Re: /remote desktop control suddenly broken - critical
From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (sbradcpa_at_pacbell.net)
Date: 01/22/05
- Next message: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: URGENT!! RWW does not work in hotel"
- Previous message: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: /remote desktop control suddenly broken - critical"
- In reply to: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: /remote desktop control suddenly broken - critical"
- Next in thread: Rob Pettrey: "Re: /remote desktop control suddenly broken - critical"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 21 Jan 2005 18:30:24 -0800
Cause: The client computer may not be turned on.
Solution: Verify that the client computer is powered on and connected
to the Windows Small Business Server network.
Cause: Remote Desktop connections may not be enabled on the client
computer.
Solution: Verify that Remote Desktop is enabled on the computer you are
connecting to.
To enable Remote Desktop
To complete this procedure, you must be logged on as a member of the
Domain Admins security group.
Click Start, click Control Panel, click Performance and Maintenance, and
then click System.
On the Remote tab, select the Allow users to connect remotely to this
computer check box.
Ensure that you have the proper permissions to connect to your computer
remotely, and then click OK. You must be an administrator or a member of
the Remote Desktop Users group to connect remotely to your computer.
Verify that Remote Desktop is enabled by creating a Remote Desktop
connection from another computer on the Windows Small Business Server
network, and then attempting to connect to your computer. To start
Remote Desktop, click Start, point to All Programs, point to
Accessories, point to Communications, and then click Remote Desktop
Connection
If you are running any firewall software on the client computer, ensure
that it is not blocking access to port 3389 (the port specific to Remote
Desktop Connections). For more information, see the firewall
manufacturer's documentation.
Cause: The remote computer may have reached the maximum number of
allowed connections.
Solution: Verify that the computer you are connecting to has not
reached the maximum number of allowed connections. If you are connecting
to a computer running Windows XP Professional, only one user can be
connected at a time. If you are connecting to an application sharing
server, connections are determined by the number of client access
licenses (CALs) purchased by your company. For more information, see
your administrator.
Cause: Firewall settings may be blocking port 4125.
Solution: Verify that port 4125 (the port specific to the Remote Web
Workplace) is open to the Internet on the computer running Windows Small
Business Server. If you ran the Configure E-mail and Internet Connection
Wizard, and chose to publish the Remote Web Workplace, this is
configured automatically on the server. If you have a router or firewall
device that does not support Universal Plug and Play (UPnp), you must
manually configure this device to accept Internet traffic through port
4125. For more information, see the device manufacturer's documentation.
If the computer running Windows Small Business Server is running
Microsoft Internet Security and Acceleration (ISA) Server, run the
Configure E-mail and Internet Connection Wizard, choose to publish the
Remote Web Workplace, and ISA Server will be automatically configured to
allow Remote Desktop connections.
If you are connecting from a remote computer that accesses the Internet
through ISA Server, the person responsible for ISA Server must create a
protocol rule allowing outbound traffic through port 4125. You must also
install ISA Firewall Client on the remote computer.
Verify that your Internet service provider (ISP) is not blocking
Internet traffic through port 4125.
Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] wrote:
> What in the world are "pop ups" doing on the server? Let's first
> analyze that statement.. What pop ups? The IE is locked down so there
> should be no "pop ups"
>
> What else is going on in this server?
>
> In the meantime...try rerunning the CEICW [connect to internet].
>
> Rob Pettrey wrote:
>
>> SBS 2003 premium new install, using SQL but not ISA. Cable to linksys
>> WRT54G wireless cable router to outside nic, inside nic to switch to
>> inside.
>>
>> Everything working flawlessly perfect until Wednesday night.
>>
>> Windows update wanted an update, so I updated and rebooted. Thursday
>> morning I noticed pop-ups on the server, so I thought I would try the
>> new Microsoft Anti-spyware product. I installed it, ran it, thought
>> better of it, and de-installed it.
>> Thursday afternoon one of the users called to say he couldn't remote
>> control his pc. I started troubleshooting, and discovered a process
>> camping on 4125 using netstat.
>>
>> netstat -aon | find ":4125"
>>
>> there were two lines. I didn't document it, but from my memory there
>> were two lines that kind of looked like this:
>>
>> TCP 192.168.16.2:1025 xxx.xxx.xxx.xxx:4125
>> ESTABLISHED 612
>> TCP 192.168.16.2:4125 xxx.xxx.xxx.xxx:1025
>> ESTABLISHED 612
>>
>> I'm sure about the port numbers, and pretty sure that the first IP was
>> the internal NIC, not sure about the second IP.
>>
>> The process ID matched lsass.exe. I saw some postings about this
>> possibly being a virus, so I went to trendmicro and ran an interactive
>> scan and came up clean. I also RDP'ed into another SBS install and
>> compared lsass.exe and both machines had the same file size.
>>
>> I coundn't restart lsass, so I rebooted the server. When I rebooted, I
>> could /remote and then connect to a client desktop - several times -
>> for about 15 minutes. At the same time, I RDP'ed into the server and
>> did a netstat and got
>>
>> netstat -aon | find ":4125"
>>
>> TCP 192.168.1.2:3468 xxx.xxx.xxx.xxx:4125
>> TIME_WAIT 0
>>
>> which looked like a remote client coming in. When I logged off
>> /remote, it went away.
>>
>> After that, I got nothing on netstat, but couldn't connect again to
>> any desktop and got this message:
>>
>> The client could not connect to the remote computer. Remote
>> connections might not be enabled or the computer might be too busy to
>> accept new connections. It is also possible that network problems are
>> preventing your connection. Please try connecting again later. If the
>> problem continues to occur, contact your administrator.
>>
>> I rebooted again, and now have no remote control - tried multiple
>> pc's, multiple administrative users. Everything else works except
>> remote control. I can still RDP to the server and connect to a client
>> pc from the inside, just not via /remote.
>>
>> I'm absolutely sick. The only things that changed: - windows update
>> - installing / uninstalling ms anti-spyware
>> - new remote user trying to connect
>>
>> I am clueless. I sold SBS 2003 to this client based on their need for
>> remote control, and now it's broke, and they use remote control every
>> day.
>>
>> Rob Pettrey
- Next message: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: URGENT!! RWW does not work in hotel"
- Previous message: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: /remote desktop control suddenly broken - critical"
- In reply to: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: /remote desktop control suddenly broken - critical"
- Next in thread: Rob Pettrey: "Re: /remote desktop control suddenly broken - critical"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
