Archive for the ‘Remote Desktop’ Category

Anti-virus firewall is blocking remote desktop.

Friday, October 30th, 2015

Company acquisitions bring new challenges to environments. Such was the case with two servers which are used to test McAfee with the companies product. These servers were moved from a public area to a hardened site. They used to walk up and login when needed but now they could only use remote desktop. They reported the servers were down.

The McAfee fire was setup with a basic configuration and blocked ICMP and but did not block remote desktop.

Ping was enabled and on further review port 3389 needed to be enabled for TCP.

The remote session was disconnected because there are no Remote Desktop LIcense Servers

Monday, November 3rd, 2014

Remote Desktop is one of things administrators use throughout their day. It’s very useful and greatly missed when it does not work.

A user reported he had lost access to a 2012 server running remote desktop services. The server pinged and I was able to get to the hidden share.  However, when I attempted a Remote Desktop Connection; I received:

The remote session was disconnected because there are no Remote Desktop License Servers available to provide a license.  Please contact the server administrator.

Most likely the Remote Desktop Service had been running in trial mode and the grace period had expired. This server was located in another building and I was not interested in driving over.

Many people don’t know or simply forget there is a command line ability for remote desktop. You can by pass the licensing problem and get access by running the following from the Run command:

mstsc /admin

This will disable licensing for the session.  Basically; you are accessing the server through administrative mode only.

For more command line information, you can look at this.

Server 2012 changed many things.  It changed the way you manage Remote Desktop Services. Previously, you would simply go to administrative tools and bring up the services manager or session host configuration.  Now, you only get RD Licensing Diagnoser.

I ran it and a message which caught my attention was about licensing not being configuration for either Device or User.  There were also messages about license servers not getting accessed but I was interested in the configuration used during setup. The problem was where to configure this?  Especially since, Remote Desktop Session Host Configuration no longer exists.

Server 2012 is an attempt to be more virtual and cloud like so the management tools are geared for that. If you simply want a server to run Remote Desktop Service and use your license servers, you may configure the needed options through the local computer policy.  Start the editor:


Work your way through:

Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Licensing

There you will find your two needed options:

Use the specified RD license servers

Set the Remote Desktop licensing mode

Enable them and enter your license server(s) and the user or device mode.

Close out and give the server a reboot and you should have access to the server.

Please wait for the System Event Notfication Service…

Thursday, August 7th, 2014

One of the most annoying things is a server which is hung up and won’t allow you to access it remotely. Especially, if it requires driving to get to the server.

Such was the case of a trouble call from a user trying to access a server. He would try remote desktop and received the following message:

Please wait for the System Event Notification Service…

The login process would remain at this point.

Remote Reboot failed but the system would ping and I could mount a hidden drive.

I needed remote desktop to work so I could look into this problem.

The System Event Notification Service as described from an article in the Microsoft Developer Network states:

Applications designed for use by mobile users require a unique set of connectivity functions and notifications. In the past these individual applications were required to implement these features internally. The System Event Notification Service (SENS) now provides these capabilities in the operating system, creating a uniform connectivity and notification interface for applications. Using SENS developers can determine connection bandwidth and latency information from within their application and optimize the application’s operation based on those conditions.

It sounds like something that is not needed, but it wasn’t the time to make this call when there was an annoyed user waiting for the server. I suspected we could at least kill the process and see if Remote Desktop would work again. Time to use the useful SC command:

sc \\servername queryex SENS

This returned:

TYPE               : 20  WIN32_SHARE_PROCESS
STATE              : 4  RUNNING
WIN32_EXIT_CODE    : 0  (0x0)
CHECKPOINT         : 0x0
WAIT_HINT          : 0x0
PID                : 976
FLAGS              :

Using the PID; I could attempt a taskkill of the sens process.

taskkill /S <servername> /PID 976 /F

This made the login session continue and I had access to the server.

Checking the Net; there are a several situations which could cause this condition.  It ranged from removing Live Messenger (which was not installed), registry changes (which didn’t work or didn’t apply) to removing an update (which was not installed).

I had to log out and found the error was back.  I used the same taskkill steps and was able to access the server again.

Not seeing the obvious; I figured I would try the “fix most things Microsoft” solution and rebooted.

The error went away.

Sometimes a reboot is all that is needed.


Missing license server for windows 2012 Remote Desktop Services

Wednesday, August 6th, 2014

Windows Server 2012 can be a little disconcerting due to the new look and layout.

Such was the case for a request of a 2012 server with Remote Desktop Services enabled. I installed the OS and added it to AD. I installed the requested applications and then I went through the wizard and installed the “Remote Desktop Session Host.”

I didn’t need the license server installed as I have a couple already in place.

When it came time to configure verify the setup; I went to Administrative Tools and looked at Remote Desktop Services and only found “RD Licensing Diagnoser”

Ok? Where do I configure the license servers?  Oh wait! the Dashboard.  I looked under that and found the same thing.

I reinstalled the role and found nothing changed.

I did get the warning about licenses and so I ran the diagnoser to see what was wrong.  Two license servers were found but the problem was the missing license server had the licenses for 2012.

Time became an issue and I literally had the user panicking to use the server so I needed a quick resolution as this system was a short term “crash and burn” setup.

I decided to add the missing entry via the registry and reboot.

The license server list can be found here:

HKLM\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows NT\Terminal Services

The entry you need to modify is : LicenseServers

I added the missing license server to the list and rebooted.

The warning message about licenses went away and I verified multiple users could access the server.

