Solved

Remote Desktop Not listening on Port 3389 Windows 2008R2

Posted on 2012-03-22
34
14,958 Views
1 Endorsement
Last Modified: 2016-08-23
I cannot connect to a windows server 2008r2 with any remote desktop.

-No firewall enabled
-No antivirus firewall
-Remote Desktop is enable thru system properties
-Changing listening port via registry makes no difference(still will not listen on new port)
-have recreated the connection in the Remote Desktop Session Host
-have tried specific network adapters and the setting for all network adapters.

Any ideas why i cannot connect and get this message" Remote Desktop can't connect to the remote computer for one of these reasons"?
1
Comment
Question by:HungerMountain
  • 15
  • 11
  • 4
  • +2
34 Comments
 
LVL 25

Expert Comment

by:Tony1044
ID: 37752937
You say it's not listening, but have you tried to telnet to it on port 3389?

telnet xxx.xxx.xxx.xxx 3389

If the screen goes black, to a cursor, then it is actually listening.

What is the full error message you are receiving?

Has it ever worked?

Have you disabled the firewall service? If so, re-enable it and turn it off via the security centre or create a rule for RDP.

Is there anything in the event logs of either the server or client?

What client are you using? XP/Vista/7 ?

Have you enabled Remote Desktop Services? If so, this is akin to Terminal Server and after a grace period will require licenses. If you just want remote management, uninstall the RDS features.

If you can answer the above, it'll help to narrow down the problem.
0
 

Author Comment

by:HungerMountain
ID: 37753097
Thanks
1)Opening a telnet connection ...I get "Could not open connection to the host , on port 3389:connect failed"

using netstat -ano it does not show 3389 listening at all

2)I am getting the standard error connection as if the machine had Remote Desktop disabled (see attached screen shot)

3)I dont believe i have ever tried it before now

4) Enabling Remote Desktop Rules with active firewall made no difference.(i had not stopped the firewall service, just turned it off in the control panel)

5)Nothing visible in either client or sever event logs

6)I am using a windows 7 client ..have also tried another machine , and and XP client.

7)I have not added any of the Remote Desktop Service Features thru server management.(We just need Remote Desktop for Administration)
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37753653
Make sure it is actually running on port 3389 at this registry key. If it is, try a different port like 3390, reboot and try again.

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\PortNumber
0
 

Author Comment

by:HungerMountain
ID: 37753689
I have tried this a number of times. It makes no difference what the port number is set at. It will not listen on any other port either.
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37753708
I think it is definitely firewall. Disable the firewall completely and try again. Can the server be pinged from a client? Have you tried removing the setting to allow rdp and then re-enabling them?
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37753718
0
 

Author Comment

by:HungerMountain
ID: 37753732
Still nothing with the firewall completely disabled. Yes the machine is fully online. I can access shares and ping it.
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37753841
You are disabling the firewall on the domain side, right? Just making sure. And also, you disabled both areas of the firewall, correct?
0
 

Author Comment

by:HungerMountain
ID: 37753868
Yes 100% sure the wall is not blocking it. I am not sure what you mean by "both" areas. I have turned off the firewall in areas --Domain Home and Public -----as well as stopping the windows firewall service in services.

The system still does not show 3389 listening as it does in all of our other 2008R2 servers with SP1
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37753891
Try it from an elevated command prompt, disabling all 3 for the test-

Disable Windows 2008 R2 Firewall from Command Line:

Domain Profile:
Netsh advfirewall set domainprofile state off

Private Profile:
Netsh advfirewall set privateprofile state off

Public Profile:
Netsh advfirewall set publicprofile state off

To enable the firewall replace the OFF at the end of the sentence for ON.

Turn them all off from the elevated command prompt and try again. It is still acting like the firewall by the symptoms you are describing. I just want to make sure.

Thanks!
0
 

Author Comment

by:HungerMountain
ID: 37753950
All commands ran successfully to turn off the firewall, but that did not fix the problem.
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37753992
Are you using NLA?
0
 

Author Comment

by:HungerMountain
ID: 37756416
Network Location Awareness service is running.
0
 
LVL 25

Expert Comment

by:Tony1044
ID: 37756624
I think he meant network level authentication but in this case it's a complete misdirection as you're not even getting it listening.

Also, netsh commands to disable firewall functions are deprecated and shouldn't be used now.

I'm at a loss on this one - the general consensus I've found online has been to do a reinstall of the OS.

Is it service packed? It might be worthwhile putting it on/reapplying it.
0
 

Author Comment

by:HungerMountain
ID: 37756944
Yes i agree , it needs to be listening first.

