Re: one client system with rww issue
- From: v-yanniw@xxxxxxxxxxxxxxxxxxxx ("Jenny wu [MSFT]")
- Date: Mon, 24 Oct 2005 10:14:46 GMT
Hi,
Thanks for your update!
I am sorry for the delayed response due to weekend. Please understand that
the newsgroups are staffed weekdays by Microsoft Support professionals to
answer your systems and applications questions. Your understanding is
greatly appreciated!
Yes, you are correct if there is only the specific workstation which you
can not RDP.
Let"s do follow tests to try to troubleshoot the issue:
I. You need ensure the local group policy that doesn't prevent RDP
connection. I list the following group policy settings related remote
access for your reference:
1. Click Start->Run, type "gpedit.msc" (without the quotes) and click OK.
2. Go to Computer Configuration\Windows Settings\Security Settings\Local
Policies\User Rights Assignment.
3. Double click the "Access this computer from the network" policy and make
sure the following groups are listed:
Administrators
Everyone
Power Users
Users
4. Double click the "Allow logon through Terminal Services" policy and make
sure the following groups are listed:
Administrators
Remote Desktop Users
5. Check the "Deny access to this computer from the network" policy and
make sure the groups mentioned above are NOT listed.
6. Check the "Deny logon locally" policy and make sure the groups mentioned
above are NOT listed.
7. Check the "Deny logon through Terminal Services" policy and make sure
the groups mentioned above are NOT listed.
8. Check the "Log on locally" policy and make sure the following groups are
listed:
Administrators
Guest
Power Users
Users
9. Close the "Gourp Policy" window.
If you change any settings, you need run command to refresh group policy:
10. Click Start->Run, type "gpupdate /force" (without the quotes) and click
OK.
II. On the server, open Server Management console, locate Users node,
right click the user account and click Properties, click the Terminal
Services profile tab and make sure that the "Deny this user permissions to
logon to terminal server" option is uncheck.
3. To grant guests Logon rights to the RDP-TCP connection, start the
Terminal Services Configuration snap-in, edit the RDP-TCP so that the guest
has at least Logon rights.
For detail information, please see:
278433 Accessing Terminal Services Using New User Rights Options
http://support.microsoft.com/?id=278433
289289 Remote Desktop Connection "The Local Policy of This System Does Not
http://support.microsoft.com/?id=289289
Try to test again, does the issue be fixed?
If the issue persists, please help me collect some information for further
analyze:
1. What is accurate error message when you RDP to the workstation? Does it
is "The local policy of this system does not permit you to logon
interactively"?
2. Please try to use a domain user account to access the workstation, how
about the result?
3. Please run command " gpresult /z > c:\gpresult.txt" respectively in the
server box and the problematic workstation and find the files to mail to me
for analyze. My mailboxes: v-yanniw@xxxxxxxxxxxxx
I appreciate your time and efforts to perform test and collect information.
I am glad to be further assistance!
Have a nice day!
Sincerely,
Jenny Wu
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
======================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
======================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
>From: "tester" <tester@xxxxxxxxxxxx>
>Newsgroups: microsoft.public.windows.server.sbs
>Subject: Re: one client system with rww issue
>Date: Fri, 21 Oct 2005 13:59:19 -0700
>Organization: Posted via Supernews, http://www.supernews.com
>Message-ID: <11liljsbfod4dee@xxxxxxxxxxxxxxxxxx>
>References: <11lcs759da06kea@xxxxxxxxxxxxxxxxxx>
<c#qBQbT1FHA.3104@xxxxxxxxxxxxxxxxxxxxx>
>X-Priority: 3
>X-MSMail-Priority: Normal
>X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
>X-RFC2646: Format=Flowed; Original
>X-Complaints-To: abuse@xxxxxxxxxxxxx
>Lines: 159
>Path:
TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!newsfeed00.sul.t-online.de!t-onli
ne.de!news-spur1.maxwell.syr.edu!news.maxwell.syr.edu!sn-xit-04!sn-xit-12!sn
-xit-09!sn-post-01!supernews.com!corp.supernews.com!not-for-mail
>Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:163472
>X-Tomcat-NG: microsoft.public.windows.server.sbs
>
>Jenny,
>Thanks. I should have clarified. I cannot even rdp from inside the
network
>to this station. All other (30+) systems work fine via RWW, and RDP (LAN
or
>via VPN-WAN) so it must be something to do with the config of this one
>system, not the CEICW or firewall config. I will try to get a screen cap
>next week.
>
>
>
>""Jenny wu [MSFT]"" <v-yanniw@xxxxxxxxxxxxxxxxxxxx> wrote in message
>news:c%23qBQbT1FHA.3104@xxxxxxxxxxxxxxxxxxxxxxxx
>> Hi,
>>
>> Thanks for posting here!
>>
>> For your description, I understand that you can not RDP or VPN to a XP
>> workstation but can access it through RWW. If I am off base, please don't
>> hesitate to let me know.
>>
>> Let's try following steps to try to trouble shoot the issue:
>>
>> I. Please try to rerun CEICW to make sure enable firewall and publish
VPN,
>> Terminal services, RWW and OWA to internet. You can refer to the
following
>> steps:
>>
>> 1. Expand Standard Management | To Do List.
>> 2. Click Connect to the Internet in the right pane.
>> 3. Navigate the wizard to Firewall and then select Enable firewall. In
the
>> next page, make sure the E-mail, VPN, Terminal services item is checked
in
>> services configuration page.
