different looking to the one in remote settings. That's been on 'any version...' for a long time...
0
 
LVL 40

Expert Comment

by:footech
ID: 36602428
The screenshot that AJS2011NZ posted is from Server 2008 R2.  Just a different way of looking at it (if you go to RD Session Host Configurator, then right click on the RDP-Tcp connection and choose properties).

If you're not able to connect from a Win 7 machine then something really wrong is happening.  Off the top of my head, either the service is not running, firewall is blocking the port, or you're trying to log in with a user that doesn't have permissions.
0
 
LVL 40

Expert Comment

by:footech
ID: 36913255
Any progress here?  Were you able to disable NLA?  Are you able to connect now or still having issues?
0
 

Accepted Solution

by:
Talds_Alouds earned 0 total points
ID: 36913297
Sorry, it was already NOT using NLA. I just rebuilt the box and all was ok. Don't know what the problem was - corrup certificate? I don't know but it's working now and that's the main thing.
0
 

Author Closing Comment

by:Talds_Alouds
ID: 36938199
Accepting my own solution as I rebuilt.
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Redirected folders in a windows domain can be quite useful for a number of reasons, one of them being that with redirected application data, you can give users more seamless experience when logging into different workstations.  For example, if a use…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question