none
Wyse Thin client not connecting to Windows 2008 R2 server RRS feed

  • Question

  • Configuration

    SBS 2011 Server 

    Windows 2008 R2 server with Remote Desktop Services installed, License Manager installed.

    WYSE WT3125SE thin clients with Windows CE 5

    I setup the Windows 2008 with Remote Desktop Services and was able to successfully connect the Thin client.   Then I installed the License Manger and applied my Open license using User Cals.  Was able to login.  Next day I get the following error-"Because of a security error, the client could not connect to the remote computer.  Verify that you are logged onto the network and then try connecting again"    I still can connect fine from other machines even Windows Home Ed.   I remove license server and still was unable to connect.   Built a second Windows 2008 R2 server with RDS on it.  Was able to connect without issue.   Pointed it to the first RDS server license manager and have still been able to connect with the Thin Client.   The thin client can rdp to the SBS server without issue in admin mode, can connect to RDS2 server but not RDS1 with the license manger.    So my issue is with the license and so my question is what is it with the license server running on that server that is keeping thin client from connecting.  I even did a reload of RDS1 and tested connecting throughout the process and it worked up until I applied the license and then it stops. And then if I uninstall the license, rds, remove from domain still not able to connect.  Any help would be appreciated.

    Wednesday, June 27, 2012 12:29 PM

Answers

  • Ok, here's what I had to do and this fixed the issue on all 3 of our servers.

    1. Go to RD Licensing Manager

    2. Right click on your Licensing Server name and select properties.

    3. Change Connection Method to 'Web Browser'

    4. Go back to the Licensing Server and right click on your server.  Select Advanced -> 'Reactivate Server'

    5. Reactive server via the given Wizard + web browser

    6. Delete the following registry keys (they will be reset when you reboot)

               HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM

      • Certificate
      • X509 Certificate
      • X509 Certificate ID
      • X509 Certificate2

    7. Reboot

    After doing the above steps, I was able to log in using RD Mobile.

    • Proposed as answer by EricWy Friday, September 28, 2012 1:04 AM
    • Marked as answer by Aiden_CaoModerator Thursday, February 14, 2013 1:54 AM
    Friday, September 28, 2012 1:02 AM
  • This got me going for now.

    NOTE: Perform the following procedure on each of the terminal servers.

      • Make sure that the terminal server registry has been successfully backed up.
      • Start Registry Editor.
      • Locate and then click the following registry subkey:
        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM
      • On the Registry menu, click Export Registry File.
      • Type exported- Certificate in the File name box, and then click Save.

        NOTE: If you have to restore this registry subkey in the future, double-click the Exported-parameters.reg file that you saved in this step.
      • Right-click each of the following values, click Delete, and then click Yes to confirm the deletion:

        Certificate
        X509 Certificate
        X509 Certificate ID
        X509 Certificate2
      • Quit Registry Editor, and then restart the server.
      • Reactivate the Terminal Services Licensing server by using the Telephone connection method in the Licensing Wizard.

    Wednesday, August 29, 2012 11:07 PM

All replies

  • Hi,

    Thank you for your question.
    I am trying to involve someone familiar with this topic to further look at this issue. There might be some time delay. Appreciate your patience.

    Thank you for your understanding and support.


    Best Regards,
    Aiden


    Aiden Cao

    TechNet Community Support

    Friday, June 29, 2012 6:48 AM
    Moderator
  • Hi,

    Generally, the RDS server blocks the Wyse thin client's connection doesn't due to the RD Licensing component installed. It should cause by other reasons, such as the out of data's firmware on the Wyse thin client.

    So I advise you first of all, please upgrade the Wyse thin client's firmware to the latest version, upgrated the Remote Desktop Connection's edition, and check out whether all the Wyse thin clients are experencing the same issue. If you have other thin clients, please check whether they also are experencing the same error.  

