4

I have a server with 1and1 and they have given up trying to restore RDP access (not trying at all) and told me to re-image the server. As this is a production machine, I'd like to avoid this since it would involve a slow FTP restoration, and I'm not sure it would actually fix the problem.

The machine was rebooted, lost RDP connection with existing credentials. I managed to get access to the command prompt on the remote server as the adminastrator by following these directions: http://help.1and1.com/servers-c37684/windows-server-c39510/system-recovery-c76208/resolving-a-failed-connection-to-remote-desktop-a627381.html

Now, I've terminated the firewall and the ipsec process. Still no dice. What can I do with CMD.exe to

1) diagnose the situation (is it windows, or a network issue)

2) possibly remedy the loss of RDP connection

Server Details:

  • Windows Server 2012
  • Sites are running (IIS/W3P is fine)
  • Terminal Services is running
  • Firewall disabled
  • Ipsec disabled
  • No network firewall (disabled in hosting control panel for now)
  • Can ping from current location (worked fine before reboot)
  • Not sure about the domain-specific network setup internally...

Update:

Added the registry values to make sure remote connections are enabled: http://expertpandas.com/blog/index.php/enabledisable-rdp-using-command-prompt-for-windows-2012/

Also found this: But I'm not sure how to set the startup policy with CMD... http://www.techrepublic.com/forums/questions/remote-desktop-does-not-connect-after-a-restart/

FlavorScape
  • 791
  • 4
  • 10
  • 20

3 Answers3

8

I would start by checking if RDP is listening:

netstat /p tcp /a | findstr 3389

if you do not see 

TCP    0.0.0.0:3389           hostname:0                LISTENING

there is an issue preventing remote sessions. Take particular look at HKLM\System\CurrentControlSet\Control\Terminal Server\fDenyTSConnections which determines whether RDP is enabled.

# using powershell
if ((Get-ItemProperty "hklm:\System\CurrentControlSet\Control\Terminal Server").fDenyTSConnections -eq 0) { write-host "RDP is Enabled" } else { write-host "RDP is NOT enabled" }

You can also search event logs using the Get-EventLog commandlet:

# using powershell
Get-EventLog application -EntryType Error -After (Get-Date).AddDays(-1)
Get-EventLog system -EntryType Error -After (Get-Date).AddDays(-1)
Mitch
  • 2,363
  • 14
  • 23
  • it is listening on that port. I tried the equivalent in cmd to fDenyTSConnections to 0. I'm wondering how do I pipe powershell to CMD? – FlavorScape Sep 23 '13 at 19:49
  • ah, looks like powershell.exe -Command { code here.. } – FlavorScape Sep 23 '13 at 19:53
  • haha, gonna take a while. I accidentally got my IP blocked by 1and1 terminal host, so I have to fire up an Amazon instance to use a different ip. So I will be RDPing into a Telnet to a CMD prompt to run powershell. oh joy! – FlavorScape Sep 23 '13 at 20:07
  • upvote for helping me confirm where the problem didn't lay, but longneck's suggestion of a VNC alternative is what led to the breakthrough. I was lucky enough to have that serial terminal to install it! – FlavorScape Sep 24 '13 at 00:57
  • awesome annswer. The netstat tip saved me a lot of trouble. May I suggest adding something like "check if the Remote Desktop Services service is running"? Because that was my problem. – user1593842 Apr 17 '20 at 22:50
2

telnet to the rdp port. if you get a connection, it is likely a configuration problem. Try rdp from another machine to the server first. If that fails, 1and1's advice may be your best bet.

There is always the option of running the server headless... but that seems to not be a favor approach by most windows admins. (changing with the introduction of core.)

Daniel Widrick
  • 3,488
  • 2
  • 13
  • 27
2

With command line access you could install another remote control application like TeamViewer.

A better approach would be to install the Windows Remote Server Administration Tools and diagnose the problem that way. These tools give you access to the Event Viewer.

If you decide o give up on this server, get 1and1 to set up a new server for you first. Then you can either attach the old server's virtual hard drive to the new one or copy the files over 1and1's internal network.

longneck
  • 23,082
  • 4
  • 52
  • 86
  • Remote Server Admin tools are an enabled feature, but i'm not sure how to use it with CMD? Also, is there a remote script I can execute to install TeamViewer from command prompt? – FlavorScape Sep 23 '13 at 19:36
  • No, you install RSAT on your computer and that lets you administer servers which have remote administration enabled. – longneck Sep 23 '13 at 19:51
  • I couldn't find a good TeamViewer silent install, however, I did get RealVNC with options /VERYSILENT /NORESTART to work like a charm. Now I'm looking at my desktop. I still need RDP to work though, but it should be way easier to diagnose now. Luckily, I still had FTP access so I did not have to do a cmd->powershell command parameter just to download the installer – FlavorScape Sep 23 '13 at 22:44