D
DelJo63
[solved] SP3 install impacts Fast User Switching
After some searching, there were comments on Remote Desktop
The above shows RDP (actually TermService) is active so it's not a service issue.
Yet TermService failed??? hmm; I run a tight firewall config (Sunbird PF4 ~ like Comodo) and I began to wonder ... what if the default deny rule was stopping the connection?
I added a rule like
Attempting secondary user login now
eventvwr shows
event id 50 TermDD rdp x.224
=====
There have been 3 basic causes for your error:
1. Encryption levels defined on the RDP-TCP connection (or ICA, if appropriate), are set too high for the client to successfully negotiate.
For example, a client set to Low encryption would be unable to connect to a server with High (or now, FIPS compliant) encryption levels defined.
Additionally, XP and XP SP1 clients are currently unable to connect at all if "FIPS compliant" encryption level is set (article in progress on this issue).
To check this, open Terminal Services Configuration (tscc.msc) on the Terminal Server,
select the RDP-Tcp connection, select properties, and view the Encryption settings on the General tab.
Verify that this is set to Client Compatible, or low, and retest the connection (if needed).
2. Another frequent cause of these problems stems from issues with some registry values in the TermService\Parameters registry key.
To this end, could you export the following key: HKLM\System\CurrentControlSet\Services\TermServices\Parameters
After doing this, delete the Certificate, X509 Certificate, and X509 Certificate ID values, and restart the Terminal Server.
These values should be regenerated on reboot (but keep the Exported values just in case).
The X509 Certificate and X509 Certificate ID values have also been known to cause this problem, so delete them as well.
In 9 out of 10 cases this resolves the issue.
3. The third possibility is that some software you are installing is overwriting some of the files needed for the protocol stream.
Schannel.dll, rsaenh.dll, and several others are involved in this process.
=====
(2) fixed all Event Viewer issues
But I still have attempting secondary user login now
After some searching, there were comments on Remote Desktop
$ netstat -a -o | egrep 3389
TCP ltbeard:3389 0.0.0.0:0 LISTENING 1324
3389 is the RDP port number and
1324 is the PID of the process using it
$ tasklist /svc | egrep 1324
svchost.exe 1324 DcomLaunch, TermService
(that egrep is a linux or cygwin tool; windows users will just have to eyeball or redirect to a file and view the results with notepad)TCP ltbeard:3389 0.0.0.0:0 LISTENING 1324
3389 is the RDP port number and
1324 is the PID of the process using it
$ tasklist /svc | egrep 1324
svchost.exe 1324 DcomLaunch, TermService
The above shows RDP (actually TermService) is active so it's not a service issue.
Yet TermService failed??? hmm; I run a tight firewall config (Sunbird PF4 ~ like Comodo) and I began to wonder ... what if the default deny rule was stopping the connection?
I added a rule like
Code:
allow in/out tcp (localLanIp) port 3389Attempting secondary user login now
- loads the user settings
- chimes
- shows the users configured wallpaper
[*]but fails to show desktop icons or
[*]to launch the Explorer
eventvwr shows
Event Type: Error
Event Source: TermDD
Event Category: None
Event ID: 50
Date: 3/9/2010
Time: 9:34:32 AM
User: N/A
Computer: LTBEARD
Description:
The RDP protocol component X.224 detected an error in the protocol stream and has disconnected the client.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 0a 00 02 00 58 00 ......X.
0008: 00 00 00 00 32 00 0a c0 ....2..À
0010: 00 00 00 00 32 00 0a c0 ....2..À
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
0028: 0b 00 00 00 75 73 65 72 ....user
0030: 0d 0a ..
Event Source: TermDD
Event Category: None
Event ID: 50
Date: 3/9/2010
Time: 9:34:32 AM
User: N/A
Computer: LTBEARD
Description:
The RDP protocol component X.224 detected an error in the protocol stream and has disconnected the client.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 0a 00 02 00 58 00 ......X.
0008: 00 00 00 00 32 00 0a c0 ....2..À
0010: 00 00 00 00 32 00 0a c0 ....2..À
0018: 00 00 00 00 00 00 00 00 ........
0020: 00 00 00 00 00 00 00 00 ........
0028: 0b 00 00 00 75 73 65 72 ....user
0030: 0d 0a ..
event id 50 TermDD rdp x.224
=====
There have been 3 basic causes for your error:
1. Encryption levels defined on the RDP-TCP connection (or ICA, if appropriate), are set too high for the client to successfully negotiate.
For example, a client set to Low encryption would be unable to connect to a server with High (or now, FIPS compliant) encryption levels defined.
Additionally, XP and XP SP1 clients are currently unable to connect at all if "FIPS compliant" encryption level is set (article in progress on this issue).
To check this, open Terminal Services Configuration (tscc.msc) on the Terminal Server,
select the RDP-Tcp connection, select properties, and view the Encryption settings on the General tab.
Verify that this is set to Client Compatible, or low, and retest the connection (if needed).
2. Another frequent cause of these problems stems from issues with some registry values in the TermService\Parameters registry key.
To this end, could you export the following key: HKLM\System\CurrentControlSet\Services\TermServices\Parameters
After doing this, delete the Certificate, X509 Certificate, and X509 Certificate ID values, and restart the Terminal Server.
These values should be regenerated on reboot (but keep the Exported values just in case).
The X509 Certificate and X509 Certificate ID values have also been known to cause this problem, so delete them as well.
In 9 out of 10 cases this resolves the issue.
3. The third possibility is that some software you are installing is overwriting some of the files needed for the protocol stream.
Schannel.dll, rsaenh.dll, and several others are involved in this process.
=====
(2) fixed all Event Viewer issues
But I still have attempting secondary user login now
- loads the user settings
- chimes
- shows the users configured wallpaper
[*]but fails to show desktop icons or
[*]to launch the Explorer