    In addition, please try the suggestions mentioned in these documents:

    http://support.microsoft.com/kb/2477176

    http://support.microsoft.com/kb/329896

    http://support.microsoft.com/kb/555382

    Regards,


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Friday, June 29, 2012 8:26 AM
  • I have reviewed the above I also updated Wyse clients to latest firmware.   Still not able to connect to RDS01.   RDS01 is the one that previously had license server on it which I have moved to my SBS box.    So I have two W2K08R2 servers both pointing to SBS for license-Unable to connect to RSD01 able to connect to RDS02.  I am probably just going to go ahead with RDS02 but still curious why we are unable to connect to RDS01.  Is there additional logging I can turn on RDS01 that will show me why it is not letting the client connect?

    Thanks!

    Friday, June 29, 2012 7:05 PM
  • Hi,

    General speaking, some TS/RDS related event logs will be logged in application and system event logs, in addition, some other detail TS/RDS event logs will be logged under Event Viewer\Applications and Services logs\Microsoft\Windows\TerminalServices-LocalSessionManager, TerminalServices-RemoteConnectionManager.

    As the Best Practice, consider to the performance, we advise you use a stand alone server to hold the RD Licensing role in alarge TS/RDS environment, but we also can install the RD Licensing role on a RDS server in some small TS/RDS environments, both RDS and RD Licensing can work properly.

    Per your issue, I advise you check the network settings on the RDS01 server, such as upgrade the NIC driver, check the NIC settings, check if the nework routers or firewall have blocked the connection.

    In addition, please also check the below settings on the RDS01 server:

    a. Please check whether the Remote Desktop Services is enabled.

    b. Please check whether the Windows Firewall is disabled.

    c. Please check whether the 3389 is occupied by other applications or you have changed the default RDS port 3389 to others.

    d. Please check whether you are using the domain users or the local users for the RDP connection.

    Regards,


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    Monday, July 2, 2012 2:25 AM
  • I have the same problem

    To recap, loaded a new install Windows 2008 R2 64 bit server.  Activated and ran Terminal Server without installing license for 120 days.

    It worked for 120 days.  Any of my WYSE clients could see the server.  No issues there.

    The minute I added the license (TS CAL PER USER) and I have enough TS Cals for every user, every WYSE box (legacy box 3125SE) STOPPED working, as did 1 machine (XP) running Service Pack 2.  None of them could RDP into the same server there were RDPing before the licensing took place.

    I have the server set to use the lowest level security for the RDP connection (just as it was before license installed), and it worked fine.

    I am installing Service Pack 3 on the legacy XP machine, and will be installing a bunch of updates.

    The WYSE machines still don't work. 

    I appreciate your comments and advise to the OP, but quite frankly, I must call "I don't think so" when everything was working FINE and WITHOUT ISSUES until I activated the licensing for the terminal server.  Unfortunately, my client cannot go out and replace 6 WYSE boxes at this time.

    If it worked before the TS licensing was activated, it should continue to work after.

    Let's focus on the solution.  (It has something to do with the licensing). 

    Thanks,

    Drex Dobson

    Thursday, July 5, 2012 7:27 PM
  • So, to update:

    Installing Service Pack 3 on XP machine allowed the XP machine to access the Terminal Server without any issues.

    So the question, to wit, is what aspect of the RDP client protocol is different between SP2 and SP3 that allows the RDP client to connect to the server without an error.

    The second question is "Why would an unlicensed 120-day period allow ALL RDP connections regardless of client type then stop after TS is licensed?"

    My settings are RDP: Allow connections from computers running any version of Remote Desktop (less secure),  LOW security,

    Thursday, July 5, 2012 7:49 PM
  • I'm having the same issue, I am wondering if it has to do with User rather the Device Cals.
    Thursday, July 5, 2012 11:25 PM
  • in addition, my vpn box used (sonicwall) uses RDP5 to connect to server through a browser based option; now that doesn't work.

    i followed all the recommendations above, and everything checks out.  there has to be a way to lower the RDP client type needed to access the TServer on a secure local network.

    Please advise.