Time to crack open the 2012 books and papers!


Can’t remote desktop to a windows 2008 R2 server

Tuesday, June 17th, 2014

This was a strange problem. I have a simple Windows 2008 R2 server with remote desktop services installed. Everything was properly configured. Plenty of licenses and diagnostics reported the license server was available.

The problem? Can’t access the server through remote desktop. No errors in the logs and the only message available to me was the generic:

Did all the noob checks and I even reloaded Remote Desktop Services, removed and re-added the server to AD.

Still no access.

I installed tightvnc as I did not want to live at the machine and found I had remote access.

I checked the registry to see if port 3389 was configured and it was.

I used portqueryui to see if the port was in use and it reported:

TCP port 3389 (ms-wbt-server service): NOT LISTENING!

A quick telnet to port 3389 confirmed this.

The firewall was not running and there wasn’t a web server or any other process trying to use that port and thus block Remote Desktop Services. I was tempted to declare too much time debugging this and reload but I decided to dig around the Net a little more and stumbled on an old discussion on technet.

As mentioned in the post by itdoug; I found the hidden device driver called “remote desktop services security filter driver” disabled (You just bring up the Device Manager, select show hidden devices and look under Non-Plug and Play Drivers).

I tried to enable it and it failed. I then uninstalled it and rebooted.

Remote Desktop worked after that.


You must be an administrator running a console session…..

Tuesday, July 9th, 2013

I was trying to debug a problem on a remote server through remote desktop.

I wanted to run a Windows File Protection scan (sfc) but was rewarded with:

You must be an administrator running a console session in order to use the sfc utility.

I looked at Microsoft and found this technote.

The resolution was was to run it locally as this was by design!!!!

I thought “Come on! I have to drive over to the machine!”

Then, I noticed “Applied To” and saw only Server 2000 listed.

Hmmm?  Administrator?…..

What would happen if I started a command window as a local administrator (right click the menu option and select run as administrator)?


Lesson of the Day:  Read the whole technote!

Shutting down a workstation through remote desktop.

Wednesday, April 17th, 2013

Every once in awhile I come on a workstation which only has “Logoff” or “Disconnect” through remote desktop.

What to do when you want to reboot or shutdown?

There are a few ways to do this:

1) You can use the Alt+F4 keys to bring up a shutdown window which has the options for restart and shutdown.

2) You can use the Ctrl+Alt+End keys to bring up the old Ctrl+Alt+Del menu where you can select shutdown or restart

3) You can enter:  shutdown -s -t 10  to shutdown in 10 seconds or you can enter: shutdown -r -t 10 to restart in 10 seconds.

Keep in mind new operating systems will do things different such as the Ctrl+Alt+Del menu is different for windows 7.

One thing I find still works is the shutdown command.

Finally, I keep forgetting the Alt-F4 approach.  I was reminded of it here.


This could be caused by an outdated entry in the DNS cache.

Saturday, February 2nd, 2013

I was setting up a new server and when it came time to test a few things; I received this nice message when I tried Remote Desktop:

The connection cannot be completed because the remote computer 
that was reached is not the one you specified. This could be caused
by an outdated entry in the DNS cache. Try using the IP address of 
the computer instead of the name.

I checked the cache and DNS and found it was in order. Remote desktop would work with the IP address.

This was one of two machines with the same setup and the configuration matched the other machine. I checked the Microsoft site and found this.

All you need to do is:

  1. Start > Administrative Tools > Remote Desktop Services > Remote Desktop Session Host Configuration.
  2. Look under Connections and Right-click the RDP listener (Connection name is RDP-Tcp) and select properties.
  3. Look in the security box where you should see the security layer is set to negotiate.
  4. Change it to RDP Security Layer via the drop down button.
  5. Click OK and close the Remote Desktop Session Host Configuration.

After that; Remote Desktop by hostname works.

I can’t explain why this happened on one of two identically configured systems. I could go back and hunt for a reason if I had time which I never do of course….


Well now. While working on another issue; I found the problem. The hostname was misspelled on the host. DNS and AD managed to give functionality but other things like simply mounting the C drive \\host\C$ failed giving the error “The target account name is incorrect” A quick delete of the domain record, a reboot and the problem is solved.

Citrix session screen flicker

Monday, November 19th, 2012

I had a user complain about screen flicker while trying to use tools on a server via remote desktop. The server in question was 32 bit windows 2003 running citrix presentation server 4.5. This was not wide spread so only the one server was having issues.

Searching the Net I found a technote at Microsoft which seem to address this issue.

I downloaded the hotfix, installed it and rebooted the server and the problem was solved.

How to lock a remote desktop session.

Friday, September 14th, 2012

An annoying little ritual we must all follow is the periodic password change. I had to change mine and I had a remote desktop session which of course wanted a session lock and password entry to update the credentials.

To lock a local session, you simply enter: windows+L

It works great with local sessions but it does nothing for remote desktop sessions.

For remote desktop; you can enter:  CTRL+ALT+INS but this may not work as it requires you to configure remote desktop for it to work.

* Open the Remote Desktop Connection utility and click Options.
* Open the Local Resources tab
* Change the value for Apply Windows key combinations option under 
  Keyboard to On the remote computer.
* This will send all key combinations to the remote desktop connection; 
  including Ctrl-Alt-Ins.

There is one more way which doesn’t require configuration changes.

Simply, enter: rundll32 user32.dll,LockWorkStation

After that a quick unlock and the credentials are updated.