Problems with RDP Connections on Windows Server 2008 R2

Recently we came across a nasty issue when remotely connecting to Windows Server 2008 R2 machines via RDP (Remote Desktop Protocol). In this case, these servers were actually Domain Controllers and not full featured terminal servers, but we’ve seen issues with these as well. Failing to use RDP to these servers caused the administrators to have to physically go to the servers and log on locally, or use some other sort of remote management software such as HP iLO. If these are virtual machines, it’s also possible to connect to their console using the virtualization software management suite. Either way, failing to use RDP to manage these servers may cause a significant issue for some.

RDP Connection Problems in Windows Server 2008 R2

The symptoms for the RDP problem include the following:

    1. A user with administrative rights and permissions to RDP into the server(s), who was able to successfully connect to these machines, now reports that they can no longer connect to the machines.

Note: It seems that in some cases, this issue also happens for Windows 7 machines as well.

    1. Once the user opens an MSTSC window and attempts to RDP into the server(s), they are prompted to enter their credentials. They do so, but just before their desktop appears, an error warning appears:“The connection to the remote computer was broken. This may have been caused by a network error. Please try connecting to the remote server again.”The user acknowledges the error message, and then the MSTSC window closes.
    2. Checking the services on the remote server shows that the Remote Desktop Service is in a stopped state.Remote Desktop Service - stopped state
    3. If you restart the Remote Desktop Service, the service runs till the next remote connection attempt. Sometimes, rebooting the server helps for a while.

 

  1. Checking the Event Viewer on the remote server shows these events:Log Name: Application
    Source: Application Error
    Date: 04/06/2012 14:11:38
    Event ID: 1000
    Task Category: (100)
    Level: Error
    Keywords: Classic
    User: N/A
    Computer:
    Description:
    Faulting application name: svchost.exe_TermService, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
    Faulting module name: rdpcorekmts.dll, version: 6.1.7600.16952, time stamp: 0x4f1f9e66
    Exception code: 0xc0000005
    Fault offset: 0x000000000000a793
    Faulting process id: 0x22e8
    Faulting application start time: 0x01cd4242c6fd4162
    Faulting application path: C:\Windows\System32\svchost.exe
    Faulting module path: C:\Windows\system32\rdpcorekmts.dllAnd:Log Name: System
    Source: Service Control Manager
    Date: 04/06/2012 14:12:12
    Event ID: 7011
    Task Category: None
    Level: Error
    Keywords: Classic
    User: N/A
    Computer:
    Description:
    A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TermService service.

    And:

    Log Name: System
    Source: Service Control Manager
    Date: 04/06/2012 14:12:40
    Event ID: 7034
    Task Category: None
    Level: Error
    Keywords: Classic
    User: N/A
    Computer:
    Description:
    The Remote Desktop Services service terminated unexpectedly. It has done this 4 time(s).

    And:

    Log Name: System
    Source: Service Control Manager
    Date: 04/06/2012 14:12:10
    Event ID: 7011
    Task Category: None
    Level: Error
    Keywords: Classic
    User: N/A
    Computer:
    Description:
    A timeout (30000 milliseconds) was reached while waiting for a transaction response from the UmRdpService service.

Solving the RDP Problem on Windows Server 2008 R2

It turns out that the cause for the problem is two important Windows security updates:

  • KB 2621440
  • KB 2667402

These updates were part of MS012-20, and were downloaded to the servers sometime in the second half of March 2012, if their settings were configured so.

The solution to the problem begins by uninstalling both updates. First, we uninstall KB 2667402:

Uninstall KB 2667402

Uninstall KB 2667402-2

Then we reboot the server.

Reboot the server

Next, we uninstall KB 2621440:

Uninstall KB 2621440

Uninstall KB 2621440 - 2

Then we reboot the server again.

Reboot server again

Now, we need to reinstall the updates, but we need to do so in this particular order.

First, install KB 2667402:

Install KB 2667402

Install KB 2667402 - 2

Then reboot the server.

Reboot Server

Next, we install KB 2621440:

Install KB 2621440

Install KB 2621440 - 2

Then reboot the server again.

Final Reboot

Conclusion

This will solve the RDP problem on your Windows Server 2008 R2 machine.