    Thanks

    Friday, July 6, 2012 1:06 PM
  • I ended up moving my licensing to another server and pointed my RDS server to it and my Wyse clients are running just fine.   So it looks like when the license server was the the RDS server it didn't work.    I had to reload the RDS server when making the change.   But it still doesn't make sense.
    Wednesday, July 11, 2012 8:03 PM
  • Same issue here.

    After adding the licenseserver the clients can't connect anymore. :-(

    The solutions mentioned here are not working, now trying to downgrade Windows. We can't replace the 80 industrial Terminals because of licensing issues ...

    @Joel Kauffman: Your current, working license server, which OS is this? R2? Or 2008 SP2?


    Monday, August 6, 2012 7:38 AM
  • Same issue here. R2 worked without a problem until we activated licensing and added CALs (on a dedicated R2 domain controller, not the TS). Most but not all Windows clients that had connected before cannot now connect. On Macs that had previously connected, RDP can't connect but Cord can. Have wiped out the licenses and they don't re-create. Been through all the steps in kb/2477176, still no good. Many days of lost productivity just because we paid for licenses...
    Tuesday, August 7, 2012 1:21 PM
  • Dear Microsoft ,

    We have the same problem on a several sites .

    As soon as we install the licences on windows 2008 R2 the RDP 5 clients stop working .

    We have devices with RDP 5 which are not possible to be upgraded

    We have reproduced the same problem with RDP 5 clinet for windows , while the latest RDP client works fine

    A few sites has Reatil licenes and there works fine, as soon as Open licenses has been  installed the RPD 5 stops working.

    The second thing (not sure if releated) we orderd for the 2 of the sites extra retaile licenses and we replaced the open with it. We found the same problem after the chane.  It is quite urgent for us as we can not deploy any more to new cutomers especially as most customers has been moved to Windows 2008 R2 servers

    All the firewall has been deactivated , all the sugetsed things has been tried. Our assumption is either that there is incompatibility with the protocol. or The key provided is too big to be handled by the RDP5 there was suppose to be supported smaller keys but not sure why is not working

    Has Microsoft tested using RDP licnese server with the latest license against RDP client 5 ?

    Note i tested today and i thought i made it working , but not i  forgot to redicrect in the RDP host condifguration to use the licenses

    Sunday, August 12, 2012 11:59 PM
  • Also having the same issue. 120 Days without license was fine. Activated licensing with CALs on the TS (2008 r2) and now most WYSE terminals can not connect. I'm not seeing anything helpful in the event viewer. My user count is no where near exceeding my CALs. I'm running out of ideas and time. Any updates?

    Monday, August 13, 2012 12:18 PM
  • Apparently I was not the only one nor the OP; however, apparently this is not an issue for MS as no one has posted anything but us.

    Any ideas on how to get this thread noticed?

    Monday, August 13, 2012 12:28 PM
  • We experience the exact same issue with Windows CE 5.0 build 1400 devices.  As soon as we turn on the licensing server, those devices failed to connect to servers that had been working during the grace period.  They can still connect to other 2008 servers via RDP, just not any running RDS that have the license server configured.  Took out the licensing server so none was specified and still unable to connect.  Microsoft has not been much help, any solutions out there?

    Wednesday, August 15, 2012 4:10 PM
  • This is not the answer, does anyone know where to look, is there an answer to this issue?
     I have built this server twice with the same results when I install licensing before the grace period expires.
     Also it isn't just thin clients it's older RDC and Mac RDC clients as well.
     Is it just a problem with the open licenses, because that is what was installed?
    Thursday, August 16, 2012 3:57 PM
  • I have the same problem. Just after specifying  the server licence. Old thin client ( rdp 5.0, rdp 5.1 rdp 5.2 ...) could not connect to a Windows server 2008 R2.

    Any solution  ?

    Thanks Nicolas 


    Tuesday, August 21, 2012 10:23 AM
  • Same issue here, older RDP clients and Macs just cannot connect to the server in Per User license mode.  I have 3 servers currently affected one of which is running Server 2008 x64.

