RDP to Terminal Server

Guys,

I have a weird issue. 2 Days ago I started deploying new Domain Controllers on 2012R2 in my 2008R2 environment. I do have 3 2008R2 DCs and now 2 more 2012R2 DCs. All went perfect, Forest and Domain was prepped and upgraded to a new schema. DCs Replicating just fine. All of a sudden some users cannot connect to one of the Terminal Servers. Some still can, others just getting Can't connect message. Remote is enabled on the server, can't connect to name (access10 or access10.domain.com) or IP. Sometimes the connection establishing just fine and server is connected to the Internet, you can ping it. Other TS Servers work just fine, no errors in the event viewer. I found something about SID S-1-18-1 and SID S-1-18-2 but not sure if this having anything to do with my case. Not sure what to check next. I even tried to re-join the TS Server to the domain - no luck. Please advise if you have any idea how to troubleshoot it. I don't see any other reason other than promoting new DCs as it was no other changes.

Server can be pinged, its name resolves from nslookup, I can connect to the server through VMware console - can't see any issues.
Armen MinasyanDirector of ITAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

K BCommented:
make sure firewall services are not disabled in services.msc
turn off firewall but START > RUN type firewall.cpl
click turn windows firewall on or off
turn off all.

can ALL users telnet to IPaddress 3389
example:
Telnet 192.168.10.20 3389
0
Armen MinasyanDirector of ITAuthor Commented:
Firewall is turned off on the server.

C:\Users\avm>telnet 10.1.1.179 3389
Connecting To 10.1.1.179...Could not open connection to the host, on port 3389:
Connect failed

P.S. Tried telneting a couple of times more... sometimes connecting but failing more than establishing the connectionn
0
Armen MinasyanDirector of ITAuthor Commented:
Telnet connecting one out of 10 maybe
0
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

K BCommented:
firewall is not disabled in services.. good.

Hmm,did you create new sites in sites in services or change IPs?
what IPs can you telnet from and too?
0
Armen MinasyanDirector of ITAuthor Commented:
Can telnet any others except this particular server. No new sites, no IP changes.
0
K BCommented:
so summarize again please

we have 1 server nobody can telnet to?
and?
0
Armen MinasyanDirector of ITAuthor Commented:
One server only, some users can connect and others don't, but it is sporadic... For example, from my PC - sometimes I can connect, but mostly it can't. So, when I did what you suggested - telnet 3389 from my PC - it will establish telnet in 1 out of 10 cases...
0
Armen MinasyanDirector of ITAuthor Commented:
Capture.PNG
0
K BCommented:
have you rebooted?
what else is installed?
VMware e1000 nic?
only one nic?
default gateway is correct?
have you rebooted it?
are there two people connected to it now?
fully patched server?
post screenshot of error when trying to connect with MSTSC
0
Armen MinasyanDirector of ITAuthor Commented:
Capture.PNGCapture1.PNG
0
Armen MinasyanDirector of ITAuthor Commented:
have you rebooted? - yes
what else is installed?
VMware e1000 nic? - correct
only one nic? - only one
default gateway is correct? - yes
are there two people connected to it now? - yes
fully patched server? - yes
post screenshot of error when trying to connect with MSTSC

Capture.PNG
0
Armen MinasyanDirector of ITAuthor Commented:
And again - when I click connect - sometimes it connect and sometimes above message comes up. Same with telnet
0
K BCommented:
heard @ irregularly connecting/telnet
what else is installed?
swap nic for VMXNET3
AV installed?
How many guests on this host?
check physical connection on host?
Wireshark
0
K BCommented:
2015-04-21-2123.png
0
Armen MinasyanDirector of ITAuthor Commented:
heard @ irregularly connecting/telnet
what else is installed? - Office, Acrobat Pro, our Client Software to connect to DB
swap nic for VMXNET3 - will do
AV installed? - Yes, Symantec, disabled now
How many guests on this host? - up to 30, now 5
check physical connection on host? - vMotioned to another Host - same issue
Wireshark - will check that now too

The only Listening PID is Terminal Services
0
K BCommented:
this one is odd!
okay will wait to hear back on the other stuff

uncheck this

2015-04-21-2137.png
set lowest encryption
2015-04-21-2138.png
0
K BCommented:
this just seems network related.. with the random connectivity.
you added servers thats the only thing ...so they were dc's

check your vswitches too.
do we have an ip conflict
are there routes somewhere statically set?
can you run constant ping and not one drops ping 10.1.1.33 -t   ?
0
Armen MinasyanDirector of ITAuthor Commented:
Restored the Server from backup... works now... still have no idea what went wrong.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
K BCommented:
Glad it's working!
0
Seth SimmonsSr. Systems AdministratorCommented:
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.