Tuesday, August 23, 2016

RDP-TCP recreation on Windows 2012/R2

Good day All,

Welcome back!!!

Recently on a Windows 2012 R2 domain controller unable to RDP. We tried almost everything and eventually rebooted it still we had the same issue unable to RDP Server and using the  KVM we able to see everything was healthy.
So decided that we should try deleting RDP-TCP connection and see if this helps.
Well i remember in old Windows 2008 days you go into Remote desktop Session Host configuration (tsconfig.msc) and delete it and recreate it .. simple right well that is gone in Windows 2012,R2 .. as MS moved to a improved version of RDSH they incorporated all this to GPO Settings

Windows 2008:













Windows 2012:



















After searching for a while there is absolutely no way we could recreate the RDP-TCP using gui so came across this excellent article which talks about how to re-create it by deleting and recreating the registry Key and it worked like a charm and we able to RDP back.

Note: If any one would like to thank , then follow the link and convey it, i take no credit for this one.

Recreate the default RDP Listener

How to recreate the RDP listener.
  1. Export the following registry key:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp
  2. Delete the following registry key:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp
  3. Copy and paste the below text into notepad, and save the file as RDP-Tcp.reg. Additionally, if the operating system is 2012 R2, another file will be required with the contents of the second box.

    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp]
    "fInheritMaxIdleTime"=dword:00000001
    "fPromptForPassword"=dword:00000000
    "fResetBroken"=dword:00000000
    "PdClass"=dword:00000002
    "LoadableProtocol_Object"="{5828227c-20cf-4408-b73f-73ab70b8849f}"
    "UserAuthentication"=dword:00000001
    "fDisableCam"=dword:00000000
    "fInheritAutoLogon"=dword:00000001
    "InteractiveDelay"=dword:00000032
    "Domain"=""
    "fInheritReconnectSame"=dword:00000001
    "SelectTransport"=dword:00000000
    "MinEncryptionLevel"=dword:00000002
    "fInheritShadow"=dword:00000001
    "WFProfilePath"=""
    "fReconnectSame"=dword:00000000
    "PdDLL"="tdtcp"
    "PortNumber"=dword:00000d3d
    "PdFlag1"=dword:00000000
    "WdName"="Microsoft RDP 8.0"
    "fInheritMaxSessionTime"=dword:00000001
    "WdFlag"=dword:00000036
    "SelectNetworkDetect"=dword:00000000
    "fLogonDisabled"=dword:00000000
    "MaxDisconnectionTime"=dword:00000000
    "Callback"=dword:00000000
    "PdDLL1"="tssecsrv"
    "NWLogonServer"=""
    "MaxIdleTime"=dword:00000000
    "fDisableEncryption"=dword:00000001
    "fInheritCallback"=dword:00000000
    "fDisableCcm"=dword:00000000
    "ColorDepth"=dword:00000003
    "PdName"="tcp"
    "fEnableWinStation"=dword:00000001
    "OutBufLength"=dword:00000212
    "PdFlag"=dword:0000004e
    "CallbackNumber"=""
    "CdClass"=dword:00000000
    "Shadow"=dword:00000001
    "fDisableCdm"=dword:00000000
    "PdName1"="tssecsrv"
    "fInheritSecurity"=dword:00000000
    "CdDLL"=""
    "LanAdapter"=dword:00000000
    "fInheritResetBroken"=dword:00000001
    "CfgDll"="RDPCFGEX.DLL"
    "InitialProgram"=""
    "fDisableClip"=dword:00000000
    "InputBufferLength"=dword:00000800
    "fAllowSecProtocolNegotiation"=dword:00000001
    "fDisableAudioCapture"=dword:00000000
    "Password"=""
    "CdName"=""
    "fDisableLPT"=dword:00000000
    "CdFlag"=dword:00000000
    "PdClass1"=dword:0000000b
    "fAutoClientLpts"=dword:00000001
    "fAutoClientDrives"=dword:00000001
    "fInheritCallbackNumber"=dword:00000001
    "OutBufCount"=dword:00000006
    "fInheritMaxDisconnectionTime"=dword:00000001
    "MaxInstanceCount"=dword:ffffffff
    "KeyboardLayout"=dword:00000000
    "fDisableExe"=dword:00000000
    "AudioEnumeratorDll"="rdpendp.dll"
    "Username"=""
    "KeepAliveTimeout"=dword:00000000
    "fUseDefaultGina"=dword:00000000
    "fHomeDirectoryMapRoot"=dword:00000000
    "fInheritColorDepth"=dword:00000000
    "fForceClientLptDef"=dword:00000001
    "WorkDirectory"=""
    "SecurityLayer"=dword:00000001
    "DrawGdiplusSupportLevel"=dword:00000001
    "WdPrefix"="RDP"
    "fInheritAutoClient"=dword:00000001
    "fDisableCpm"=dword:00000000
    "Comment"=""
    "OutBufDelay"=dword:00000064
    "fInheritInitialProgram"=dword:00000001
    "MaxConnectionTime"=dword:00000000

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\VideoRemotingWindowNames]
    "AGFullScreenWinClass"="*"
    "MacromediaFlashPlayerActiveX"="*"
    "EVRVideoHandler"="*"
    "MicrosoftSilverlight"="*"
    "ShockwaveFlashFullScreen"="*"

    Additional 2012 R2 values:
    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp]
    "UserAuthenticationBackup"=dword:00000000
    "MaxMonitors"=dword:00000004
    "MaxXResolution"=dword:00000a00
    "MaxYResolution"=dword:00000640
  4. Double-click the RDP-Tcp.reg file and click Yes at the prompt.

So later after sometime started to poke around to see if there is any other way rather than deleting and creating the registry setting , well none in Windows 2012.

Well then i went back to Windows 2008 Server opened tsconfig.msc and tried to connect to a Windows 2012 R2 Server and see if it connects and sure enough i was able to connect and it showed the RDP-TCP settings and tried deleting and recreating it and it worked like a charm.

















































































































In Windows 2016 TP4 i don't see any option to delete it from MMC, tested it from Windows 2008, was able to connect and recreate the Listener as well..

Windows 2016 TP4:











                                                                                                                                                               

Let's hope final release of Windows 2016 probably this option comes back which i highly doubt it .
As long as Windows 2008 around it works ,if not we have to work with registry, no much choice :)

Hopefully this helps someone, until next one you all have a great day ahead!!!!!!!!!!!!!!!!!!!!!

2 comments:

  1. Thanks so much for all proper screenshots and explanantion, Looking forward to more runbooks, Thanks again!

    ReplyDelete
  2. Buy RDP at affordable price at http://rdpgo.com
    ✅ Full admin access.
    ✅ Delivery: 24 Hours
    ✅ 24/7 Support
    ✅ Unlimited Bandwidth
    ✅ Payment Options - PayPal, RazorPay, Credit/Debit Card
    ✅ Locations: INDIA, UNITED STATES, SINGAPORE, UNITED KINGDOM, GERMANY, CANADA, AUSTRALIA, JAPAN

    ReplyDelete