    Logging a job with Microsoft today.

    Rhys

    Tuesday, August 21, 2012 11:05 PM
  • Solution which worked for me :

    Go to your TS licencing server -> right click on your server

                                                -> properties

                                                -> in connection method switch from automatic connection to web browser

                                                -> right click on your server

                                                -> Advanced -> reactivate the server

                                                -> Follow different steps

    Wednesday, August 22, 2012 3:34 PM
  • I tried Cedric's soluion but it doesn't appear to have worked for me. Web browser connection is slightly more painful than Automatic & doesn't appear to have made any difference. Rhys, did you get anywhere with Microsoft at all?

    Dan Tremeer alwaysON

    Thursday, August 23, 2012 11:53 AM
  • Also I am using Device CALs not user, it seems from what I am reading it has to do with the fact that they are Open Licenses not whether they are user or device.
    Thursday, August 23, 2012 10:44 PM
  • Hi Bill,

    We are using SPLA Licensing so this is no different. In order to keep my customer happy I've had to build them a new RDS Server so have a grace period of 120 days again to ensure that this works. The 3 potential resolutions appear to be

    Change Licensing method to web browser (didn't work for me)

    Put the Licensing Service on an alternative Server

    Upgrade / buy new devices

    SO it's effecting SPLA & Open Licenses... Did you get any response from Microsfot Rhys?


    Dan Tremeer alwaysON

    Friday, August 24, 2012 11:19 AM
  • This got me going for now.

    NOTE: Perform the following procedure on each of the terminal servers.

      • Make sure that the terminal server registry has been successfully backed up.
      • Start Registry Editor.
      • Locate and then click the following registry subkey:
        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM
      • On the Registry menu, click Export Registry File.
      • Type exported- Certificate in the File name box, and then click Save.

        NOTE: If you have to restore this registry subkey in the future, double-click the Exported-parameters.reg file that you saved in this step.
      • Right-click each of the following values, click Delete, and then click Yes to confirm the deletion:

        Certificate
        X509 Certificate
        X509 Certificate ID
        X509 Certificate2
      • Quit Registry Editor, and then restart the server.
      • Reactivate the Terminal Services Licensing server by using the Telephone connection method in the Licensing Wizard.

    Wednesday, August 29, 2012 11:07 PM
  • Have you managed to get a permanent resolution to this. We have the exact same problem with HP t5000 terminals connecting to a 2008 R2 RDP server. The solution above rectifies the issue until we licence it again.
    Thursday, August 30, 2012 8:23 AM
  • I raised a ticket with Microsoft. They say it's due to a non supported client version. RDS Services requires Terminal Services Client or Remote Desktop Client of 6.0 or above. There is an update for old windows operating systems and I'm speaking with the handset support vendor who is in turn speaking with the manufacturer to get an approved RDC/TSC onto the handheld device. Not what I was hoping for but it will hopefully resolve the issue.


    Dan Tremeer alwaysON

    • Proposed as answer by DanTremeer Thursday, August 30, 2012 8:36 AM
    Thursday, August 30, 2012 8:31 AM
  • I have similar problem with RDS on handheld with Windows mobile or windows CE (cetsc.exe) "Because of a security error, the client could not connect to the Terminal server". FYI Other  (wyse or win7 station) rdp client are ok to use this TSE server.

    To see where/when problem occur, I'have made on fresh machine a step by step configuration & try each time to connect with Wm 6.1 or CE 5.0 RDP client. The result is: as soon as I enable on the 2008 RDS server to connect to a specified TSE licence server to use user CAL, the mobile device fail to connect with error "Because of a security error, the client could not connect to the Terminal server". This should confirm i have read on other post about cals on 2008R2 (this the same on 2008 server) :"contact with MS we found this behavior is by design and comes from the new RDS 2008R2 CALs The new CALs have a 2048 length certificate and there for no client earlier than version 6 can handle these"

    But by my side, this occur only if the RDS server is not the RDS licence server. If WM clients connect with RDP on the 2008 RDS licence server with RDP services activated: they could log-in, and the CAL user is well reserved for the logged user... So are we sure that is it a limitation of new CAL user lenght or a bug when RDS server request to an other RDS licence server ??

