Wednesday, February 27, 2013

RDP connection to Remote Desktop server running Windows Server 2008 R2 may fail with message 'The Local Security Authority cannot be contacted'

Remote Desktop in Windows Server 2008 R2 offers three types of secure connections:

Negotiate: This security method uses TLS 1.0 to authenticate the server if TLS is supported. If TLS is not supported, the server is not authenticated.

RDP Security Layer: This security method uses Remote Desktop Protocol encryption to help secure communications between the client computer and the server. If you select this setting, the server is not authenticated.

SSL: This security method requires TLS 1.0 to authenticate the server. If TLS is not supported, you cannot establish a connection to the server. This method is only available if you select a valid certificate.

To resolve the issue, change the remote desktop security on the RD server to RDP Security Layer to allow a secure connection using Remote Desktop Protocol encryption. Below are the steps:

1. Navigate to Start > Administrative Tools > Remote Desktop Services > Remote Desktop Session Host Configuration.

2. With RD Session Host Configuration selected view under Connections.

3. Right click RDP Listener with connection type Microsoft RDP 6.1 and choose Properties.

4. In general tab of properties dialog box under Security, select RDP Security Layer as the Security Layer.

5. Click OK.

Note: This setting does not need a restart of the Server or Remote Desktop Service.

I Thankyou for your time
Happy to help

Tuesday, February 26, 2013

tsadmin command details

Hi People,

You might have experienced issues, related to “Terminal server connection exceeded “ While trying to access servers, this is related to terminal server connection, which are on those servers.

In this scenario, you simply cannot kill or disconnect the session of next person, as he might be doing or performing some important activity, Below command will give you the details of users who are logged in & also their status disconnected or active

What you need to do is

Click on Start ->Go to Run-> type “tsadmin”

Tsadmin -> Terminal Server Admin Console

This command will open a console, which will have list of servers, including the one from which you are executing this command, so you just need to look for the domain name and right click & say “connect to the server” & enter the IP address or FQDN of the server, for which you need information of users logged on to it.

Now when you have this information & status of that user’s, you can contact them and ask them to release their session & can login to that box, without impacting next person’s task

Hope this helps you; feel free to write your questions on this

I Thank you for your time & happy to help