8

I have a problem that googling has turned up nothing, except this question on experts exchange which I borrowed most of the text from. :)

When I connect via Remote Desktop to a new Windows 2008 R2 server it takes 20-30s to get past the "Securing Remote Connection" message during the login.

If the password is wrong, it does this every time you attempt a login (ie its not a one time thing). However, after a successful login attempt the following logins to the same server goes faster.

Most servers runs on VMware here, but I don't know if that has anything to do with it.

JohannesH
  • 369
  • 2
  • 5
  • 21
  • I've seen the same issue on our TS's (which are also VMWare) but thankfully we've got such a small userbase on those TS's it hasn't been an issue worth fixing for us – Mark Henderson Apr 23 '10 at 10:44
  • JohannesH, did you ever find a solution that worked. I'm having the same problem. – Caleb_S Jan 17 '12 at 01:16
  • @Caleb_S Sorry but I never really figured out what caused it. Though I'm pretty sure it had to do with the servers not being able to connect to the primary DC. However, one day the problem just stopped and nobody could explain why. We've since closed that domain entirely and restructured our network. So I don't think I'll see that problem again. – JohannesH Mar 05 '12 at 08:21

6 Answers6

4

Do you have access to your local DNS Server? You may have some entries in the local zone for AD servers that no longer exist or have had IP's changed. Last year I removed a DC from the network and it caused a delayed login via RDP.

iainlbc
  • 2,694
  • 19
  • 19
2

I agree that this sounds like a DNS issue on your 2008 R2 server. Verify that the correct DNS servers are entered on the 2008 R2 server's TCP properties. Also, as recommended previously, review your DNS server for invalid entries.. specifically look for invalid entries in the _msdcs, _sites, _tcp, etc containers/subcontainers. You can also attempt a local login to rule out network issues though if you determine the issue is only via RDP you can look into TCP auto tuning settings on the clients.

2

For anyone that searches this, try disabling IPv6 on the Remote Desktop server - we have Server 2008 running as a Remote Desktop server connected to a 2003 domain controller. Disabling IPv6 on the remote desktop server made this go from 20-30 seconds to instant :)

Thomas
  • 21
  • 1
1

I've seen happen on 2008 R2 machines running on ESX 3.5; sometimes the machine's virtual console would freeze (probably a video driver bug) while the system would remain online, and RDP connections would hang like that.

Next time this happens, you should try to connect to the server's console and see if it's working.

Massimo
  • 70,200
  • 57
  • 200
  • 323
  • The console works fine (99.9% of the time)... If its slow its usually due to the default graphics drivers. Thanks for the suggestion. – JohannesH Dec 29 '10 at 04:09
1

If the video driver bug is not the source of this, than it could be an authentication or RDP problem.

  • Does it happen when you log on to the server's console (using the VMware client)?
  • Does it happen if you log on with a local user account instead of a domain one?
Massimo
  • 70,200
  • 57
  • 200
  • 323
  • It seems a local user works much better than the domain user I normally use. Do you have any suggestions how to debug this case? – JohannesH Apr 26 '10 at 11:23
  • Sounds like a domain logon problem. What happens if you log on to the server's console (using VMware client) with a domain user? – Massimo Apr 26 '10 at 12:46
  • Logging into the server with a domain user using the vSphere CLient Console works pretty fast. – JohannesH Apr 26 '10 at 12:53
  • What about a domain user which never logged on to that server? Cached logons can be pretty fast even if a DC is unreachable. Also, do you have any error on the server's System and Application event logs? – Massimo Apr 26 '10 at 13:06
  • It's the same whether or not the user has been on the server before. regarding the event log I only found some errors regarding rdp sharing of printers, so I disabled the printer in the remote desktop options, though it didn't do any better. – JohannesH Apr 28 '10 at 11:47
  • The client you're connecting from... where is it located? In the same network or another? There is a firewall between it and the server? Is it a domain member? – Massimo Apr 28 '10 at 12:23
  • It is a little complicated but the short answer is the server and client are on different networks and domains. Traffic between the networks is routed with no restrictions, and I log in with a user on the server domain (which seems be ok when I log in locally so its probably not the AD). We've tried to capture traffic and it seems the delay is on the server, and is probably a timeout since the delay on the server is exactly 60 seconds each time I try to connect. – JohannesH Apr 28 '10 at 14:33
  • Ok, maybe this is just silly, but... have you tried RDPing to that server from other clients? In the same subnet and/or in the same domain? Anything helps when troubleshooting :-) – Massimo Apr 28 '10 at 15:20
0

I had the same problem after upgrading from SBS2008 to 2010. After migration and removing the 2008 RDP hangs after every action. I had to search for incorrect records in the DNS and found about 5 entries. After cleanup RDP works again.

Hagbard
  • 1