Unable to connect using Remote Desktop

Question

We have one user in the office whose computer cannot be connected to via Remote Desktop Connection. All other users' workstations can be connected to without problem. RDC worked fine for this user until about 2 weeks ago, then he simply couldn't connect. Attempts to do so give the message, "Remote Desktop can't connect to the remote computer for one of these reasons ...". We have tried from both within the Domain LAN, and from outside the office.

This sort of thing has occurred in the past, but that's typically been after doing an image restore from a previous day. After a few days, Remote Desktop Connection is back working on that restored workstation. I assume that has something to do with restoring an expired kerberos ticket or such-like and the connection starts working again when the tickets are renewed and sync'd on both the workstation and domain controller.

This case is different. I've waited several days, over a week in fact, and still cannot RDC connect to this workstation. Remote Desktop settings have "Some settings are managed by your organization" for this and all permitted workstations. Remote Desktop is enabled and "Make my PC discoverable on private and domain networks" is checked. Permitted accounts are set to "Remote Desktop Domain Users". The GPO on 'Enable Remote Desktop' has the security filter set to 'Authenticated Users'. In ADUC domain > Groups > Security > Remote Desktop Users, this user is listed as a member. The ADUC > Computers, settings for this workstation appears to be the same as for all other workstations.

Does anyone have any idea why this user's workstation can no longer be connected to? It is only this user's workstations. This user, and all other domain users, can connect to any other workstations. And, I repeat, this problem just started happening about two weeks ago. This is not an administrative user, so unlikely he installed anything untoward on his workstation.

Answer 1

I solved the problem, but to give some feedback on DSPatrick's suggested link: fDenyTSCconnections in the Registry was set to 1. I changed that to 0, but that didn't help. All other settings in GPO and firewall were OK.

The problem was with Norton 360. When I logged on as the machine administrator I got and error message from Norton saying that it had failed to properly install. This notice did not appear when the user logged on. It had attempted to install on October 14, two weeks before the user reported any RDC problem. I uninstalled Norton and voila! Remote Desktop is back in action. I enabled the Defender firewall and anti-virus, and I might re-install Norton ... later.

Thanks for your help

Answer 2

Might take a run through these items.
https://www.thewindowsclub.com/remote-desktop-cant-connect-to-the-remote-computer-in-windows-10

--please don't forget to upvote and Accept as answer if the reply is helpful--

Answer 3

Hi

Did you tried to connect via the IP ? DNS zone can be set to salvage older record, or something happened there.

After that try with an admin account to log.

If nothing work check the event log from the computer, if no error or nothing is seen make sure no firewall block the connection before the computer see it

Thanks

Answer 4

I tried connecting via IP as yagmoth555 suggested. Still no connection. Windows computers cannot see this computer (File Explorer > Network), but Linux computers can resolve by host name (host jim), which would be a DNS thing, but they cannot ping it. Nor does 'telnet jim 3389' work.

The other suggestions in the link given by DSPatrick will have to wait a few days until I can physically get in front of that computer. I am at a remote location.