Solved

RDP to win 7 pro fails

Posted on 2011-09-26
29
695 Views
Last Modified: 2012-05-12
Hello all,
We are having this weired problem on some of our windows 7 workstations. Simply the problem is this;
Some of our PCs with Windows 7 Pro installed won't allow RDP connection. So far these are the things we have tried;
1. We have checked all the Remote Connection settings and make sure RDP is enabled.
2. Checked Windows firewall settings and tried the followings; disabled Win FW, Added an exception for RDP ports and RDP program none of them worked
3. Changed the default RDP port and tried to connect via the new port.
We have tried to reinstalling win 7 and it fixed the problem however there has to be an easier fix. We simply can not afford to reinstall win7 on all of these PCs with problem.
. Any suggestions?
0
Comment
Question by:dahter
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 15
  • 8
  • 6
29 Comments
 

Author Comment

by:dahter
ID: 36598403
In addition to my post;
Right now the windows FW service is disabled however the the machine can not be pinged from another PC on the same network.
0
 
LVL 20

Expert Comment

by:Iain MacMillan
ID: 36598447
sounds like you might have a DNS issue with your Win 7 systems.  are they in separate OUs with correct policy settings?  have you tried giving some systems a static IP & DNS settings and see if they can be communicated with?

is the remote settings set to Allow Connections from computers running ANY version of RD.  What groups are listed under Select Users?

win 7 systems have 2 firewalls, incoming & outgoing, you need to disable both (we use a GPO for this).  what about AV or security software, could it be blocking remote or ping requests?

do you have 2003 or 2008 DC's??
0
 

Author Comment

by:dahter
ID: 36598561
Dear Ian,
Well some of the win7 systems are perfectly fine and they are configured in same way on AD or on same policy level. Yes I have tried the static IP and DNS but did not change the outcome.
Yes the remote settings set to connections coming from any versin of RD.
I simply disable the FW from it's console and stop the FW service
We are using MS Security essentials as AV or Mcafee however we disable the AV as well.
We have 2008 DC.
0
Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 

Author Comment

by:dahter
ID: 36598767
Also I want to add that when I browse the win Fw logs I do not see any dropped RDP requests.
0
 
LVL 3

Expert Comment

by:dlb_amp
ID: 36598840
If the Windows FW is off and you still can't ping, then it sounds like a routing issue. Is the Win7 PC and the remote client on the same subnet?

dlb
0
 

Author Comment

by:dahter
ID: 36598949
Of course it is.
0
 
LVL 20

Expert Comment

by:Iain MacMillan
ID: 36599225
do you have something like UltraVNC that you can test/use, to eliminate RDP from the equation?

can you RDP from the afflicted Win 7 system to another Win 7 box or server?  what if you use the IP address instead of name (to see if DNS is a factor)?  Under the RDP Experience tab, have you set it to LAN and the Advanced tab has Server Auth Fails set to Warn Me or Connect and Don't Warn?

Also make sure under Network & Sharing Centre --> Adv Sharing, Network Discovery is ON & File Sharing Connection is set to 40/56bit if you have a mixed server/desktop environment.

All my systems also have IPv6 disabled, but that's just a preference thing on our site, but may help.
0
 
LVL 20

Expert Comment

by:Iain MacMillan
ID: 36599303
if the IP option works, then you need to fix your DNS issue -- the machines are likely not registering their details with DNS correctly when added to the domain (check your DNS suffix).

technically you should be able to ping the IP and get the name and vice versa.  if you are not getting that, then we need to focus on fixing the DC's and your DNS records.
0
 

Author Comment

by:dahter
ID: 36600922
I will check it out and will get back to you...
0
 

Author Comment

by:dahter
ID: 36715796
No we don't have ultra VNC.
Yes we can RDP from those particular machines to any other RDP available system.

Both IP or the systme name fail so there is no DNS issue.

Under the RDP experience tab we use highspeed broadband and under the Advanced tab  Server Auth Fails usually is set to Warn Me however since the connection can not be established these settings won't do anything as they are for performance issues.

Under Network & Sharing Centre --> Adv Sharing, Network Discovery is ON & File Sharing Connection is set to 40/56 - Yes

IPv6 is disabled.

I can not ping the windows 7 PV that can not be connected via RDP.
0
 
LVL 20

Expert Comment

by:Iain MacMillan
ID: 36717473
what system are you doing the pings from -- XP, 7, Server 03 or 08??  If 7 or 2008, i think it needs to be an Admin enabled command prompt.  definitely smells of a firewall or security app issue  - are these systems on the same switch??

only other thing i can think of is your Windows FW is blocking the ICMP requests.  Check Control Panel > Windows Firewall > Advanced settings > Inbound Rules and enable File and Printer Sharing (Echo Request - ICMPv4-In) for the Domain profile (usually Public & Private will be listed & enabled too).  At least that will let you know that the systems are capable of receiving the request.

on the LAN adapter properties, is there anything else other than Client for MS Networks/VM Network Services\Qos Packet Sched, IPv6, IPv4 & Link Layer Discovery Mapper/Responder???