It is on service pack 1. I may re-pack it, I want to avoid OS re-installation.

Maybe its time to open a microsoft ticket. :-(

This one has me stumped too.
0
 
LVL 7

Expert Comment

by:Ilya Rubinshteyn
ID: 37757000
Have you tried removing/reinstalling RDS role/s?
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37757254
Netsh is deprecated? Directly on MS website, it says you can use the Firewall commands using Netsh. I don't understand why one would think it is deprecated unless they are not used to using the command prompt or powershell. I am a past Linux guy so I like command line.

http://technet.microsoft.com/en-us/library/cc766337%28v=ws.10%29.aspx

Back to the point at hand, I still think it is the firewall messing it up in someway. I cannot see a large enterprise wiping a DC if they are unable to RDP to the server.

1. Make sure all of these services are running on the Server

DNS Client
Function Discovery Resource Publication
SSDP Discovery
UPnP

2. Go to Control Panel > System & Security > Click on 'Allow Remote Access' under System and allow RDP

I had a jr admin actually disable "DNS Client" on a DC because he thought "Its a DNS Server, why does it need to be a client" which wreaked some havoc for a day or two.
0
The curse of the end user strikes again      

You’ve updated all your end user’s email signatures. Hooray! But guess what? They’re playing around with the HTML, adding stupid taglines and ruining the imagery. Find out how you can save your signatures from end users today.

 
LVL 9

Expert Comment

by:Geodash
ID: 37757295
Also, have you gone through this whole article, from MS ?

http://support.microsoft.com/kb/2477176
0
 

Author Comment

by:HungerMountain
ID: 37757622
The only service that was not running was Function Discovery Resource Publication(that made no difference and is not running on other 2008r2 servers that allow RDP admin

I have "allow Remote Access" Turned on

I have been thru the microsoft article. I cannot get the port to listen on any port!!

Just to clarify, I am only using RDP for administration purposes, I have not installed the roles for Remote Desktop Services. It says on the opening screen when you attempt add them , that this is not needed for Administration only.
0
 
LVL 7

Expert Comment

by:Ilya Rubinshteyn
ID: 37757655
Correct, i have experienced it where installing the remote desktop services role and then removing clears the problem, hence the question. There is something in the reg. or the system that is preventing the RDP port from functioning. Even though you eliminated the firewall and the RDP Registry entry, it is obviously lurking somewhere. Installing/test/removing RDS will allow you to reset this w/out reinstalling the OS.
0
 

Author Comment

by:HungerMountain
ID: 37757776
I have installed the RDS roles
Rebooted
could still not connect
I have uninstalled the RDS roles
Rebooted
could still not connect

Great idea though.
0
 
LVL 7

Expert Comment

by:Ilya Rubinshteyn
ID: 37757791
Ms call it is, I'm afraid :-(
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37757802
Have you ever been able to connect to this Server remotely? Is there any AV installed? Any type of security software, port blockers, McAfee, Norton etc. ?
0
 

Author Comment

by:HungerMountain
ID: 37757835
I dont believe i have ever tried connecting this way before.

There is antivirus software, but it gives no issues on any other of our servers(No add on firewall or port blocker)

Other software is CA ArcServe,Sharepoint foundation 2010 and SQL Server.

I think i will be making a long phone call.
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37757849
I would still try eliminating all possibilities before calling MS. The first thing they will do is tell you to uninstall AV (if it is 3rd party) and try again. I have tried it in the past and they always say it. Are you able to uninstall AV, reboot and try again, just to eliminate any possibility?

Even if there is no FW or Port blocking in the AV, I have seen it still happen in the past. Just a suggestion before calling MS and paying the money/time to do so.
0
 

Author Comment

by:HungerMountain
ID: 37758102
Uninstalled antivirus, rebooted....and .. Same problem... no connection...not listening on port.
0
 
LVL 25

Expert Comment

by:Tony1044
ID: 37758795
The comment re lack of experience with the command shell was rather personal and uncalled for. I made a simple mistake and misread the advfirewall as firewall which is the command that has been deprecated. I did not say netsh has been,

I would uninstall the RDS role as this installs the session host role but I assume you want the remote administrative mode.

I'd also re-service pack it.

It might be worth checking which, if any, updates have gone on recently that may be different on other (working) servers and remove them.
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37758851
Tony1044 - I apologize if you took it personal, it was not my intention at all nor was it referring that you had a lack of knowledge. All of the questions are relevant and I don't think any should be overlooked, hence my questioning.

