Category Archives: RDP

RDP Connection Error of “The requested security package does not exist” – KB10392003

KB10392003

Description: RDP Connection Error of “The requested security package does not exist”

Common customer description: I can’t log into the server via RDP.

Probing questions:

Do you receive any error messages?
Were you able to before?
When did this stop working?

Steps to isolate: Verify the error message above.

Steps to resolve:

1. Go to Start, run “regedit”
2. Go to HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolLSA
3. Open (double-click) the Security Packages key
4. Make sure the following values are inside (order matters)
kerberos
msv1_0
schannel
wdigest
tspkg
pku2u
5. Reboot the computer

Additional considerations: The last two values are generally missing, “tspkg and pku2u”

 

Common Command Line Commands – KB1039998

KB1039998

Common Command Line Commands
* Any of these commands can also use the switch /? for help inside Command Line. *
** Not all of these commands need to be run in an Administrator Command Line, but it is suggested to always run CMD as Admin. **
*** There may be additional switches for these commands. These are just the most commonly used switches. ***
Start Command Prompt – Start -> in search field, type “cmd” without quotes -> right click and click Run as Administrator

1. Ping – Sends a request packet to the target host and waits for a response. It will then display the response in the Command Line window. Usage:

  • ping IpAddress
  • ping ComputerName.DomainName.Local – Does not always need to have .DomainName.Local. If there are issues with pinging via ComputerName, try the Fully Qualified Domain Name.
  • ping ComputerNameOrIpAddress -t – Sends a continuous ping to the device until you cancel it with CTRL+C.
  • ping ComputerNameOrIpAddress -4 – If pings are coming back using IPv6, use the -4 switch to only get IPv4 addresses back.

2. IP Config – Gathers IP information of the device running the command. Common switches are:

  • ipconfig – Displays IP address, subnet mask, and default gateway for each adapter.
  • ipconfig /all – Displays the full TCP/IP configuration for all adapters.
  • ipconfig /flushdns – Clears the DNS resolver cache.
  • ipconfig /registerdns – Initiates manual registration for DNS names.
  • ipconfig /release – Messages the DHCP server to release the IP address configuration. Check with Tier 2 before using this command. You will lose all communication to the computer this is run on.
  • ipconfig /renew – Messages the DHCP to renew IP address configuration.

3. System File Checker – Scans for corruptions in system files and restores corrupted or missing files. Usage:

  • sfc /scannow

4. QWinsta – Displays information about Terminal Sessions. Look for the username of the account that you need to log off and keep in mind the ID of the user. Usage:

  • qwinsta -server ServerNameOrIpAddress

5. RWinsta – Sends commands to the remote session. Use the ID number in order to log off the user that the ID number belongs to. Usage:

  • rwinsta -server ComputerNameOrIpAddress IdNumber

6. NSLookup – Tests and troubleshoots DNS servers. Usage:

  • nslookup – Displays information about the Default DNS server.
  • set type=mx – After you use nslookup, you can specify which records you are looking for. After you set the type, enter the domain name.

7. Telnet – Text oriented communication using a virtual terminal connection. Usage:

  • telnet IpAddressDomainNameOrComputerName PortNumber – telnet smtp.google.com 25. This will test the connection from your computer to smtp.google.com on port 25.

8. System Info – Displays the system’s information in Command Line. Usage:

  • systeminfo | more – You can view system uptime, Operating system, and System Manufacturer.

9. Check Disk – Creates and displays a status report for a disk. Usage:

  • chkdsk (/f /r) – Do not use parenthisis. Chkdsk by itself will display the status report. Using /f will fix errors on the disk. Using /r will locate bad sectors and recover readable data. Both switches will require the computer to be rebooted and will run before boot. This will require approval before using these switches.

10. Shutdown – Initiates a shutdown command. Usage:

  • shutdown.exe /m ComputerNameOrIpAddress /f /r /t 0 /d p:0:0 – Shuts the computer down and forces (/f) the logoff and a reboot (/r) instantly (specified by /t TimeInSeconds) while sending a report to the system (/d p:0:0) saying it is a planned shutdown. You only need to specify /m ComputerNameOrIpAddress if you are attempting to shut down a remote computer.

