Remote Desktop not working from Remote Workplace

Make sure the port forwarding is set correctly on your router and that your Sharepoint configuration is working correctly as well. You may also have to involve your ISP or web developers to point the remote access URL to the correct IP.

This is the built in Remote Workplace site so its already pre-configured. DNS is working fine and can resolve the FQDN.
Port forwarding is still enabled from the Cisco.

Everything else works on the site except this one function. And it doesn't work internally either.

This log might also be relvant. DCOM errors from System

Log Name:      System
Source:        Microsoft-Windows-DistributedCOM
Date:          27/08/2012 10:14:22 AM
Event ID:      10016
Task Category: None
Level:         Error
Keywords:      Classic
User:          NETWORK SERVICE
Computer:      <Server Name>
Description:
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{61738644-F196-11D0-9953-00C04FD919C1}
 and APPID
{61738644-F196-11D0-9953-00C04FD919C1}
 to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-DistributedCOM" Guid="{1B562E86-B7AA-4131-BADC-B6F3A001407E}" EventSourceName="DCOM" />
    <EventID Qualifiers="49152">10016</EventID>
    <Version>0</Version>
    <Level>2</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2012-08-27T14:14:22.000000000Z" />
    <EventRecordID>258627</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer><Server Name></Computer>
    <Security UserID="S-1-5-20" />
  </System>
  <EventData>
    <Data Name="param1">application-specific</Data>
    <Data Name="param2">Local</Data>
    <Data Name="param3">Activation</Data>
    <Data Name="param4">{61738644-F196-11D0-9953-00C04FD919C1}</Data>
    <Data Name="param5">{61738644-F196-11D0-9953-00C04FD919C1}</Data>
    <Data Name="param6">NT AUTHORITY</Data>
    <Data Name="param7">NETWORK SERVICE</Data>
    <Data Name="param8">S-1-5-20</Data>
    <Data Name="param9">LocalHost (Using LRPC)</Data>
  </EventData>
</Event>

This shows up in RemoteAccess.log


[17216] 120827.105655.2022: Storage: Exception System.UnauthorizedAccessException:

[17216] 120827.105655.2022: Exception:
---------------------------------------
An exception of type 'Type: System.UnauthorizedAccessException, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' has occurred.
Timestamp: 08/27/2012 10:56:55
Message: Retrieving the COM class factory for component with CLSID {90DCAB7F-347C-4BFC-B543-540326305FBE} failed due to the following error: 80070005 Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)).
Stack:    at Microsoft.WindowsServerSolutions.Storage.Common.SBSSharedFoldersInfo.GetSharedFoldersInternal()

Sorry for the delay in responding.

You may need to add more roles / features if your installation was done using the wizard. Try adding the entire list of features for IIS to see if something there is missing.

Is there a group policy for the users for this feature? Are you sure everything that is necessary has been enabled?

You can try running the built-in diagnostics and tools for Exchange, SharePoint and SQL as well as the Best Practices Analyzer tools. Several links follow...

Also see http://technet.microsoft.com/en-us/library/dd759260.aspx for information.

Update for Best Practices Analyzer for Network Policy and Access Services for Windows Server 2008 R2 x64 Edition (NPAS) (KB977239)
http://www.microsoft.com/en-us/download/details.aspx?id=3345

Update for Best Practices Analyzer for DHCP Server
http://www.microsoft.com/en-us/download/details.aspx?id=7385

Update for Best Practices Analyzer for HYPER-V
http://www.microsoft.com/en-us/download/details.aspx?id=25229

Update for Best Practices Analyzer for Application Server
http://www.microsoft.com/en-us/download/details.aspx?id=3941

Update for Best Practices Analyzer for Windows Server Update Services
http://www.microsoft.com/en-us/download/details.aspx?id=9054

Update for Best Practices Analyzer for Active Directory Rights Management Services
http://www.microsoft.com/en-us/download/details.aspx?id=1460

