?
Solved

Terminal Server only allowing connection to Console Session - no one else can log on!

Posted on 2013-01-25
5
Medium Priority
?
1,036 Views
Last Modified: 2013-01-26
Hi,

Suddenly I got a call today that users were no longer able to log onto one of our Terminal Servers (W2K3). In addition, there were a few users who had previously logged on earlier in the day but if these users logged off they were also NOT able to log back on.) At first I was pretty sure this was a firewall issue (which it might have been in the beginning), but now I am seeing the following:

Although I am able to access the console session on this machine remotely (using the "admin" switch"), NO OTHER USERS (not even my Domain Admin account) are able to log onto this terminal server. Any attempt to RDP to this machine (other than session "0") by anyone produces the Logon Message below (we've all seen this one before):

"To log onto this remote computer, you must have Terminal Server Access permissions on this computer" ...... If you are not a member of the Remote Desktop User group.... "  Etc.

I've checked the local Remote Desktop Users group and nothing there has changed from when it was working previously.

I've also checked the following:

*Terminal Services Configuration\Connections -- RDP-Tcp properties ¦ Permissions Tab: --> I added both a local and domain user explicitly and enabled full control but it still does not work

*Checked the Local Security Settings ¦ Allow log on through Terminal Services --> The Remote Desktop Users group is present and the proper domain and local user(s) group(s) have been added but still no dice

*I've checked the domain GPOs and none of these should be blocking user access (like I said, nothing was changed, the problem "just started happening".  Very bizarre.)

I'm not sure where else to look.

Any ideas?
0
Comment
Question by:cfsa
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 2

Expert Comment

by:browningit
ID: 38819826
Sounds to me like the you need to restart the Terminal Services, or just reboot your Terminal server altogether as a first step.  I'll spend a little more time in assisting after you give that a whirl and post the results.  If you need to figure out a way to do this without restarting the server (and thus losing user data) please let me know.

Cheers,
0
 

Author Comment

by:cfsa
ID: 38819844
Sorry, I should have mentioned that I rebooted the server - twice.  No change.
0
 
LVL 2

Assisted Solution

by:browningit
browningit earned 1500 total points
ID: 38819916
Check out the comments on this person's solution, as well as the other posters.

http://www.techrepublic.com/forum/questions/101-210295/terminal-server-user-access-problem-windows-2003

I would start with a network cable disconnect, and then move to this thread which is linked in the above post:

http://blogs.msdn.com/ts/archive/2006/11/29/remote-desktop-connection-terminal-services-client-6-0-for-windows-xp-and-windows-server-2003-english-only-released.aspx

Let me know how that works out!
0
 
LVL 2

Accepted Solution

by:
browningit earned 1500 total points
ID: 38819953
I also found this:

Run Add/Remove Programs (run "appwiz.cpl")
Click Add/Remove Windows Components (Alt-W)
Uncheck Terminal Server
Press Next>.
Follow instructions, including rebooting.
Open System control panel applet (run "sysdm.cpl")
Click Remote tab.
Check Enable Remote Desktop on this computer. (because removing Terminal Server disables this)
Click Select Remote Users...
Make sure administrators is in the list.
Click OK.
Click OK. for the next dialog.
Wait a few minutes for things to get up and running and you're no ready for remote administration again.

Cheers,
0
 

Author Closing Comment

by:cfsa
ID: 38821924
I appreciate all of the helpful comments. In the end, we discovered that the firewall lost one of its rules (don't ask me how) and was filtering traffic to the Licensing Server. After re-establishing communications with it, a reboot of the Terminal Server solved our problems.<br /><br />Thanks to everyone. -j
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Learn about cloud computing and its benefits for small business owners.
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
In response to a need for security and privacy, and to continue fostering an environment members can turn to for support, solutions, and education, Experts Exchange has created anonymous question capabilities. This new feature is available to our Pr…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question