Tag Archives: RDP

RDP Connection Error of “The requested security package does not exist” – KB10392003

KB10392003

Description: RDP Connection Error of “The requested security package does not exist”

Common customer description: I can’t log into the server via RDP.

Probing questions:

Do you receive any error messages?
Were you able to before?
When did this stop working?

Steps to isolate: Verify the error message above.

Steps to resolve:

1. Go to Start, run “regedit”
2. Go to HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrolLSA
3. Open (double-click) the Security Packages key
4. Make sure the following values are inside (order matters)
kerberos
msv1_0
schannel
wdigest
tspkg
pku2u
5. Reboot the computer

Additional considerations: The last two values are generally missing, “tspkg and pku2u”

 

Remotely enable Remote Desktop in Windows 7 – KB10392025

KB10392025

  1. Open ports in the Windows firewall
  2. Start the Remote Registry service
  3. Change a registry setting to enable Remote Desktop
  4. Start the Remote Desktop service

For this guide I assume you are on the same LAN as the remote computer you want to access (you may already have RDP’ed into a server on that LAN), and you are logged in as a Windows user with administrative privileges for the remote computer you are wishing to access.

This isn’t likely to work work if you are on the other side of an agressive firewall.

Step 1: Open ports in the Windows firewall

There is no native way to change the settings of a remote Windows firewall. However, you can use PsExec from SysInternals to disable it or change some rules.

If you download the app and drop it into your c: drive, you can run this command and get command line access for that remote box.

c:psexec remote_machine_name cmd

Once you have that command line open, you can run this command to disable the firewall:

netsh advfirewall set currentprofile state off

Alternatively you can run this command to allow only Remote Desktop while still leaving the rest of the firewall as is:

netsh advfirewall firewall set rule group=”remote desktop” new enable=Yes

Step 2: Start the Remote Registry service

Load up the Services MMC (Control Panel > Administrative Tools > Services), right click on “Services (Local)” and choose “Connect to another computer”. Enter the name of your remote machine and connect to it. You should now be able to find the “Remote Registry” service and start it.

Depending on your environment, this may already be running, but I have found it generally isn’t on fresh computers.

Step 3: Change a registry setting to enable Remote Desktop

It’s time to make use of the Remote Registry and actually enable RDP. Load upregedit and go to File > Connect Network Registry. Enter the name of your remote computer and connect to it. Navigate to HKEY_LOCAL_MACHINE > System > CurrentControlSet > Control > Terminal Server. Change the value of “fDenyTSConnections” to “0”.

Step 4: Start the Remote Desktop service

Go back to the Services MMC you used in Step 2. Find the service “Remote Desktop Services” and start it (or restart if it is already running).

Step 5: Connect

By this point you should be able to connect to a remote desktop session on your remote computer. Remember that only administrative users can connect to an out-of-the-box Remote Desktop setup. If you have got this far and still can’t connect, it is worth checking your firewall rules to ensure nothing is being blocked.

Setup local printer to use through Remote Desktop Connection (RDP) – KB1039900

KB1039900

Description:  Print to local computer through remote desktop session.

Common customer description: I can’t print to my local printer from my Remote Desktop.

Probing questions:

Were you able to print and now it no longer works?
Has anything changed recently?
Did you get a new printer?

Steps to isolate: Make sure the local computer can print to the local printer.

Steps to resolve:

To make a local printer available in a Remote Desktop session:

  1. Click Start, point to All Programs, point to Accessories, point to Communications, and then click Remote Desktop Connection.
  2. Click Options in the Remote Desktop Connection dialog box.
  3. Click the Local Resources tab.
  4. Click Printers in the Local Devices box.
  5. Click Connect.

Additional considerations:

There are some limitations to this feature.  The printer in question must be capable of having its drivers installed remotely.  A lot of store bought “office” printers that are on the low cost scale cannot do this.

Example: HP LaserJet Pro P1102W is a sub $100 printer.  This printer will not install drivers remotely.  The drivers, while installing, will ask to have the printer connected to the computer you are installing the drivers on.  If you are remotely connected to another computer that does not have a physical connection with the printer the drivers will not install.

Sometimes there is a work around to this problem.  If the client is willing to have the printer taken to the remote desktop location, and install the drivers while the printer can obtain a physical connection, some of the lower priced printers will work via RDP connections.  But not all will.

Good way to make sure is, can the drivers be installed remotely and/or is the printer above $400 in price?  If you answer no to either or both it probably cannot perform printing through RDP.

Logging into RDP session and it crashes forcing you to close the session KB1039618

KB1039618

Description:  Logging into RDP session and it crashes forcing you to close the session

Common customer description:

“When I open my remote desktop connection it logs in then when I see the desktop it crashes.”
“I can’t remote into the server, it starts but then crashes.”

Probing questions:

When did this start?
Has anything changed recently?
Were any updates or plugins added?
Were any printers added or removed?

Steps to isolate:

Connect to computer.
Open the RDP session and see how it crashes.
Do you have the same problem if you try another user?  If so try the steps below.

