Im having a bit of trouble getting a remote desktop connection going from my XP Pro machine to a Server 2008 sp1 server (its a domain server). The error message given is "This computer cant connect to the remote computer." It used to work when I first set up the server before I added the domain service. I have verified that the option to allow RDP connections is checked and my user account is listed as being able to connect to it. The server is working and I can ping it on my network. Any suggestions?

Can you connect by IP? Are you using the server name when trying to connect. This may be a DNS related issue. I would check that first. If you are still not able to connect by IP, I would suggest to check and see if you have the more secure or less secure RDP enabled. This makes a difference, as you need to allow less secure RDP if you are using XP Professional.Scotty

To use the less secure RDP, go to System Properties, (Control Panel\System), and click on the remote settings link in the upper left corner. Chose the appropriate checkbox.

Hi Customer, Thanks for posting here. To logon to a domain controller remotely, you need to add the user account into "Allow logon locally" group as well. You need to run "gpmc.msc" to open Group Policy Management on the domain controller. Click Domain Controller OU, select Default Domain Controller Policy and right-click Edit. Then navigate to [Computer Configuration\Windows Settings\Security Settings\User Rights Assignment\log on locally] option. Add the user account into this group. Click OK. Run the "gpupdate /force" on your domain server and try remote desktop connection again. Wilson Jia - MSFT

Hi Customer, Thanks for posting here. To logon to a domain controller remotely, you need to add the user account into "Allow logon locally" group as well. You need to run "gpmc.msc" to open Group Policy Management on the domain controller. Click Domain Controller OU, select Default Domain Controller Policy and right-click Edit. Then navigate to [Computer Configuration\Windows Settings\Security Settings\User Rights Assignment\log on locally] option. Add the user account into this group. Click OK. Run the "gpupdate /force" on your domain server and try remote desktop connection again. Wilson Jia - MSFT I tried this. When I navigated to the policy, I found "Deny log on Locally" but no "log on locally" policy. Am I in the right spot? I also have the less secure RDP on. Still doesnt work. I also cannot log on using the IP. Any other help?

I tried this. When I navigated to the policy, I found "Deny log on Locally" but no "log on locally" policy. Am I in the right spot? I also have the less secure RDP on. Still doesnt work. I also cannot log on using the IP. Any other help? You are in the right place. Look near the top for "Allow log on locally".

Hi Customer,Sorry for my mistake, you're correct. The policy should be "Allow log on locally". You need to add your remote desktop user into this group to grant them remote access to your Domain controller.Thanks.Wilson Jia - MSFT

Hi Customer, Sorry for my mistake, you're correct. The policy should be "Allow log on locally". You need to add your remote desktop user into this group to grant them remote access to your Domain controller. Thanks. Wilson Jia - MSFT Ok, I found it and added the my user logon into it. I also ran the gpupdate /force to push the changes through and I still cant connect. Is a reboot necessary?

You also need "Allow logon through Terminal Services". By default, the group "Remote Desktop Users" has that right.Is the XP machine you are trying to connect from a member of the domain? If not, that would be the problem. That computer needs to have the "Access this computer from the network" right.

Hi, Please make sure that the Remote Desktop setting is Enabled. You can find it in Control Panel|System|Remote Setting. Enable the second option "Allow connection from computers running any version of Remote Desktop (less secure)" Ensure the user account is under Select Users list.Wilson Jia - MSFT

Hi, Please make sure that the Remote Desktop setting is Enabled. You can find it in Control Panel|System|Remote Setting. Enable the second option "Allow connection from computers running any version of Remote Desktop (less secure)" Ensure the user account is under Select Users list. Wilson Jia - MSFT I made sure that all of these were checked and they are and I am under the list of users who have access. Still nothing. Im wondering if it may have something to do with terminal server. If i try to browse for the server I get this error message: --------------------------- Remote Desktop Connection --------------------------- The DOM domain/workgroup does not contain any Terminal servers. --------------------------- (Our domain is called DOM)

Im wondering if it may have something to do with terminal server. If i try to browse for the server I get this error message:---------------------------Remote Desktop Connection---------------------------The DOM domain/workgroup does not contain any Terminal servers.---------------------------(Our domain is called DOM) No, that is normal.What version of RDC (%SystemRoot%\System32\mstsc.exe) do you have? I notice that on my Server 2003 R2 machine I have 6.0.6000.16459.I see there is also a newer one available: Remote Desktop Connection (Terminal Services Client 6.1) for Windows XP (KB952155).

