none
Outbound RDP Not Working After Intune Enrollment RRS feed

  • Question

  • After enrolling a couple of computers in Intune as a pilot for our environment, I find that I'm unable to connect to any RDP sessions with any machines on the network, including other Intune-enrolled devices. The error message given is as though the remote computer is not turned on or accessible to the network. However, they are on the same subnet with the same DNS servers, and are pingable from the enrolled devices. Windows Firewall settings are in place to allow RDP access in and out of the respective devices, and other remote access apps, such as Chrome Remote Desktop, are not blocked from access either in or out of the enrolled devices.

    Other troubleshooting steps taken:

    Logged in to non-enrolled PCs and tested RDP to other non-enrolled devices successfully.

    Attempted RDP between two devices with Ownership set to "Corporate" unsuccessfully.

    Attempted RDP between two devices with different Ownership states unsuccessfully.

    Basically now I'm working on scouring the Event Viewer to see if I can find anything strange happening, but without further direction I'm probably jumping at shadows. Any insight would be welcome.

    Friday, July 12, 2019 7:36 PM

All replies

  • hi
    1 can you enter winver in command prompt on win10 computer and look the os version and os version number ?[for example windows 10  enterprise 1809 (os build 17763.316)]
    2 after 2 computers were enrolled into intune, you can not remote access from one computer in intune to another computer in intune
    3 can you compare which difference between non-enroll computer and problematical computer ?
    (remote service,DNS setting, firewall setting ,NLA )

    4 is there any log about your issue ?
     

    client win10

    event viewer\windows logs\

    application

    security

    system

    Event Viewer – Applications and Services Logs -Microsoft-Windows-RemoteDesktopServices-SessionServices_Operational

    Event Viewer – Applications and Services Logs -Microsoft-Windows-RemoteApp and Desktop Connections_Admin

    Event Viewer – Applications and Services Logs -RemoteApp and Desktop Connections_Operational

    Event Viewer – Applications and Services Logs -Microsoft-Windows-RemoteDesktopServices-RdpCoreTS_Admin

    Event Viewer – Applications and Services Logs -Microsoft-Windows-RemoteDesktopServices-RdpCoreTS_Operational

    Event Viewer – Applications and Services Logs -Microsoft-Windows-TerminalServices-*******

    Event Viewer – Applications and Services Logs – Microsoft – Windows-remoteapp and desktop connection management




    Best Regards
    Andy YOU
    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, July 15, 2019 3:07 PM
  • 1. This problem affects every computer on which it is tested. Versions 10.0.18362.239, 10.0.17763.379, and 10.0.17134.829.

    2. and B are enrolled PCs. C and D are non-enrolled PCs and servers. I can only make connections between C & D. I cannot make any connections between A & B themselves, or from A & B to any other system on our network.

    3. All settings that I can see between the two computers are identical. Most of these settings are controlled by Group Policy and the affected PCs are in the same container and governed by the same policies. 

    4.  

    RemoteDesktopServices-SessionServices_Operational - Empty Log

    RemoteApp and Desktop Connections_Admin  - Empty Log

    RemoteApp and Desktop Connections_Operational - Empty Log

    RemoteDesktopServices-RdpCoreTS_Admin - Empty Log

    RemoteDesktopServices-RdpCoreTS_Operational - Logged attempts to connect. "The disconnect reason is 14."

    TerminalServices-RemoteConnectionManager_Operational - Includes one log entry per attempt that says "Listener RDP-Tcp received a connection" and nothing else, no other entries.

    No other entries of any note in all of TerminalServices-******

    Windows-remoteapp and desktop connection management - No Log Exists

    Tuesday, July 16, 2019 7:01 PM
  • HI
    can you enter winver in command prompt on intune enrolled win10 computer and look the os version and os version number ?[for example windows 10  enterprise 1809 (os build 17763.316)]


    6 there is a thread for disconnect reason 14
    Logged attempts to connect. "The disconnect reason is 14."
    https://social.technet.microsoft.com/Forums/en-US/9a763b45-827e-47f0-bf50-cd25db96ce30/could-not-connect-to-windows-10-anniversary-from-mac-rdp-client?forum=winRDc

    7 "
    All settings that I can see between the two computers are identical. Most of these settings are controlled by Group Policy and the affected PCs are in the same container and governed by the same policies. ""I cannot make any connections between A & B themselves"
    can you also post your issue in intune forum
    https://social.technet.microsoft.com/Forums/en-US/home?forum=microsoftintuneprod

    Best Regards
    Andy YOU
    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.


    Friday, July 19, 2019 9:54 AM
  • 5.  As I answered in number one above, the Intune-enrolled PCs have many versions/builds. The one I pulled those logs from is Windows 10 Pro "Version 1903 (OS Build 18362.239)"

    6. I have tried to remove that file, but I have been prevented from doing so. I get into a "Try Again" loop and cannot remove it. I have tried this in Safe Mode and logged in as a local admin, rather than domain admin, but the behavior is the same.

    Also, the linked article refers to not being able to log into a Windows 10 machine. I am trying to connect from a Windows 10 machine to anything else, anything at all, and nothing is working, even though it works to log into those machines either from other, unenrolled Windows 10 machines, or other programs such as Chrome Remote Desktop.

    7. Okay, posted there.

    Friday, July 19, 2019 3:24 PM
  • HI
    8 A  and B are enrolled PCs.
    can you computer A telnet computer B using 3389 port ?
    Using Telnet to Test Port 3389 Functionality
    https://support.microsoft.com/en-ca/help/187628/using-telnet-to-test-port-3389-functionality


    Best Regards
    Andy YOU
    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, July 22, 2019 12:19 PM