Joe Spradlin
asked on
Windows 10 Update from 1809 to 1903 Remote Desktop Fails
I have manually updated a few Dell OptiPlex workstations using the Microsoft update tool to upgrade from 1809 to 1903. Everything was working fine prior and everything except Remote Desktop Connection is still working fine. The boxes that I upgraded I can access via SCCM remote services, but I can't remote desktop from my box to one that I performed the update to. I haven't changed the group policy or anything like that and have check all the "basic" requirements for remote desktop. Any ideas on what my issue could be?
Make sure the network is still PRIVATE (Not Public).
Verify whether they listen on port 3388 using this command at the machine that you are trying to reach on an elevated command prompt:
Netstat | findstr 3389
Then if that command shows 3389 as listening, verify from remote if that port can be reached using:Telnet targetname 3389
(Command shell would go black if the port is reachable). Telnet might need to be installed, first. Add windows feature -> telnet client
ASKER
I am not quite sure what you mean. All the boxes are on an active directory domain and we didn't change the group policy or network connections. It still has full access to what it should on the domain and everything is working as normal except that I can't remote desktop to it fro my other workstations. I can remote desktop to the ones I haven't updated yet fine.
If it is joined to the domain, then it should show DOMAIN (Not private or Public) in the network profile.
In the Registry you can verify:
HKEY_LOCAL_MACHINE\SOFTWAR E\Microsof t\Windows NT\CurrentVersion\NetworkL ist\Profil es\
Open the network profile that you have to verify, and look at the "Category" value:
0 = public
1 = private
2 = domain
In the Registry you can verify:
HKEY_LOCAL_MACHINE\SOFTWAR
Open the network profile that you have to verify, and look at the "Category" value:
0 = public
1 = private
2 = domain
ASKER
When I run the command it doesn't return anything. If I try to telnet using those ports it says connection refused.
ASKER
Jason Johanknecht, It shows Domain as the default profile.
So you found out that the problem is at the target already.
See if the service "remote desktop services" is running.
See if the service "remote desktop services" is running.
What AV solution are you running on workstations? Any problems showing with a local firewall?
Are you connecting RDP via IP address or name?
Are you connecting RDP via IP address or name?
If the port is not listening, the firewall is not the reason, but the service.
ASKER
Yes, the Remote Desktop Service is running...that's the first stuff I checked. :)
I can ping the box, but when I try and remote desktop in it just goes from Initializing to the standard blurb if it doesn't connect.
I have no issues when using SCCM Remote Control. But it should still work either way.
I can ping the box, but when I try and remote desktop in it just goes from Initializing to the standard blurb if it doesn't connect.
I have no issues when using SCCM Remote Control. But it should still work either way.
Check the registry settings for remote desktop to allow connections. Sorry, no hint as I am on the road.
Have you installed all updates for v1903 and rebooted?
Try disabling the local firewall on the host PC. Retest.
ASKER
Jason,
Yes, installed all updates and rebooted many times. Firewall is disabled.
Yes, installed all updates and rebooted many times. Firewall is disabled.
The internal firewall is Disabled? So is it off or is the service disabled? Never disable the service. Please turn it on, for a test.
Good point McKnife, by disabled... I mean turn off temporarily for 10-15 minutes.
The registry key I was talking about is HKEY_LOCAL_MACHINE > System > CurrentControlSet > Control > Terminal Server. Change the value of “fDenyTSConnections” to “0” and restart the remote desktop service.
Examine again if the netstat command shows 3389 to be open, then, using this command:
If not, make sure that you didn't configure a custom port for RDP.
Examine again if the netstat command shows 3389 to be open, then, using this command:
netstat -ano | findstr 3389
If not, make sure that you didn't configure a custom port for RDP.
Under remote properties on the remote system,
Is "Allow connections only from computers running Remote Desktop with Network Level Authentication" checked?
If so, try unchecking it
Is "Allow connections only from computers running Remote Desktop with Network Level Authentication" checked?
If so, try unchecking it
ASKER
McKinfe, I will check that out. kenfcamp, it is unchecked.
can you try adding port 3389 (assuming) to the allowed list on the firewall?
Try Network Reset (& Reboot on host PC) and then reconfigure the static IP.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for the suggestions guys.