    Thursday, August 30, 2012 4:19 PM
  • I have similar problem with RDS on handheld with Windows mobile or windows CE (cetsc.exe) "Because of a security error, the client could not connect to the Terminal server". FYI Other  (wyse or win7 station) rdp client are ok to use this TSE server.

    To see where/when problem occur, I'have made on fresh machine a step by step configuration & try each time to connect with Wm 6.1 or CE 5.0 RDP client. The result is: as soon as I enable on the 2008 RDS server to connect to a specified TSE licence server to use user CAL, the mobile device fail to connect with error "Because of a security error, the client could not connect to the Terminal server". This should confirm i have read on other post about cals on 2008R2 (this the same on 2008 server) :"contact with MS we found this behavior is by design and comes from the new RDS 2008R2 CALs The new CALs have a 2048 length certificate and there for no client earlier than version 6 can handle these"

    But by my side, this occur only if the RDS server is not the RDS licence server. If WM clients connect with RDP on the 2008 RDS licence server with RDP services activated: they could log-in, and the CAL user is well reserved for the logged user... So are we sure that is it a limitation of new CAL user lenght or a bug when RDS server request to an other RDS licence server ??

    We have got exact the same issue, anyone a solution ? Are there a Windows Mobile RDP Client which is using Version 6?

    Friday, August 31, 2012 12:13 PM
  • Same issue with an Intermac Handheld running Windows Mobile 6.1.  Could connect prior to installing Cals.  Now can't.  Error is "Because of a security error, the client could not connect to the remote computer.  Verify that you are logged on to the network and then try connecting again."  Win XP and Win 7 can connect to RDP server just not handheld.  The license manager is installed on the RDP Host.  

    Please advise.


    • Edited by ChesekA Thursday, September 6, 2012 12:37 AM
    Thursday, September 6, 2012 12:36 AM
  • Has anybody made progress with this issue?  Similarly to ChesekA, we have Intermec Windows Mobile devices that cannot connect via Remote Desktop after the license has been installed.  This actually happened at two different customer locations.  One customer has a per device CAL and the other a per User CAL. 
    Thursday, September 13, 2012 8:18 PM
  • I raised a ticket with Microsoft. They say it's due to a non supported client version. RDS Services requires Terminal Services Client or Remote Desktop Client of 6.0 or above. There is an update for old windows operating systems and I'm speaking with the handset support vendor who is in turn speaking with the manufacturer to get an approved RDC/TSC onto the handheld device. Not what I was hoping for but it will hopefully resolve the issue.


    Dan Tremeer alwaysON


    @DanTremeer = Do you have an update on this issue?  Was Microsoft able to assist you?
    Tuesday, September 18, 2012 6:59 PM
  • Hi all,

    I've try to add Subkey (find on another post) :

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM

    DWORD: Use512LenPropCert

    On both RDS server and RDS licence Server without succes.

    I've tested on Intermec CK3 WM6.1 & Motorola MC9190 with windows mobile 6.5 (vendor says that this version as an updated version of RDS client...) and the result is the same: As soon as handcomputer connect to RDS server who is not the licence server "Because of a security error, the client could not connect to the Terminal server".

    Today By my side, the only way to get handcompter to work with 2008 tse open usercal, is to have RDS licenceserver and RDS service on the same 2008 server.


    • Edited by Julien69200 Wednesday, September 19, 2012 10:13 AM
    Wednesday, September 19, 2012 10:09 AM
  • Hi all,

    I've try to add Subkey (find on another post) :

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM

    DWORD: Use512LenPropCert

    On both RDS server and RDS licence Server without succes.

    I've tested on Intermec CK3 WM6.1 & Motorola MC9190 with windows mobile 6.5 (vendor says that this version as an updated version of RDS client...) and the result is the same: As soon as handcomputer connect to RDS server who is not the licence server "Because of a security error, the client could not connect to the Terminal server".