Steps to resolve:

For a simple test, edit the RDP connection and uncheck the printers box.
If you can successfully login there is a problem with the printers on the local workstation.
Go through each printer and make sure it is not corrupt or offline for any reason.
Repair or remove the printer(s) that cause the problem.
Once that is taken care of re-check the printers box in the RDP settings and it should now work.

Additional considerations:

When using an RDP connection with the printers box check marked the session allows for local printing.  If a driver has become corrupt or the printer is no longer available or valid the session cannot properly load the drivers.  This causes the session to crash shortly after reaching the desktop.

Cannot RDP into my Computer – Terminal Server KB103942

KB103942

Description:  Cannot RDP into my Computer – Terminal Server

Common customer description:

-When I try to connect to the server I get a message that says I need the “Remote Terminal Service access Right” by default, the Remote Desktop Users group has this right.

-When I try to RDP I get an error message pop up, it says that it couldn’t find the computer.

Example:

image1

Another Example:  (This is just a generic message that comes up if it’s unreachable)

image2

Probing questions: Ask the usual questions:

Was this setup before-hand?

Anyone else affected by this?

Were you able to Remote Desktop to this machine before?

How are you connecting? (Ip address//port number)

Do you know the name of the computer you are remote desktoping into?

Do you know if you are in a domain environment or workgroup?

Steps to isolate: In my opinion, the first step to isolate is to determine how they are connecting.  This way you can find out exactly what machine it is that they are connecting to.  If they are connecting via RDP with port forwarding(Example: 71.72.73.74:3389) you’ll be able to log into the firewall//router and see where that port is forwarding to and try to RDP to It from the OM, or if they are connecting with a VPN then RDP.  They will have the internal address of the computer already in there.

At this point see what kind of error message they get when they try to connect.  If you get the Terminal services error go to the Remote Terminal service issue section below and same thing with the other issue.

Steps to resolve: There are two possible fixes for this particular problem:

Remote Terminal Service access Right issue:

This issue is incredibly easy to fix.  The problem is that the user that is trying to log into the computer//server doesn’t have the user right to log into the computer.  By default the “Remote Desktop Users Group” does indeed have this right.  This means that the LOCAL REMOTE DESKTOP USERS GROUP has this right, NOT THE DOMAIN REMOTE DESKTOP USERS GROUP.  This is very important to understand.  To fix this log into the offending computer and make sure that the user is added to the remote desktop users group by following these steps:

1) Click Start then right click on computer and go to manage. (On a server you will need to go into Administrative Tools//Computer Management)

image3

2) Once in this section break down Local users and computers. At this point go to Groups and find the Remote Desktop Users Group, and see if there are part of this group and add them if they are not, which should resolve the issue.  If it doesn’t resolve the problem proceed to the next step.

image4

3) If at this point they cannot connect, you need to look at Group Policy on the LOCAL COMPUTER//SERVER. To do this, run the command MSC from the run line.  Once open follow the diagram to the correct path:  (Path is:  Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Allow Logon through Remote Desktop Services.  It might be labeled as Terminal Services)

image5

4) At this point, just open up the Policy and make sure that the LOCAL REMOTE DESKTOP USERS GROUP is added, you can also add domain groups here as well if needed. For example DomainRemote Desktop Users.  After this is done, perform a GPUPDATE /FORCE and this should resolve the issue.

Remote Desktop Pop-up Error:  This error can come up for a number of different reasons.  The top causes for this, possible causes could be:

  • Incorrect IP address – (should’ve been ruled out during the isolation stage)
  • Correct IP address but incorrect port specified or not specified– (should’ve been ruled out during the isolation stage)
  • Computer isn’t configured for remote desktop– (should’ve been ruled out during the isolation stage)
  • Remote desktop listening ports are not open through the windows firewall on the remote computer
  • Computer could not be properly connected to the network(This could be the case on either side)
  • Computer is shut off, sleeping or hibernating

As you can see, there are a number of possibilities for this particular error to come up.  If you properly isolated the issue, you should be able to take off three of the possibilities, so they will not be covered in this section.

Port Number:  To find out the listening port of Remote Desktop, you will need to go into the Registry, Follow these steps:

  • From the run line type regedit
  • The path you need to go is located at KHLMSYSTEMCurrentControlSetControlTerminal ServerWInStationsPortNumber
  • This key specifies what the port number is for RDP and is what needs to be specified in remote desktop to be able to connect.
  • This port number needs to be opened in the windows firewall. So open up Windows Firewall Advanced Settings, and make both inbound and outbound rules for this port number.  This will allow this port to be used for RDP.

Not connected properly to the network:  Need to Verify that the computer is connected to the network.  Ethernet cable, connected to the switch, switch is on, etc and vice-versa on the Connector’s end.  Typical No internet troubleshooting at this point to rule this possibility out.

Computer is shut off, sleeping or hibernating:  This is a simple issue, To fix this you will need to have someone at the remote location to get the computer back up and running(Wake it up) and get connected to it.  At this point you will need to go into Control Panel and go into power options to turn off sleep//hibernate settings for the computer.

Additional considerations: If the user still cannot connect to the computer at this point, the problem might be related to the VPN or port forwarding.  Consult Tier 2 at this point.