Connot connect to one server using RDP

[PSV]

We have 5 windows 2003 servers in a separate domain. 1 DC, 2 Clustered
Servers and 2 Citrix servers. We have a domain account used for managing the
clusters. This a/c has local admin rights on both cluster nodes. We noticed
that someone had accidentally put this a/c in domain admin group. After
removing this a/c from doamin admins group we are unable to connect to one
server (node 2 of cluster). We don't even get logon screen when we RDP in the
server.
Pls note that, we have enforced security using GPOs. Using the GPO tool, I
made sure that, all servers have lastest GPOs.
I have tried the following,
1.rebooting the servers.
2. Re-registered with DNS
3. I compared Node 1 of cluster with Node 2 in terms of a/c setup, policies,
RDP setup, services etc. Everything looks identical.
4. Checked to see whether firewall is turn on. It's off.
5. RDP protocol configuration is identical.
6.
I was wondering whether anyone could point me in the right direction.

The error received is,

The client couldn't establish connection to the remote computer.
The mostlylikes reasons are,
1. Remote connections might not be enabled at the remote computer
2. The maximum number of connections was exceeded at the remote computer
3. A network error occurred while establishing the connection.

Thanks a bunch.
PSV

 

[Munindra Das [MSFT]]

Re: Connot connect to one server using RDP

This can be due to various reasons. First check would be to see TS service
and listener is up and running fine on the server. Though you might have
already done it, following are things to check:
- please run "qwinsta.exe" and see listener is running.
- run "netstat -a" and see if TCP port 3389 is being listened at.

Next would be to see if connection request is getting to the server or not.
You can take some "netmon" traces on the server and see if you find any
packets reaching port 3389. If connections are not getting to port 3389, one
of the common issue is DNS name resolution. Try using the ipaddress instead
and see if you can connect.

If nothing works, look for error entries in the event log.

--
This posting is provided "AS IS" with no warranties, and confers no rights.
"PSV" <PSV@discussions.microsoft.com> wrote in message
news:E9C78418-7F1F-484F-91E7-3E4D97B28064@microsoft.com...
> We have 5 windows 2003 servers in a separate domain. 1 DC, 2 Clustered
> Servers and 2 Citrix servers. We have a domain account used for managing
> the
> clusters. This a/c has local admin rights on both cluster nodes. We
> noticed
> that someone had accidentally put this a/c in domain admin group. After
> removing this a/c from doamin admins group we are unable to connect to one
> server (node 2 of cluster). We don't even get logon screen when we RDP in
> the
> server.
> Pls note that, we have enforced security using GPOs. Using the GPO tool, I
> made sure that, all servers have lastest GPOs.
> I have tried the following,
> 1.rebooting the servers.
> 2. Re-registered with DNS
> 3. I compared Node 1 of cluster with Node 2 in terms of a/c setup,
> policies,
> RDP setup, services etc. Everything looks identical.
> 4. Checked to see whether firewall is turn on. It's off.
> 5. RDP protocol configuration is identical.
> 6.
> I was wondering whether anyone could point me in the right direction.
>
> The error received is,
>
> The client couldn't establish connection to the remote computer.
> The mostlylikes reasons are,
> 1. Remote connections might not be enabled at the remote computer
> 2. The maximum number of connections was exceeded at the remote computer
> 3. A network error occurred while establishing the connection.
>
> Thanks a bunch.
> PSV