    Today By my side, the only way to get handcompter to work with 2008 tse open usercal, is to have RDS licenceserver and RDS service on the same 2008 server.


    Running 2008 R2.  With RDS License Manager and RDS service on same server no joy.  I could live with that solution as then the handheld would function.  Are you running R2 or vanilla 2008?

    Wednesday, September 19, 2012 4:46 PM
  • Hi all,

    Ok, I might be onto something here.  We have 3 customers/servers with the same issue and many that don't have the issue.  The common thing between the problematic ones are that the Server 2008 machine is not on a Domain.  All of the problematic servers have an error in the event log as shown below:

    "The Remote Desktop license server could not be registered as a service connection point in Active Directory Domain Services (AD DS). Ensure that there is network connectivity between the license server and AD DS. To register the license server as a service connection point in AD DS, use Review Configuration in the RD Licensing Manager tool."

    We were able to replicate this on a test server in our office not joined to a domain.

    One of our customers was able to get this to work by installing the license on a different machine on their domain and then point the RDP server's licensing to that machine (even though the RDP server isn't on the domain).

    Microsoft also told me it was due to an old version of Remote Desktop Mobile.  Well, I get the same error with a handheld running, Win CE 5.0, Win Mobile 6.1, AND Win Mobile 6.5 so they aren't correct.  I also tried the registry item as stated above and deleting the potential 'corrupt' registry items but it did nothing.  Uninstalled Remote services, deleted registry items, reinstalled, and got the same error.

    If you don't have 2 servers, maybe you can try installing AD DS to resolve it?  I'm still trying to resolve the two other customers but if anybody can use this information to solve their problem, please let us all know so we can get to the bottom of this.

    Wednesday, September 19, 2012 7:45 PM
  • Running 2008 R2.  With RDS License Manager and RDS service on same server no joy.  I could live with that solution as then the handheld would function.  Are you running R2 or vanilla 2008?

    Hi,

    For me it is Windows 2008 Sp2 datacenter edition, all of them are members of domain. One remark is when issue occur (when connceting the RDS server without licence services)  i've nothing in the event logs.

    Wednesday, September 26, 2012 1:18 PM
  • Ok, here's what I had to do and this fixed the issue on all 3 of our servers.

    1. Go to RD Licensing Manager

    2. Right click on your Licensing Server name and select properties.

    3. Change Connection Method to 'Web Browser'

    4. Go back to the Licensing Server and right click on your server.  Select Advanced -> 'Reactivate Server'

    5. Reactive server via the given Wizard + web browser

    6. Delete the following registry keys (they will be reset when you reboot)

               HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM

      • Certificate
      • X509 Certificate
      • X509 Certificate ID
      • X509 Certificate2

    7. Reboot

    After doing the above steps, I was able to log in using RD Mobile.

    • Proposed as answer by EricWy Friday, September 28, 2012 1:04 AM
    • Marked as answer by Aiden_CaoModerator Thursday, February 14, 2013 1:54 AM
    Friday, September 28, 2012 1:02 AM
  • Hi all

    we have the same issue.

    I solved the problem by connectigt the new remote desktop server instead of his own license server to another license serve we have running since 2010 in another location.

    What i've noticed is :

    - If you connect the Remote Desktop Server to the "not working" license server it start not responding to the old RDP client but if you change the License server to a working one it does not start working...you have to reinstall from scratch (i've used Hyper-V Snapshot feature to go back in the past) the server fith RDP, the connect to the "working" license server

    - I don't think is a question of having license and remote desktop server on different servers

    - I think the problem is certainly about license server

    - I suppose that the new issued licenses or the brand new license server (The one that for me does not work come from a Win2008R2SP1 HP CD) are programmed to "cut out" the oldest RDP Client.

    The worst is that i've found no documentation about anything about new RDP usage !

    i've lost two nights of sleep troubleshooting this issue for a production server starting tomorrow !! DAMN Microsoft please give us an official reply !!