>> 4. Click Next and then select Allow access to the following web site
>> services from the internet.
>> 5. Make sure OWA, RWW be selected and click Next.
>> 6. Click Create a new Web services certificate (input your FQDN as the
web
>> server certificate) and then click Next.
>> 7. Following the wizard to finish it.
>>
>> I suggest you refer to KB 825763 to reconfigure the network connection:
>>
>> 825763 How to configure Internet access in Windows Small Business Server
>> 2003
>> http://support.microsoft.com/?id=825763
>>
>> If you have installed router or hardware firewall outside the SBS 2003
>> network, please double check to make sure the TCP port 4125, 1723, 3389
>> are
>> opened on your router or hardware firewall.
>>
>> Try to test again, how about the result?
>>
>> Generally, we open the ports we needed to allow some specific traffic.
You
>> can refer to the following list:
>>
>> TCP port Definition
>> 25 Email (SMTP)
>> 80 required for HTTP
>> requests for your site
>> 443 required for HTTPS
>> requests using SSL, which secures communications from your server and a
>> Web
>> browser
>> 444 Companyweb
>> 4125 Remote Web Workplace
>> 1723 (plus GRE Protocol 47) VPN
>> 3389 Terminal Services
>> 21 FTP
>>
>> If the issue persists, please kindly help me collect some information to
>> isolate the issue:
>>
>> 1. When you RDP to the workstation, what is the accurate error message
you
>> got? Could you help me catch a screen shot?
>>
>> To make a screen shot:
>>
>> A. Press Alt + Pr Scrn to capture a screen shot.
>> B. From Start, go to Run, enter pbrush in the Open box, and then click
OK.
>> C. Use Ctrl + V to paste the screen shot to the canvas.
>> D. From the File menu, go to Save and save as a JPG file.
>> Please send the file to my mailboxes: v-yanniw@xxxxxxxxxxxxx
>>
>> 2. When you VPN to the workstation, what is the accurate error message
you
>> got? Could you help me catch a screen shot?
>> 3. What is the local policy error? Could you tell me the accurate error
>> information? Could you get any other error event log in the Event Viewer?
>> 4. Can you VPN or RDP to other clients or server? Could you get any
>> related error event log in the Event Viewer?
>> 5. Have you installed ISA? How many network cards on the server box? Have
>> you installed router or hardware firewall outside network?
>>
>> I appreciate your time and efforts to perform test and collect
>> information.
>> I am happy to be assistance of you and look forward to your reply!
>>
>> Have a nice day!
>>
>> Best Regards,
>>
>> Jenny Wu
>> Microsoft CSS Online Newsgroup Support
>> Get Secure! - www.microsoft.com/security
>> ======================================================
>> This newsgroup only focuses on SBS technical issues. If you have issues
>> regarding other Microsoft products, you'd better post in the
corresponding
>> newsgroups so that they can be resolved in an efficient and timely
manner.
>> You can locate the newsgroup here:
>> http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
>>
>> When opening a new thread via the web interface, we recommend you check
>> the
>> "Notify me of replies" box to receive e-mail notifications when there are
>> any updates in your thread. When responding to posts via your newsreader,
>> please "Reply to Group" so that others may learn and benefit from your
>> issue.
>>
>> Microsoft engineers can only focus on one issue per thread. Although we
>> provide other information for your reference, we recommend you post
>> different incidents in different threads to keep the thread clean. In
>> doing
>> so, it will ensure your issues are resolved in a timely manner.
>>
>> For urgent issues, you may want to contact Microsoft CSS directly. Please
>> check http://support.microsoft.com for regional support phone numbers.
>>
>> Any input or comments in this thread are highly appreciated.
>> ======================================================
>> This posting is provided "AS IS" with no warranties, and confers no
>> rights.
>>
>> --------------------
>>>From: "tester" <tester@xxxxxxxxxxxx>
>>>Newsgroups: microsoft.public.windows.server.sbs
>>>Subject: one client system with rww issue
>>>Date: Wed, 19 Oct 2005 09:15:08 -0700
>>>Organization: Posted via Supernews, http://www.supernews.com
>>>Message-ID: <11lcs759da06kea@xxxxxxxxxxxxxxxxxx>
>>>X-Priority: 3
>>>X-MSMail-Priority: Normal
>>>X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
>>>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
>>>X-RFC2646: Format=Flowed; Original
>>>X-Complaints-To: abuse@xxxxxxxxxxxxx
>>>Lines: 5
>>>Path:
>>
TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!newsfeed00.sul.t-online.de!t-onli
>>
ne.de!newshub.sdsu.edu!newsfeed.news2me.com!sn-xit-04!sn-xit-12!sn-xit-06!sn
>> -post-01!supernews.com!corp.supernews.com!not-for-mail
>>>Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:162732
>>>X-Tomcat-NG: microsoft.public.windows.server.sbs
>>>
>>>I have an xp sp2 system that works fine via rww, but direct rdp to it
from
>>>the lat or from a vpn connection does not work, you get a local policy
>>>error. any ideas?
>>>
>>>
>>>
>>
>
>
>
.
- References:
- RE: one client system with rww issue
- From: "Jenny wu [MSFT]"
- RE: one client system with rww issue
- Prev by Date: Re: Shared Fax device not available anymore after reboot server!?!
- Next by Date: Re: Possible Licensing Problem
- Previous by thread: RE: one client system with rww issue
- Next by thread: Changing mount options
- Index(es):
Relevant Pages
|