I still think it is firewall related - try below - taken from here:

http://social.technet.microsoft.com/Forums/en-US/windowsserver2008r2rds/thread/811b722f-78e4-479c-afc8-bbfd604447fa/
_____________________________________________________________________________________________
By default, there is pre-defined rule Remote Desktop (TCP-in) in all profile that allow the incoming RDP connection. Please double check this rule to make sure it is enabled and applies to all profiles.

 

 

If the issue persists, please enable the Windows Firewall Audit Events on the server and then reproduce the issue to verify whether RDP traffic that is blocked by the Windows Server 2008 firewall.

1. In the command prompt, type the following command. You can copy and paste this command into the Command Prompt window:

auditpol.exe /set /SubCategory:"MPSSVC rule-level Policy Change","Filtering Platform policy change","IPsec Main Mode","IPsec Quick Mode","IPsec Extended Mode","IPsec Driver","Other System Events","Filtering Platform Packet Drop","Filtering Platform Connection" /success:enable /failure:enable

2. Restart the Windows Firewall service by typing the following commands, ending each by pressing ENTER:

net stop MPSSVC

net start MPSSVC

3. On the client, try to establish the RDP connection and then verify the event log in the Event Log--->Security.

 

Enable IPsec and Windows Firewall Audit Events

http://technet.microsoft.com/en-us/library/cc754714.aspx
0
 

Author Comment

by:HungerMountain
ID: 37765647
Enabling logging on the firewall revealed nothing. I do not believe this is a firewall issue. I still cannot see the port listening.

All servers have the same updates and service packs .. no issues with any other machines.

About to open a ticket with microsoft.

I will let you know what i will find.
0
 

Accepted Solution

by:
HungerMountain earned 0 total points
ID: 37771005
Thank you everyone for the troubleshooting.

I will summarize the events of the last 2 days and the solution.

1) placed a call with microsoft
2) after 8 hours of troubleshooting the tech decided to replace the registry keys from the RDP from another working 2008R2 server.
3)This was a huge mistake.. It made the server endlessly reboot. It could not start in safe mode and last known good configuration would not either.
4)Escalated call to Engineering, who attempted to repair registry. We got the system to boot but without any video!!!
5) We decided we would do a bare metal restore round 3PM, by 6PM the system was back online to the same state it was to begin with.
6)This morning the original tech, discovered the the "RDP Winstation Driver" could not start.You can view this d driver in the device manager Non-Plug and Play Drivers(it is hidden, you must display hidden devices).Attempted to restart, it gave a error message but did not write to the even viewer.
7)Downloaded 2 new drivers from microsoft HotFix KB2666484-x64 and HotFix KB2624677-x64. These updated RDPWD.sys and RDBSS.sys in windows\system32\drivers
8)Rebooted and RDP admin worked as it should!!

A lesson on just how important disaster recovery is!
0
 
LVL 25

Expert Comment

by:Tony1044
ID: 37771102
I'm really glad you got it working - also glad you had a working backup to go back to.

One quick tip for the future (where it's relevant) before I do anything so invasive, if it's a physical HP or Dell* server with a RAID 1 drive set for the OS (quite a common setup), I pull one of the drives.

That way if you end up with it stuffed like MS did, it can be quickly restored by pulling the stuffed drive and plugging the one you pulled out back in.

Ditto if it's a virtual machine - take a snapshot first.

Either way though - really glad you got it working.

*May work on other servers but have never tried it.
0
 

Author Comment

by:HungerMountain
ID: 37771164
Great suggestion Tony. I will keep that in mind for future issues.

A side note on the fix--

The official resolution and driver file versions.

RDPWD.SYS from 6.1.7601.1779 to 6.1.7601.2149
RDBSS.SYS from 6.1.7601.17514 to 6.1.7601.17737
0
 

Author Closing Comment

by:HungerMountain
ID: 37792618
The provides a solution to a problem that most were recommending a full system re-install. I wanted to avoid reinstalling.
0
 
LVL 6

Expert Comment

by:J Spoor
ID: 41767033
Just had the same,
run
sfc /scannow
shutdown
power on
0

Featured Post

Integrate social media with email signatures

Is your company active on social media? Do you also use email signatures? Including social media icons in your email signature is a great way to get fans for free. Let all your email users know you’re on social media quickly and easily, in a single click.

Join & Write a Comment

If you migrate a Terminal Server licenses server inside the 2008 server family, you can takte advantage of the build-in migration tool. If you like to migrate an older 2003 Server (and the installed client CALs) to a 2008 R2 server for example, you …
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now