11. Net Stat – Displays incoming and outgoing connections. Usage:

  • netstat -an – The -a switch displays all active connections and ports on which the computer is listening. The -n switch displays active connections.
  • netstat -an | find “PortNumber” – Finds all connections that are using the specified port.

12. NBT Stat – Helps troubleshoot NetBIOS name resolution problems. Usage:

  • nbtstat -an IpAddress – Useful tool if you know the IP address of a computer but not the name. This will  return the name and MAC address of the device.

13. Change Directory – Changes the directory of the Command Line to wherever you specify. Usage:

  • DriveLetter: – If you need to change the Command Line to a different drive, use this command.    Example:      c:     will change it to the C: drive.
  • cd c:usersUserName – Changes the Command Line to c:usersUserName.

14. Trace Route – Displays the route information and transit delays to a specific address. Usage:

  • tracert DomainNameOrIpAddress – You will see a list of hops that it takes to get to the destination. If anything fails, you will see where in the route it is failing.

15. Task List – Displays all processes the computer is currently running. Usage:

  • tasklist – Displays process name, process ID, session name, session number, and memory usage. You will only need to look at the process name (Image Name) and process ID (PID).

16. Task Kill – Kills whichever task you specify. Usage:

  • taskkill /switch – /PID PID specifies which process ID you want to kill. /IM ImageName specificies which image name you want to kill. Examples:
    taskkill /pid 2000
    taskkill /im chrome.exe

17. W32TM – Diagnose, view, and change Windows Time information.

  • w32tm /config /update – Updates current time configuration if there were any changes made.
  • w32tm /resync – Resynchronizes computer’s time as soon as possible.
  • To change Windows Time Server, on PDC, run w32tm /config /syncfromflags:manual /manualpeerlist:0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org,3.pool.ntp.org. You will then need to run w32tm /config /update on the PDC and any device that needs time updated, or you can reboot the machines.

18. Remote Desktop Connection – Connects your computer to a remote computer. Usage:

  • mstsc /switch – Mstsc will start remote desktop. If you add any switches, they can help with the look/layout of the connection window. /F (full screen) is the most common switch. /Console can be used if you cannot connect normally.
  • Example: mstsc /f /console

19. Net Start and Net Stop – Starts or stops services by service name. Usage:

  • netstart ServiceName – Starts service.
  • netstop ServiceName – Stops service.
  • && – Runs multiple commands as soon as possible without delay. Example: net stop explorer.exe && net start explorer.exe.

20. VSS Admin – Manages the Volume Shadow Copy Service. Usage:

  • vssadmin list writers – Lists all subscribed volume shadow copy writers on the system. This can be helpful when troubleshooting backups issues.

Logging into RDP session and it crashes forcing you to close the session KB1039618

KB1039618

Description:  Logging into RDP session and it crashes forcing you to close the session

Common customer description:

“When I open my remote desktop connection it logs in then when I see the desktop it crashes.”
“I can’t remote into the server, it starts but then crashes.”

Probing questions:

When did this start?
Has anything changed recently?
Were any updates or plugins added?
Were any printers added or removed?

Steps to isolate:

Connect to computer.
Open the RDP session and see how it crashes.
Do you have the same problem if you try another user?  If so try the steps below.

Steps to resolve:

For a simple test, edit the RDP connection and uncheck the printers box.
If you can successfully login there is a problem with the printers on the local workstation.
Go through each printer and make sure it is not corrupt or offline for any reason.
Repair or remove the printer(s) that cause the problem.
Once that is taken care of re-check the printers box in the RDP settings and it should now work.

Additional considerations:

When using an RDP connection with the printers box check marked the session allows for local printing.  If a driver has become corrupt or the printer is no longer available or valid the session cannot properly load the drivers.  This causes the session to crash shortly after reaching the desktop.

Cannot RDP into my Computer – Terminal Server KB103942

KB103942

Description:  Cannot RDP into my Computer – Terminal Server

Common customer description:

-When I try to connect to the server I get a message that says I need the “Remote Terminal Service access Right” by default, the Remote Desktop Users group has this right.

-When I try to RDP I get an error message pop up, it says that it couldn’t find the computer.

Example:

image1

Another Example:  (This is just a generic message that comes up if it’s unreachable)

image2

Probing questions: Ask the usual questions:

Was this setup before-hand?