Also try this, go to Control Panel-->Networking and Sharing Centre-->change adapter settings link on top left.
Right click your local area connection and left click on properties.
Uncheck IPV6 then double click on IPV4 and click the advanced button.
Click the DNS tab, and go ahead and add the dns IP address(s) anyway.  
At the bottom you will find where it says "DNS suffix for this connection", put in your domain name
On the WINS tab, untick the LMHOSTS option
Click ok all the way out, you might want to ipconfig /release and then ipconfig /renew in an admin command prompt.

see if that has any effect.
0
 
LVL 20

Expert Comment

by:Iain MacMillan
ID: 36717481
Windows FW can be turned off, but the service should still be running in the background -- if you have the service disabled, that when the problems can occur.
0
 
LVL 3

Expert Comment

by:dlb_amp
ID: 36717543
If he's pinging the IP address then DNS won't matter. This smells more like a firewall issue.

I read that a reinstall of windows makes it work. Since you are disabling the win FW, there must be another program blocking the PC from being seen on the network. Try uninstalling McAfee.

dlb
0
 

Author Comment

by:dahter
ID: 36717617
We have  already discovered reinstalling windows works however this is allot of work and we don't want to go down to that route. I have already tried to disable the windows FW service and did not work (After I had restarted the PC I checked the Win FW and it was turned off and the service was disabled). I have already tried uninstalling AV and tried it like that no luck.
0
 
LVL 3

Expert Comment

by:dlb_amp
ID: 36717641
I wasn't suggesting reinstall, Just noting that solution fixed it. Meaning something pre-installed on the PC is causing the problem. But that's assuming these are new PCs that are having this problem. If it's a case where it used to work on them but now doesn't, then it coudl be something entirely different.

dlb
0
 

Author Comment

by:dahter
ID: 36813060
yeah so far no clue...
0
 
LVL 20

Expert Comment

by:Iain MacMillan
ID: 36813462
as i said above, FW can be turned off, but the service needs to be RUNNING.  this seems to fix a lot of network issues along with disabling IPv6 which you have done.

given that rebuilds fix the issue, it could be a 3rd party app or OEM installed package that is adding to the issue.
0
 

Author Comment

by:dahter
ID: 36918577
No idea? Anyone?
0
 
LVL 20

Expert Comment

by:Iain MacMillan
ID: 36922885
have you set the firewall to OFF but left the service running?
0
 

Author Comment

by:dahter
ID: 36923344
I tried both. Set it off let the service run and set it off and set the service off too.. None of them worked. I tried win 7 SP1 too...
0
 
LVL 3

Expert Comment

by:dlb_amp
ID: 36923855
Have you tried uninstalling and re-installing the NIC?

dlb
0
 

Author Comment

by:dahter
ID: 36924322
no but we have tried on both wireless and wired so technically 2 different nics.
0
 
LVL 3

Expert Comment

by:dlb_amp
ID: 36924439
True, but if something was configured wrong by the mfg on both cards...
0
 

Author Comment

by:dahter
ID: 36967762
no did not work. I thought the media set might be broken but we used the same media set for setting up couple of PCs and only few of them have the problem. I thought this info might be useful.
0
 
LVL 3

Expert Comment

by:dlb_amp
ID: 36967838
Have you tried taking one of the problem PC's and a good PC off the network and setup on a stand-alone hub/switch with static IPs to see if you could connect thereby eliminating your network as a problem?

dlb
0
 

Author Comment

by:dahter
ID: 36992016
Yes I did and failed.
0
 
LVL 20

Expert Comment

by:Iain MacMillan
ID: 36993471
when you disable your AV software, are you shutting down the services (McAfee Enterprise has 3 and MSE has 1).  They would need to be stopped, to not be a factor in this.

Then on the flip-side you have other Win 7 systems with AV (I assume) that RDP fine, so it's a bit of an oddity.  Since a rebuild works, it has to be something that removed as part of your rebuild process that is the cause.  Are all your Win 7 systems up to SP1.  Have you run the DISM command to perm. commit the SP1 update and to tidy the patch/updates area of the system to free up disk space?
0
 

Accepted Solution

by:
dahter earned 0 total points
ID: 37082185
I have found the problem. Somehow Checkpoint VPN client interfere with RDP session. As soon as I uninstall the vpn clients, RDP works just fine.
0
 

Author Closing Comment

by:dahter
ID: 37105794
I tried every solution from all the users but finally I have discovered what the problem is myself.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you try to extract and to view the contents of a Microsoft Update Standalone Package (MSU) for Windows Vista, you cannot extract the files from the MSU. Here we are going to explain how to extract those hotfix details without using any third pa…
When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
This Micro Tutorial will teach you the basics of configuring your computer to improve its speed. It will also teach you how to disable programs that are running in the background simultaneously. This will be demonstrated using Windows 7 operating…
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question