• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1521
  • Last Modified:

Cannot RDP to Svr2008 or Win7

I have one Windows 7 computer that cannot RDP to Windows Server 2008R2 or Windows 7. Can RDP in Windows XP.

I have tried a couple of different computer with same version of OS & RDP Client and they all work. Server is already set to allow less secure connections.

I do not see any errors on the clients events. I do see the errors on the hosts events.

Log Name:      System
Source:        Schannel
Date:          12/9/2013 3:21:07 PM
Event ID:      36888
Task Category: None
Level:         Error
Keywords:      
User:          SYSTEM
Computer:      rmrf-vc.rmrf.local
Description:
The following fatal alert was generated: 20. The internal error state is 960.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Schannel" Guid="{1F678132-5938-4686-9FDC-C8FF68F15C85}" />
    <EventID>36888</EventID>
    <Version>0</Version>
    <Level>2</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8000000000000000</Keywords>
    <TimeCreated SystemTime="2013-12-09T22:21:07.117198700Z" />
    <EventRecordID>72081</EventRecordID>
    <Correlation />
    <Execution ProcessID="472" ThreadID="1964" />
    <Channel>System</Channel>
    <Computer>rmrf-vc.rmrf.local</Computer>
    <Security UserID="S-1-5-18" />
  </System>
  <EventData>
    <Data Name="AlertDesc">20</Data>
    <Data Name="ErrorState">960</Data>
  </EventData>
</Event>

Log Name:      System
Source:        TermDD
Date:          12/9/2013 3:21:07 PM
Event ID:      56
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      rmrf-vc.rmrf.local
Description:
The Terminal Server security layer detected an error in the protocol stream and has disconnected the client. Client IP: 192.7.2.73.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="TermDD" />
    <EventID Qualifiers="49162">56</EventID>
    <Level>2</Level>
    <Task>0</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2013-12-09T22:21:07.117198700Z" />
    <EventRecordID>72082</EventRecordID>
    <Channel>System</Channel>
    <Computer>rmrf-vc.rmrf.local</Computer>
    <Security />
  </System>
  <EventData>
    <Data>\Device\Termdd</Data>
    <Data>192.7.2.73</Data>
    <Binary>0000040002002C000000000038000AC00000000038000AC00000000000000000000000000000000030030980</Binary>
  </EventData>
</Event>
0
maemckay
Asked:
maemckay
  • 4
  • 2
1 Solution
 
duttcomCommented:
Sounds like network issues. Try updating/reinstalling the drivers for the NIC on the PC and setting the speed to Auto.
0
 
maemckayIS ManagerAuthor Commented:
I've updated the driver and the speed is set to auto.

I am asked for credentials and then I get the error.

This computer can't connect to the remote computer.
Try connecting again. If the problem continues, contact the owner of the remote computer or your network administrator.

I have also tried a network connection that I am able to RDP with on the machine in question and I still have the same problem.
0
 
duttcomCommented:
This article may be of some assistance -

http://www.neowin.net/forum/topic/912688-windows-7-repair-install-cannot-connect-via-remote-desktop/

To get to the point of the article, it states -

To resolve the issue, I went into the Certificates console (for the Computer Account) and deleted the computer name certificate from the Remote Desktop certificates folder (after backing the certificate up for good measure). I then disabled Remote Desktop and re-enabled it (I don't know if this step is necessary, but I tried it, thinking it might regenerate the certificate). I then tried to connect from my remote machine, and it connected just fine. It appears that the certificate re-generated on the initial connect after I deleted the certificate.

To access all of the certificates, run mmc.exe and add the certificates snap-in (note - if you access the certificate store by running certmgr.msc you can only edit the User account certificates). When you add the certificates snap-in, you get the option to access the certificates for the the Computer account as mentioned above.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
maemckayIS ManagerAuthor Commented:
I had found that as well. I removed the certificate using mmc.exe and the snap-in. Disable remote desktop through Advanced Systems Settings, by clicking "Don't allow connections to this computer". Then turn it back on.

The certificate does not get created until I restart the computer.

It did not resolve the issue for the workstation (client) with the problem.
0
 
maemckayIS ManagerAuthor Commented:
I contacted Microsoft support about the issue. It is a known issue with RDP 8.0, but they have only seen the issue with Server 2012. Not with Windows 7.

By uninstalling update KB2592687, downgrading RDP to 7.1. Will fix the issue.

When 8.1 comes out it will have a fix for the issue as well.
0
 
maemckayIS ManagerAuthor Commented:
Workaround was provided by Microsoft support.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now