Anyone else affected by this?

Were you able to Remote Desktop to this machine before?

How are you connecting? (Ip address//port number)

Do you know the name of the computer you are remote desktoping into?

Do you know if you are in a domain environment or workgroup?

Steps to isolate: In my opinion, the first step to isolate is to determine how they are connecting.  This way you can find out exactly what machine it is that they are connecting to.  If they are connecting via RDP with port forwarding(Example: 71.72.73.74:3389) you’ll be able to log into the firewall//router and see where that port is forwarding to and try to RDP to It from the OM, or if they are connecting with a VPN then RDP.  They will have the internal address of the computer already in there.

At this point see what kind of error message they get when they try to connect.  If you get the Terminal services error go to the Remote Terminal service issue section below and same thing with the other issue.

Steps to resolve: There are two possible fixes for this particular problem:

Remote Terminal Service access Right issue:

This issue is incredibly easy to fix.  The problem is that the user that is trying to log into the computer//server doesn’t have the user right to log into the computer.  By default the “Remote Desktop Users Group” does indeed have this right.  This means that the LOCAL REMOTE DESKTOP USERS GROUP has this right, NOT THE DOMAIN REMOTE DESKTOP USERS GROUP.  This is very important to understand.  To fix this log into the offending computer and make sure that the user is added to the remote desktop users group by following these steps:

1) Click Start then right click on computer and go to manage. (On a server you will need to go into Administrative Tools//Computer Management)

image3

2) Once in this section break down Local users and computers. At this point go to Groups and find the Remote Desktop Users Group, and see if there are part of this group and add them if they are not, which should resolve the issue.  If it doesn’t resolve the problem proceed to the next step.

image4

3) If at this point they cannot connect, you need to look at Group Policy on the LOCAL COMPUTER//SERVER. To do this, run the command MSC from the run line.  Once open follow the diagram to the correct path:  (Path is:  Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Allow Logon through Remote Desktop Services.  It might be labeled as Terminal Services)

image5

4) At this point, just open up the Policy and make sure that the LOCAL REMOTE DESKTOP USERS GROUP is added, you can also add domain groups here as well if needed. For example DomainRemote Desktop Users.  After this is done, perform a GPUPDATE /FORCE and this should resolve the issue.

Remote Desktop Pop-up Error:  This error can come up for a number of different reasons.  The top causes for this, possible causes could be:

  • Incorrect IP address – (should’ve been ruled out during the isolation stage)
  • Correct IP address but incorrect port specified or not specified– (should’ve been ruled out during the isolation stage)
  • Computer isn’t configured for remote desktop– (should’ve been ruled out during the isolation stage)
  • Remote desktop listening ports are not open through the windows firewall on the remote computer
  • Computer could not be properly connected to the network(This could be the case on either side)
  • Computer is shut off, sleeping or hibernating

As you can see, there are a number of possibilities for this particular error to come up.  If you properly isolated the issue, you should be able to take off three of the possibilities, so they will not be covered in this section.

Port Number:  To find out the listening port of Remote Desktop, you will need to go into the Registry, Follow these steps:

  • From the run line type regedit
  • The path you need to go is located at KHLMSYSTEMCurrentControlSetControlTerminal ServerWInStationsPortNumber
  • This key specifies what the port number is for RDP and is what needs to be specified in remote desktop to be able to connect.
  • This port number needs to be opened in the windows firewall. So open up Windows Firewall Advanced Settings, and make both inbound and outbound rules for this port number.  This will allow this port to be used for RDP.

Not connected properly to the network:  Need to Verify that the computer is connected to the network.  Ethernet cable, connected to the switch, switch is on, etc and vice-versa on the Connector’s end.  Typical No internet troubleshooting at this point to rule this possibility out.

Computer is shut off, sleeping or hibernating:  This is a simple issue, To fix this you will need to have someone at the remote location to get the computer back up and running(Wake it up) and get connected to it.  At this point you will need to go into Control Panel and go into power options to turn off sleep//hibernate settings for the computer.

Additional considerations: If the user still cannot connect to the computer at this point, the problem might be related to the VPN or port forwarding.  Consult Tier 2 at this point.