Rules Update for Remote Desktop Services Best Practice Analyzer
http://www.microsoft.com/en-us/download/details.aspx?id=9978

Update for Best Practices Analyzer for File Services
http://www.microsoft.com/en-us/download/details.aspx?id=4077

Microsoft DNS (Domain Name System) Model for Microsoft Baseline Configuration Analyzer 2.0
http://www.microsoft.com/en-us/download/details.aspx?id=5468

http://www.msigeek.com/6591/download-best-practices-analyzers-exchange-unified-communications

http://www.msigeek.com/6594/download-best-practices-analyzers-forefront-isa-and-security

http://www.msigeek.com/6599/download-guides-sbs-mobile-device-manager-commerce-server-biztalk

In IIS everything is checked, except for FTP. I'll see if there is a BPA for the RWW but I don't think so.
This was working up until recently. Just not sure what has changed.

Any recent Windows updates you can roll back?

Last updates were done about a month ago.

No new software or updated drivers or network equipment or firmware updates either?

Nope.
And everything else works fine in RWW, except connecting through RDP.

It shows in the log:
(C:\Program Files\Windows Small Business Server\Logs\WebApp\RemoteAccess.log)


[27028] 120828.095823.6515: RemoteDesktop: action: downloadRDPFile
[27028] 120828.095823.6535: RemoteAccess: [SQM] Recording SQM data for non-IE browser numbers
[27028] 120828.095823.6565: RemoteAccess: [RemoteDesktop] Populating the computer list for Remote Desktop
[27028] 120828.095823.6575: ClientSetup: Initialize ([neoloreadmin], [], [], [], *
[27028] 120828.095823.8386: RemoteAccess: [SQM] Recording SQM data for RDP to computer attempt
[27028] 120828.095823.8686: RemoteAccess: [SQM] Recording SQM data for RDP options
[27028] 120828.095823.8716: CoreNet: Leaf Cert Thumbprint is: 88BADCD967AAF1DE270D76DFE0DE231FAF81D4D6
[27028] 120828.095823.8736: CoreNet: ThumbPrint: 88BADCD967AAF1DE270D76DFE0DE231FAF81D4D6
[27028] 120828.095823.8736: CoreNet: Calling FindCert()
[27028] 120828.095823.8776: CoreNet: ThumbPrint: 88BADCD967AAF1DE270D76DFE0DE231FAF81D4D6
[27028] 120828.095823.8786: CoreNet: Look for cert in My
[27028] 120828.095823.8786: CoreNet: Opening Store
[27028] 120828.095823.8796: CoreNet: Finding cert
[27028] 120828.095823.8796: CoreNet: certcoll.Count: 1
[27028] 120828.095823.8796: CoreNet: Closing Store
[27028] 120828.095823.8796: CoreNet: Getting Hash
[27028] 120828.095823.8816: RemoteDesktop: Writing unsigned RDP file G:\Temp\tmpBCFA.tmp
[27028] 120828.095823.8856: RemoteDesktop: Signing RDP file G:\Temp\tmpBCFA.tmp
[27028] 120828.095824.0247: RemoteAccess: Operation exit with code 0
[27028] 120828.095824.0247: RemoteAccess: Output: All rdp file(s) have been succesfully signed.

[27028] 120828.095824.0247: RemoteDesktop: Reading signed RDP file G:\Temp\tmpBCFA.tmp



But it still times out.

Is there any kind of rights or permission problems on g://temp? Can you create / access / edit a text file from there?

Make that, g:\temp

No access problems or rights issues on g:\temp. I can create files with the same account.

I am running out of things to have you try. Some stuff is just in the realm of Microsoft paid support, but feel free to post the question again and include a llink to this thread so you don't have to repost everything. Sorry! Others are often reluctant to answer in the middle of a thread this long. I will ignore the folliwup question.

Seems like the Best Practices Analyzer should have picked up on that if it had been run as suggested in http://#a38339158.

no reason except that its the answer.