    Bye All

    Friday, September 28, 2012 7:51 AM
  • The official word from Microsoft is 2008R2 RDS does not support clients below 6.0. Microsoft support did not offer any further assistance other than to go to the thin client vendor.

    It sounds like from Alessandro's message that using a 2008 server as the licensing server means the additional security check has not required and clients below version 6.0 can access the server. Alessandro, can you confirm the Licensing Server you have used is based on Windows 2008 or 2003 (not 2008r2). Thanks in advance!


    Dan Tremeer alwaysON


    • Edited by DanTremeer Friday, September 28, 2012 9:54 AM
    Friday, September 28, 2012 9:53 AM
  • Dear Dan,

    thanks for reporting official word from Microsoft...I'm a lucky man because i have ten windows CE barcode Reader that are working well since 2005 when we had an old windows 2003 server then in 2010 with switch all the infrastructure on a brand new Windows 2008 R2 servers infrastructure...we had no problem then and now. In the meanwhile the server was updated to SP1 and everything is working good.

    So for now we have 1 license server installed on the main office on a Windows 2008R2 SP1 server (patched to SP1 after the installation) that is working and a second license server installed from a HP CD Windows 2008R2SP1 that won't work with oldest device.

    So what i'm thinking is that if I install from a SP1 CD i don't have below compatibility if I upgrade the below compatibility is mantained.

    The bad news is that if I connect a working Remote desktop server to the "wrong" License server it start not working and i cannot revert this situation even if I disconnect from the license server and connetc to another or even if i remove and reinstall the Remote Desktop Role.

    It seems that the access to the "wrong" License Server changes some configuration on the terminal server and his behavior.

    I wrote this after 24 hour no sleeping...please forgive my english :(

    Regards everybody

    Friday, September 28, 2012 1:27 PM
  • Ok, here's what I had to do and this fixed the issue on all 3 of our servers.

    1. Go to RD Licensing Manager

    2. Right click on your Licensing Server name and select properties.

    3. Change Connection Method to 'Web Browser'

    4. Go back to the Licensing Server and right click on your server.  Select Advanced -> 'Reactivate Server'

    5. Reactive server via the given Wizard + web browser

    6. Delete the following registry keys (they will be reset when you reboot)

               HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM

      • Certificate
      • X509 Certificate
      • X509 Certificate ID
      • X509 Certificate2

    7. Reboot

    After doing the above steps, I was able to log in using RD Mobile.

    I used EricWy solution above and it worked.  I'm running Server 2008 R2 with the license server installed on the RDP host.  

    I'm wondering what happens when we add more licenses to the server but I guess I'll cross that bridge when I get there.  It would be nice if Microsoft would have participated in researching the solution to their problem.  Thanks Eric.

    • Proposed as answer by ChesekA Friday, September 28, 2012 3:28 PM
    • Unproposed as answer by ChesekA Friday, September 28, 2012 3:28 PM
    Friday, September 28, 2012 3:27 PM
  • Ok, here's what I had to do and this fixed the issue on all 3 of our servers.

    1. Go to RD Licensing Manager

    2. Right click on your Licensing Server name and select properties.

    3. Change Connection Method to 'Web Browser'

    4. Go back to the Licensing Server and right click on your server.  Select Advanced -> 'Reactivate Server'

    5. Reactive server via the given Wizard + web browser

    6. Delete the following registry keys (they will be reset when you reboot)

               HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM

      • Certificate
      • X509 Certificate
      • X509 Certificate ID
      • X509 Certificate2

    7. Reboot

    After doing the above steps, I was able to log in using RD Mobile.

    WORKED!!! FINE!!!

    Two days of internet surfing....


    • Edited by Anton177 Friday, September 28, 2012 4:12 PM
    Friday, September 28, 2012 3:55 PM
  • This did the trick. Thanks!
    Monday, October 1, 2012 7:22 AM
  • Ok, here's what I had to do and this fixed the issue on all 3 of our servers.

