Completely Stumped

  • Thread starter Thread starter Dave Kennedy
  • Start date Start date
D

Dave Kennedy

Guest
I posted this over on the Windows XP side and did not get a reply so I am
posting this on the Terminal Server side even though it is a desktop issue
but I still need some help resolving this issue and the OS on the desktop is
XP Pro SP2 and we are running a Windows 2003 server environment

I have a user who is trying to rmeote into her work desktop and she is unable
to do so. The error she gets is:

"This computer can't connect to the remote computer. Try connecting again.
If the problem continues, contact the owner of the remote computer or your
network administrator"

Now I am the network admin and I have set up almost all of the company
desktops for remote access and this is the first time I have had this
problem.

The firewall is disabled
Checked the registry to verify the firewal is disabled
The computer is set to allow remote connections
The user has been added to the list of approved users for her machine
Her Active Directory profile is set to allow her to connect remotely, she
can connect to our terminal server
I can ping her desktop by host name and by IP address
NSlookup returns the correct information for her desktop

The problem is that when I do a port scan, port 3389 does not show up as an
open port. So somehow even though her system is set up correctly, the RDP
port is still blocked by the firewall.

Any suggestions??

Thanks!
 
Re: Completely Stumped

Have you verified that it really is the firewall that's blocking
access?
While logged on to the XP client, run netstat -an.
Is the XP client listening on port 3389?
_________________________________________________________
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
TS troubleshooting: http://ts.veranoest.net
___ please respond in newsgroup, NOT by private email ___

=?Utf-8?B?RGF2ZSBLZW5uZWR5?=
<DaveKennedy@discussions.microsoft.com> wrote on 05 mar 2008 in
microsoft.public.windows.terminal_services:

> I posted this over on the Windows XP side and did not get a
> reply so I am posting this on the Terminal Server side even
> though it is a desktop issue but I still need some help
> resolving this issue and the OS on the desktop is XP Pro SP2 and
> we are running a Windows 2003 server environment
>
> I have a user who is trying to rmeote into her work desktop and
> she is unable to do so. The error she gets is:
>
> "This computer can't connect to the remote computer. Try
> connecting again. If the problem continues, contact the owner of
> the remote computer or your network administrator"
>
> Now I am the network admin and I have set up almost all of the
> company desktops for remote access and this is the first time I
> have had this problem.
>
> The firewall is disabled
> Checked the registry to verify the firewal is disabled
> The computer is set to allow remote connections
> The user has been added to the list of approved users for her
> machine Her Active Directory profile is set to allow her to
> connect remotely, she can connect to our terminal server
> I can ping her desktop by host name and by IP address
> NSlookup returns the correct information for her desktop
>
> The problem is that when I do a port scan, port 3389 does not
> show up as an open port. So somehow even though her system is
> set up correctly, the RDP port is still blocked by the firewall.
>
> Any suggestions??
>
> Thanks!
 
Re: Completely Stumped

I had not checked via netstat but at your suggestion I did just go down to
the client pc and run the netstat -an command. It is listeneing on port
3389. So from what I can see the client is all set to go but something is
preventing the connection. The only thing I can think of is the Windows
firewall even though it is disabled. grrrrrrrrrrr.........

Suggestions?
 
Re: Completely Stumped

Not really. If the firewall is completely turned off, there's not
much room for mistakes.
Do you use Group Policies in your domain? Is it possible that there
is a GPO somehow overriding the settings for the client or the user
account settings?
Run Resultant Set of Policies (RSoP) for this user on this PC to see
exactly which GPOs are applied.
_________________________________________________________
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
TS troubleshooting: http://ts.veranoest.net
___ please respond in newsgroup, NOT by private email ___

=?Utf-8?B?RGF2ZSBLZW5uZWR5?=
<DaveKennedy@discussions.microsoft.com> wrote on 05 mar 2008 in
microsoft.public.windows.terminal_services:

> I had not checked via netstat but at your suggestion I did just
> go down to the client pc and run the netstat -an command. It is
> listeneing on port 3389. So from what I can see the client is
> all set to go but something is preventing the connection. The
> only thing I can think of is the Windows firewall even though it
> is disabled. grrrrrrrrrrr.........
>
> Suggestions?
 
Re: Completely Stumped

On Mar 5, 2:11 am, Dave Kennedy
<DaveKenn...@discussions.microsoft.com> wrote:
> I posted this over on the Windows XP side and did not get a reply so I am
> posting this on the Terminal Server side even though it is a desktop issue
> but I still need some help resolving this issue and the OS on the desktop is
> XP Pro SP2 and we are running a Windows 2003 server environment
>
> I have a user who is trying to rmeote into her work desktop and she is unable
> to do so. The error she gets is:
>
> "This computer can't connect to the remote computer. Try connecting again.
> If the problem continues, contact the owner of the remote computer or your
> network administrator"
>
> Now I am the network admin and I have set up almost all of the company
> desktops for remote access and this is the first time I have had this
> problem.
>
> The firewall is disabled
> Checked the registry to verify the firewal is disabled
> The computer is set to allow remote connections
> The user has been added to the list of approved users for her machine
> Her Active Directory profile is set to allow her to connect remotely, she
> can connect to our terminal server
> I can ping her desktop by host name and by IP address
> NSlookup returns the correct information for her desktop
>
> The problem is that when I do a port scan, port 3389 does not show up as an
> open port. So somehow even though her system is set up correctly, the RDP
> port is still blocked by the firewall.
>
> Any suggestions??
>
> Thanks!

does her local machine account have a password?
 
Re: Completely Stumped

We do use some GPO's, for software installs, but none relating to the
firewall. It is disabled in the Ghost image we load on the machines and
since the users do not have Admin rights, they cannot change the firewall
settings. That said, I did run the RSOP as you suggested and it turned up
noting that would be overriding the firewall setting.

I am beginning to think I will have to re-ghost this users machine.
 
Re: Completely Stumped

=?Utf-8?B?RGF2ZSBLZW5uZWR5?=
<DaveKennedy@discussions.microsoft.com> wrote on 05 mar 2008:

> We do use some GPO's, for software installs, but none relating
> to the firewall. It is disabled in the Ghost image we load on
> the machines and since the users do not have Admin rights, they
> cannot change the firewall settings. That said, I did run the
> RSOP as you suggested and it turned up noting that would be
> overriding the firewall setting.
>
> I am beginning to think I will have to re-ghost this users
> machine.

That would certainly save you time.
It's actually the only "client troubleshooting" that's done at my
company. Blow the client away and start afresh. Takes less than
half an hour.
Of course, if you get the same problem over and over again, it's
time to find the real cause.
_________________________________________________________
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
TS troubleshooting: http://ts.veranoest.net
*----------- Please reply in newsgroup -------------*
 
Back
Top