Target RDP Server not accessible!
Re: Target RDP Server not accessible!
We are having the same issue. It also is causing audit failures for user accounts that were logged on during windows updates. What is the status of this?
-
drdarell@comcast.net
- Posts: 8
- Joined: Mon Apr 02, 2018 8:18 pm
Re: Target RDP Server not accessible!
I'm having the same issues on my Windows 10 machine. I'm not sure if I should be trying what the server folks were doing.
Re: Target RDP Server not accessible!
Hello,
Status of this is as follows :
The Dev Team has investigated the 'an internal error has occurred' error originated from the Windows Update KB4457139.
You will need to configure group policies on your server.
To configure the policies on your terminal server please follow these steps:
open gpedit.msc applet,
navigate to Computer Configuration > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Security.
then enable 'Require use of specific security layer for remote (RDP) connections' and select 'RDP' as Security Layer.
then disable 'Require user authentication for remote connections by using Network Level Authentication policy'.
finally, reboot the terminal server or use this command : gpupdate /force
If it doesn't fix your issue:
update Windows to its most up-to-date version with all latest KB updates installed,
update TSplus to its most up-to-date version,
run 'MSTSC.exe', open the options, then go to the Experience tab and UN-select 'Reconnect if the connection is dropped'.
If one of your customer is still facing Internal Error message, then you might want to check if he has a lot of invalid logon attempts.
We have seen several servers receiving a lot of logon attempts from hackers (several dozen per minutes), and this spams Windows Remote Desktop Service, thus causing the Internal Error message when trying to connect.
Change this GPO on the Windows server: gpedit.msc > Computer Configuration > System > Credential Delegation > Encryption Oracle Remediation > Only Updated Clients > Force Updated Clients
WARNING: with this GPO you will NOT be able to connect if your workstation computer Windows has not been updated, but you will be able to connect using HTML5 client anyway.
The GPO is the official setting by Microsoft to prevent their vulnerability.
Status of this is as follows :
The Dev Team has investigated the 'an internal error has occurred' error originated from the Windows Update KB4457139.
You will need to configure group policies on your server.
To configure the policies on your terminal server please follow these steps:
open gpedit.msc applet,
navigate to Computer Configuration > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Security.
then enable 'Require use of specific security layer for remote (RDP) connections' and select 'RDP' as Security Layer.
then disable 'Require user authentication for remote connections by using Network Level Authentication policy'.
finally, reboot the terminal server or use this command : gpupdate /force
If it doesn't fix your issue:
update Windows to its most up-to-date version with all latest KB updates installed,
update TSplus to its most up-to-date version,
run 'MSTSC.exe', open the options, then go to the Experience tab and UN-select 'Reconnect if the connection is dropped'.
If one of your customer is still facing Internal Error message, then you might want to check if he has a lot of invalid logon attempts.
We have seen several servers receiving a lot of logon attempts from hackers (several dozen per minutes), and this spams Windows Remote Desktop Service, thus causing the Internal Error message when trying to connect.
Change this GPO on the Windows server: gpedit.msc > Computer Configuration > System > Credential Delegation > Encryption Oracle Remediation > Only Updated Clients > Force Updated Clients
WARNING: with this GPO you will NOT be able to connect if your workstation computer Windows has not been updated, but you will be able to connect using HTML5 client anyway.
The GPO is the official setting by Microsoft to prevent their vulnerability.
Olivier
TSplus support team administrator
TSplus support team administrator