Im wondering if it may have something to do with terminal server. If i try to browse for the server I get this error message: --------------------------- Remote Desktop Connection --------------------------- The DOM domain/workgroup does not contain any Terminal servers. --------------------------- (Our domain is called DOM) No, that is normal. What version of RDC (%SystemRoot%\System32\mstsc.exe) do you have? I notice that on my Server 2003 R2 machine I have 6.0.6000.16459. I see there is also a newer one available: Remote Desktop Connection (Terminal Services Client 6.1) for Windows XP (KB952155) . This is the version that I have: 6.0.6001.18000.

Jorgen, I'm stumped. I hope someone else can help you.Brian.

Hi, First of all, let us check whether the terminal service is listening on the port. By default, the terminal server listens on the 3389 port. You may refer to the following Microsoft Knowledge Base article to check the port used by terminal service: How to change the listening port for Remote Desktop http://support.microsoft.com/default.aspx?kbid=306759 After this, please use the utility TCPView to check whether terminal service is listening on this port: http://www.sysinternals.com/ntw2k/source/tcpview.shtml Meanwhile, you may also run "netstat -na|findstr 3389" on the server. Which interfaces are 3389 port listening on? Scenario 1 ------------ If the 3389 port is occupied by another services or application, this problem may occur. Based on my experience, the process that most frequently causes this problem is the Microsoft Exchange System Attendant service (Mad.exe). That is because Microsoft Exchange uses remote procedure call (RPC) dynamic port allocation. During RPC dynamic port allocation, the RPC service assigns an RPC program a random port number that is more than 1024. Occasionally, RPC may assign TCP port 3389 to a program such as the Microsoft Exchange System Attendant service. As the server is running Exchange, this may be the root cause for this issue. To trouble shoot this problem efficiently, please refer to the following Microsoft Knowledge Base article: 886209 Users cannot connect to remote desktops by using the Windows Small Business Server 2003 Remote Web Workplace http://support.microsoft.com/default.aspx?scid=kb;EN-US;886209 Meanwhile, you can also refer to the above KB306759 to change the listening port of the terminal service to and then refer to the following Microsoft Knowledge Base article to see whether you can remote desktop through this port: http://support.microsoft.com/kb/304304/ Scenario 2 ------------- If no services are listening on the 3389 port and you have not changed the listening port, some components of terminal services may be corrupt when you uninstalled the terminal services. Please ensure that you have checked the "Enable Remote Desktop on this computer" option in the System Properties dialog. In addition, please check the "Device\Video0" registry key. This problem may occur when the Device\Video0 registry key is missing. If this registry value is corrupt, the RDP-Tcp will be displayed as "Down" state. Remote Desktop Protocol Clients Cannot Connect to Terminal Services Server http://support.microsoft.com/?id=270588 Scenario 3 -------------- If the terminal server is listening on the 3389 port properly, please run the "telnet <IP address of the terminal server> 3389" command to see whether you can telnet the 3389 port of the server. If the connection is established properly, a blank window will be opened. If the connection cannot be established, please check your firewall settings to see whether the port is blocked. If the connection can be established properly, this means that network part is working. The problem may lies in terminal services licensing. Here I would like to double confirm that the server runs in Remote Administration mode. If you have installed the terminal services component in Add or Remove Programs, the server will run in Application Mode. If the problem continues, please help me collect some information so that I can perform further research on this issue: 1. Please let me know the above test results. 2. Does this problem happen for all clients or just some of particular clients? Does this problem exist for all users, including administrators? 3. Can the same user establish a remote desktop connection from a client in the same LAN as the server? 4. Which mode does the server run in, Remote Administration mode or Application Mode? 5. When did this problem begin to occur? Did it coincide with any special events, such as the installation of some software or some configuration change? 6. Could you describe your network topology in detail? 7. Please perform the following steps to collect 1) Go to Start -> Run, type GPMC.MSC, it will load the GPMC console 2) Right click on "group policy result" and choose wizard to generate a report for the domain controller and the problematic user. (Choose computer and select the properly user in the wizard) 3) Right click the generated group policy report and click "group policy result" => save report to save the report to a HTML file and send it to me.

I wanted to say that I fixed it. I was poking around and realized that the TS service was stopped. I restarted it and it works. Thanks for all the help.