locked
WS2008R2SP1 Domain Controller Security Compliance Template Issue RRS feed

  • Question

  • I am working on a new Domain Controller Security Policy and just tested in my engineering domain SCM template “Domain Controller Security Compliance 1.1”  Few second after I import and link that GPO to Domain Controllers OU I loose RDP connection to all DCs.  I checked all the security Firewall settings, RDP settings and authentication settings and cannot figure out what setting is causing it.  As soon I disable the link I can remote via RDP to my DCs.  I noticed in the event log that event below after linking the GPO.  Any idea or clue what setting that is?

     Log Name:      System

    Source:        TermDD

    Date:          4/12/2013 1:17:05 PM

    Event ID:      56

    Task Category: None

    Level:         Error

    Keywords:      Classic

    User:          N/A

    Computer:      DCNAME

    Description:

    The Terminal Server security layer detected an error in the protocol stream and has disconnected the client. Client IP: address.

    Event Xml:

    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">

      <System>

        <Provider Name="TermDD" />

        <EventID Qualifiers="49162">56</EventID>

        <Level>2</Level>

        <Task>0</Task>

        <Keywords>0x80000000000000</Keywords>

        <TimeCreated SystemTime="2013-04-12T17:17:05.334018800Z" />

        <EventRecordID>7509</EventRecordID>

        <Channel>System</Channel>

        <Computer> </Computer>

        <Security />

      </System>

      <EventData>

        <Data>\Device\Termdd</Data>

        <Data></Data>

        <Binary>0000040002002C000000000038000AC00000000038000AC00000000000000000000000000000000006000AD0</Binary>

      </EventData>

    </Event>


    -Nomad

    Friday, April 12, 2013 8:06 PM