Re: Anyone having TS problems since the latest round of Security Hotfixes?
- From: "Vera Noest [MVP]" <Vera.Noest@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 24 Oct 2006 05:00:08 -0700
Hi Dana,
I haven't experienced it myself, but I can confirm that there have
been a number of identical posts here the last 3-4 weeks (Terminal
server not listening after reboot). Most posters have reported that
this happens after a scheduled reboot, and that a manual reboot the
next morning fixes the problem, until next time. Many have noticed
the problem immediately after applying the latest updates.
I have no more details, but you are certainly not the only one with
this problem, so Microsoft should be aware of it and hopefully have
a solution.
I'd appreciate it if you reported your findings back here!
_________________________________________________________
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
TS troubleshooting: http://ts.veranoest.net
*----------- Please reply in newsgroup -------------*
"Trust No One" <dana.scully@xxxxxxx> wrote on 24 okt 2006:
Hi Folks,.
Thought I'd try the newsgroup before raising a ticket with PSS.
We have recently started having problems connecting via RDP to
Windows 2003 SP1 servers in our DMZ. These problems seem to have
occured since the deployment of the last set of security
hotfixes, namely MS06-057, MS06-061, MS06-063, MS06-064,
MS06-065.
In short, on reboot of the server Terminal Services does not
work. The service is shown as started in the services applet,
however running netstat -a or qwinsta shows that terminal
services is not actually listening on the assigned port. About
once in 20 reboots terminal services will work but more often
than not it does not, with the behaviour described.
I discovered by trial and error that running "gpupdate" (to
refresh the local policy) kicks terminal services into life on
the server. However it stops working (except for the odd
occasion) on the next reboot.
The problem only seems to affect (so far) Windows 2003 SP1
servers in our DMZ. The servers in the DMZ differ from the ones
on the internal network in that they are locked down via the
Microsoft High Security Baseline Member server policy. Prior to
this incident the affected servers have all been happily running
for almost a year with no problems on reboot. The Windows 2003
servers (without SP1) in the DMZ seem totally unaffected.
The affected servers have absolutely no errors in the event
viewer and the "Allow users to connect remotely" setting is
definitely set :)
For the moment I've done a workaround by writing a batch file to
run gpupdate and adding this batch file as a startup script in
the local machine policy of the affected servers. This works
like a charm but it is a workaround and I'd like to address the
root cause.
My next course of action before escalating to PSS is to build a
server and try to isolate the problem to a particular security
hotfix.
Meanwhile, is anyone else on the newsgroup experiencing similar
problems? Do you run the Microsoft High Security Baseline
Policy? Thoughts / comments appreciated. It looks like it could
be some type of "race condition" but the Microsoft High Security
Baseline Policy is muddying the waters somewhat :)
- References:
- Anyone having TS problems since the latest round of Security Hotfixes?
- From: Trust No One
- Anyone having TS problems since the latest round of Security Hotfixes?
- Prev by Date: Re: Printing
- Next by Date: Re: Bad translation in portuguese W2K3 R2
- Previous by thread: Anyone having TS problems since the latest round of Security Hotfixes?
- Next by thread: Re: Disk Space Management on Terminal Server
- Index(es):
Relevant Pages
|
Loading
