We started using Hyper-V a few months ago. Until a few days ago, everything is working great. We have 2 physical hosts running Windows Server 2012. Each physical host has been running one VM (Windows Server 2008 R2) which is replicating to the other host.

We have added another virtual machine. It works great except Remote Desktop Connection cannot connect to it. When I try, I get the standard message:

Remote Desktop can't connect to the remote computer for one of these reasons:
1) Remote access to the server is not enabled
2) The remote computer is turned off
3) The remote computer is not available on the network

I've checked everything I can think of including:

• VM is allowing remote access. To be sure, I even turned it off and back on.
• There is no firewall blocking anything. To be sure, Windows firewall is turned off.
• Remote Desktop CAN connect to the other VMs including the one running on the same physical host.
• Everything else on the VM seems to be working. IIS is running there and web pages come up nicely. File access is good too.

There are 2 differences between this new VM and the other ones:

• This OS is Windows Server 2008 (not R2). The other VMs are R2.
• This VM was not created from scratch. I used Sysinternals Disk2vhd to generate a VHD from an existing physical machine and then configured a new VM to use that VHD.

I'd be very grateful for advice on how to get RDC working.

Cam

Can this new VM access to the Internet? If not, check the network swicth settings in the host. If yes, can you telnet port 3389 from other computer to this VM?

Have you configured the Remote Desktop settings to "Allow connections only from computers running Remote Desktop with Network level Authentication" or to "Allow connections from computers running any version of Remote Desktop"?

If you try to connect to the VM with an RDP client that does not support Network Level Authentication (introduced in RDP with Windows Vista/Windows 2008 non R2 and newer) then the connection will fail if this has been configured in the Remote Desktop settings. Also make sure you add the user account that connects to the Remote Desktop user group (Select users button on the Remote Desktop users group)

Danny van Dam, Citrix CCIA/CCEE   Microsoft MCSE Server Infrastructure/MCSE Desktop Infrastructure/MCSA Server 2008, Cisco CCNA, VMware VCP 3/4/5

http://www.citrix-guru.com

http://www.rds-support.eu

Can this new VM access to the Internet? If not, check the network swicth settings in the host. If yes, can you telnet port 3389 from other computer to this VM?

I think we're getting somewhere!

Yes, the VM can access the Internet.

NO! I can't Telnet to this VM on port 3389, but I can Telnet to other VMs on port 3389. I also ran "netstat" which confirms that other VMs are listening on port 3389 but this one is not listening.

So what might cause this? What can I look for? Is there maybe a service not running that should be? (I checked the services and I find that "Terminal Services", "Terminal Services Configuration" and "Terminal Services UserMode Port Redirector" are all running.)

Have you configured the Remote Desktop settings to "Allow connections only from computers running Remote Desktop with Network level Authentication" or to "Allow connections from computers running any version of Remote Desktop"?

I've tried both. I'm trying to connect from Windows 7 and Windows Server 2012, so either setting should work.

Also make sure you add the user account that connects to the Remote Desktop user group (Select users button on the Remote Desktop users group)

I get the error even before it prompts me to enter any credentials. So it's not that it's blocking my user.

 Have a look at this older forum post:

http://social.technet.microsoft.com/Forums/eu/winserverTS/thread/c3cfc2df-fc29-4abc-acf1-01797f528333

Other things you can try to fix port 3389 not listening:

• sfc /scannow
• regsvr32 remotepg.dll
• leave domain then disable rdp / re-enable rdp
• try starting extra services that may have any impact
• disable all firewalls/antivirus
• disabe ipv6 on the adapter
• re-install network drivers
• copy TerminalServices reg keys from known working machine
• reg add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f

Thank you for the suggestions but still no joy. What I tried or checked:

• remote desktop services security filter driver and settings. (All is already according to that other forum post.)
• sfc /scannow
• regsvr32 remotepg.dll
• disable antivirus
• disable ipv6 on the adapter
  
• re-install network drivers (Windows update says I already have the latest driver for the Hyper-V NIC)
  
• reg add fDenyTSConnections (this key was already there)
  

What I didn't do:

• copy TerminalServices reg keys from known working machine (I'd rather not mess with the registry to this degree. It contains data about things like security certificates which are dependent on the machine. But I did a comparison with a working machine and I see differences that shouldn't matter like how to interact with the client (e.g. fDisableLPT).)
  
• leave domain then disable rdp / re-enable rdp (That's a bit extreme just to see if it works. Is this just a shot in the dark or do you have reason to believe it might work?)
  
• try starting extra services that may have any impact (I'd gladly try it if I knew what to start. Should I just look through the list of services and start the ones that aren't running?)
  

I hope you're not out of ideas. Please keep them coming if you can.

It could be 3rd party security software. For a test, try clean booting and then telnet localhost 3389 on the VM.

Windows general How to run Windows OS   with a clean boot How to Run Windows Safe Mode with   Networking How to setup DHCP for IP Phone How to setup and use Wake ...   www.howtonetworking.com/Windows/windowsgeneral.htm

It could be 3rd party security software. For a test, try clean booting and then telnet localhost 3389 on the VM.

The machine is still not listening on port 3389 while in safe mode. I didn't try disabling features in msconfig; I wouldn't know what to disable.

I'll wait a little longer for more advice and then I think I'll just recreate the VM from scratch, rather than using Disk2vhd to migrate a physical machine. Our other VMs were created from scratch and they run fine.

Cam

Cam,

Starting from cratch might get you up and running faster then going through all the possible troubleshooting options, especially with these kind of weird problems.

Danny

If you are sure you have enabled the remote desktop and not firewall blocks it, it may be different port. This how to may help;

How to modify Terminal Server's accessing port

How to modify Terminal Server's accessing port. By default Terminal Server and   Windows 2000 Terminal Services uses TCP port 3389 for client connections. www.howtonetworking.com/RemoteAccess/tsport1.htm

I'd like to add in on this topic and say you can just copy and get a .vhd working with Hyper-v.  I'd like to prefice this saying ESXi vmware kicks microsofts butt and if you check it out you'll see how this is NEVER a problem there.  But since this is a forum on Craper-V...here is what you can do.  First off you MUST know your local admin login.  If you don't the hard way to get that is a 3rd party software to reset or boot to an .iso of the OS and repair then Shift+F10 brings up a command console and there you can change users passwords, all of it.  But expecting you to know your local admin login, first from there just right click My Computer or Computer and click Property.  Get to the machine name tab and where you see your domain, delete the end.  So test.com, delete the .com and click ok.  It'll reintiate a secure connection to your domain.  Before that you MUST get on your DC and reset the computer account.  Then from there reinitate to the domain, reboot.  DONE.

Enjoy.

There is always another way to skin a cat.  And the way I told you, if you know the local admin, takes 2-3 minutes.

Please check your 2012 R2 Hyper-V NIC Teaming and you'll find your answer.

Regards,

Rudy

What should be changed with the NIC teaming to make this work?  I currently have two 2012R2 DC's that I cannot RDP into for admin access.  They are the only two in the domain like this.  Everything is setup correctly, firewall is disabled, all registry keys are right but neither server is listening on port 3389.  Even though that is the port in the registry and the service is running.  I am out of ideas.

I had the same issue just like you ,maybe you can try this : open firewall policy ,then find Remote Desktop User Mode(TCP-in) just Open it .