Link to home
Start Free TrialLog in
Avatar of Joe Spradlin
Joe SpradlinFlag for United States of America

asked on

Windows 10 Update from 1809 to 1903 Remote Desktop Fails

I have manually updated a few Dell OptiPlex workstations using the Microsoft update tool to upgrade from 1809 to 1903.  Everything was working fine prior and everything except Remote Desktop Connection is still working fine.  The boxes that I  upgraded I can access via SCCM remote services, but I can't remote desktop from my box to one that I performed the update to.  I haven't changed the group policy or anything like that and have check all the "basic" requirements for remote desktop.  Any ideas on what my issue could be?
Avatar of Jason Johanknecht
Jason Johanknecht
Flag of United States of America image
Make sure the network is still PRIVATE (Not Public).
Avatar of McKnife
McKnife
Flag of Germany image
Verify whether they listen on port 3388 using this command at the machine that you are trying to reach on an elevated command prompt:
Netstat | findstr 3389

Open in new window

Then if that command shows 3389 as listening, verify from remote if that port can be reached using:
Telnet targetname 3389

Open in new window

(Command shell would go black if the port is reachable). Telnet might need to be installed, first. Add windows feature -> telnet client
Avatar of Joe Spradlin
Joe Spradlin
Flag of United States of America image

ASKER

I am not quite sure what you mean.  All the boxes are on an active directory domain and we didn't change the group policy or network connections.  It still has full access to what it should on the domain and everything is working as normal except that I can't remote desktop to it fro my other workstations.  I can remote desktop to the ones I haven't updated yet fine.
Avatar of Jason Johanknecht
Jason Johanknecht
Flag of United States of America image
If it is joined to the domain, then it should show DOMAIN (Not private or Public) in the network profile.  

In the Registry you can verify:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList\Profiles\

Open the network profile that you have to verify, and look at the "Category" value:

0 = public

1 = private

2 = domain
Avatar of Joe Spradlin
Joe Spradlin
Flag of United States of America image

ASKER

When I run the command it doesn't return anything.  If I try to telnet using those ports it says connection refused.
Avatar of Joe Spradlin
Joe Spradlin
Flag of United States of America image

ASKER

Jason Johanknecht, It shows Domain as the default profile.
Avatar of McKnife
McKnife
Flag of Germany image
So you found out that the problem is at the target already.

See if the service "remote desktop services" is running.
Avatar of Jason Johanknecht
Jason Johanknecht
Flag of United States of America image
What AV solution are you running on workstations?  Any problems showing with a local firewall?
Are you connecting RDP via IP address or name?
Avatar of McKnife
McKnife
Flag of Germany image
If the port is not listening, the firewall is not the reason, but the service.
Avatar of Joe Spradlin
Joe Spradlin
Flag of United States of America image

ASKER

Yes, the Remote Desktop Service is running...that's the first stuff I checked.  :)
I can ping the box, but when I try and remote desktop in it just goes from Initializing to the standard blurb if it doesn't connect.
I have no issues when using SCCM Remote Control.  But it should still work either way.
Avatar of McKnife
McKnife
Flag of Germany image
Check the registry settings for remote desktop to allow connections. Sorry, no hint as I am on the road.
Avatar of Jason Johanknecht
Jason Johanknecht
Flag of United States of America image
Have you installed all updates for v1903 and rebooted?
Avatar of Jason Johanknecht
Jason Johanknecht
Flag of United States of America image
Try disabling the local firewall on the host PC.  Retest.
Avatar of Joe Spradlin
Joe Spradlin
Flag of United States of America image

ASKER

Jason,
Yes, installed all updates and rebooted many times.  Firewall is disabled.
Avatar of McKnife
McKnife
Flag of Germany image
The internal firewall is Disabled? So is it off or is the service disabled? Never disable the service. Please turn it on, for a test.
Avatar of Jason Johanknecht
Jason Johanknecht
Flag of United States of America image
Good point McKnife, by disabled... I mean turn off temporarily for 10-15 minutes.
Avatar of McKnife
McKnife
Flag of Germany image
The registry key I was talking about is HKEY_LOCAL_MACHINE > System > CurrentControlSet > Control > Terminal Server. Change the value of “fDenyTSConnections” to “0” and restart the remote desktop service.
Examine again if the netstat command shows 3389 to be open, then, using this command:
netstat -ano | findstr 3389

Open in new window


If not, make sure that you didn't configure a custom port for RDP.
Avatar of kenfcamp
kenfcamp
Flag of United States of America image
Under remote properties on the remote system,

Is "Allow connections only from computers running Remote Desktop with Network Level Authentication" checked?

If so, try unchecking it
Avatar of Joe Spradlin
Joe Spradlin
Flag of United States of America image

ASKER

McKinfe, I will check that out.  kenfcamp, it is unchecked.
Avatar of Dan
Dan
Flag of United States of America image
can you try adding port 3389 (assuming) to the allowed list on the firewall?
Avatar of Jason Johanknecht
Jason Johanknecht
Flag of United States of America image
Try Network Reset (& Reboot on host PC) and then reconfigure the static IP.
ASKER CERTIFIED SOLUTION
Avatar of Joe Spradlin
Joe Spradlin
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Joe Spradlin
Joe Spradlin
Flag of United States of America image

ASKER

Thanks for the suggestions guys.