• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1958
  • Last Modified:

Remote Desktop Connection on Windows 7 System not available

We are using Windows 2011 Server Essentials with connections to users desktops when they log in remotely to the server.

We have done this successfully on several machines for standard users so I am sure it is probably some issue with this one Windows 7 system's configuration.

From the Advanced System Settings in the Windows Control Panel I can pull up the System Properties and see that the selection is made for "Allow connections only from computers running Remote Desktop with Network Level Authentication (more secure).

When I select users I see I see just two of my users and one has a ? by the head of the user. The other does not but neither works.

When I log remotely into the server the computer in question is not available. When I try to connect any way it looks like it is going to connect and even asks me to log in but then gives me an error " An authentication error has occurred. The Local Security Authority cannot be contacted.  Remote computer: OfficeDirector"

This same user can connect to other systems just fine but no one can connect to "OfficeDirector".

1 Solution
There are a few ways to look at this.
1. First, verify there are no local firewall issues by deactivating the firewall on the PC.

2. Next, verify that there are no Group Policies in place that are deactivating RDP for this computer, check any Local GPOs, AD GPOs, Container GPOs or Site GPOs.

3. Verify there are no policy restrictions either with Antivirus or your hardware Router. Check to see that if the troubled PC is using the default port of 3389 by looking at the registry entry: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\PortNumber

4. Lastly,check to see if the Computer account for "Officedirector" has become corrupted or Kerberos Authentication is having errors. Does the PC in question have any incorrect time? If it does, set the time to match the server. If that doesn't work try resetting the computer account in Active Directory. If it still gives you and issue, remove the computer w/ trouble from the domain, delete it from AD if it still exists, and then re-add it back to the domain with an account with privilages. Then open a CMD prompt and type- gpupdate /force
Alpha4043Author Commented:
jason_0573   Nothing on 1,2 or 3.  Item 4 the second part seemed to do something different.

As administrator you can remotely see and connect to the "Officedirector" but no one else can. I double check and the other users are shown on the RD on the "Officedirector" system.

Strangely enough I can not connect over the local network to "Officedirector" with admin or anyone.

I was thinking about moving off the domain, changing the computer name and reconnecting to the domain. If there is a easier solution please let me know.
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

David Johnson, CD, MVPOwnerCommented:
confirm version of Windows 7 is not Home Premium must be pro/enterprise/ultimate
Alpha4043Author Commented:
yes  I know it is Windows 7 Ultimate
Removing it from the domain should help in this situation. Just be sure that before you do, know the local admin account used to login locally. Test it first to make sure you can login to the local PC with admin rights. Then remove it from the domain, delete in AD and re-add it using a domain account with admin privileges.
Alpha4043Author Commented:
My plan to I to moving off the domain, changing the computer name and reconnecting to the domain. Worked very well and I had forgotten to close this out.  Jason your comments got me thinking in the right direction so thank you for you information.
Alpha4043Author Commented:
Good comments.

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now