    1. Go to RD Licensing Manager

    2. Right click on your Licensing Server name and select properties.

    3. Change Connection Method to 'Web Browser'

    4. Go back to the Licensing Server and right click on your server.  Select Advanced -> 'Reactivate Server'

    5. Reactive server via the given Wizard + web browser

    6. Delete the following registry keys (they will be reset when you reboot)

               HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM

      • Certificate
      • X509 Certificate
      • X509 Certificate ID
      • X509 Certificate2

    7. Reboot

    After doing the above steps, I was able to log in using RD Mobile.

    WORKED!!! FINE!!!

    Two days of internet surfing....


    Thanks You for this TIPS !!!!

    Works very good for me !!!!

    config : Windows 2008 R2 SP1 (Terminal server + Terminal server Licencing)

    Client : Motorola MC9190 (Windows Embedded Handheld 6.5 Classic)

    Wednesday, October 17, 2012 8:38 AM
  • To bad it doesnt work for us. Its pretty bad that microsoft doesnt help us out with the new RDS.

    Loads of people work with RD and can not of their new policy logon to the new server.

    I expected a update for this issue. Its a License problem. connections are fine. All new RDP clients can connect.

    But its hard to update a specific hardware with windows CE 5.0. I asked the supplier and the manufactuer. non could help.

    I dont think iam the only one here.

    You spend good money on their new devices and then you dont get any help in the end.

    To bad microsoft will not help us with this.

    This issue makes us trough back to the windows 2003 server instead want to go over to the newer 2008 r2 sp1.

    So manny unwilling parties who want to help with this issue.

    Where is the CAN DO of microsoft instead of CAN NOT!

    As you see in this forum iam not the only one. and ill bet people gave up on this issue.

    Friday, November 2, 2012 11:16 AM
  • Ok, here's what I had to do and this fixed the issue on all 3 of our servers.

    1. Go to RD Licensing Manager

    2. Right click on your Licensing Server name and select properties.

    3. Change Connection Method to 'Web Browser'

    4. Go back to the Licensing Server and right click on your server.  Select Advanced -> 'Reactivate Server'

    5. Reactive server via the given Wizard + web browser

    6. Delete the following registry keys (they will be reset when you reboot)

               HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM

      • Certificate
      • X509 Certificate
      • X509 Certificate ID
      • X509 Certificate2

    7. Reboot

    After doing the above steps, I was able to log in using RD Mobile.

    I followed EricWy's procedure and it worked for me.

    Windows Server 2008 R2 ( Remote Desktop Server + Remote Desktop License Server on the same server)

    Intermec CK3 Handhelds running WM6.1 and Intermec CK31 Handhelds running WM6.0.

    -------------

    Also I think the lack of Microsoft's help on this issue is pretty poor, do they realize that businesses rely on simple things like Remote Desktop?

    I haven't seen any handheld computers/scanners for warehouse environments running anything newer than Windows Mobile 6.5, so even updating our hardware won't give us the required RDM client version to natively work on 2008 R2. 

    Monday, November 5, 2012 3:01 AM
  • Ok, here's what I had to do and this fixed the issue on all 3 of our servers.

    1. Go to RD Licensing Manager

    2. Right click on your Licensing Server name and select properties.

    3. Change Connection Method to 'Web Browser'

    4. Go back to the Licensing Server and right click on your server.  Select Advanced -> 'Reactivate Server'

    5. Reactive server via the given Wizard + web browser

    6. Delete the following registry keys (they will be reset when you reboot)

               HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM

      • Certificate
      • X509 Certificate
      • X509 Certificate ID
      • X509 Certificate2

    7. Reboot

    After doing the above steps, I was able to log in using RD Mobile.

    We have several Windows Server 2008 R2 Remote Desktop Servers, and a Windows Server 2008 R2 License server.

    We did have the problem that Windows XP clients, without Service Pack 3 & Remote Desktop Protocol 7 could not log in. Also a lot of HP Thin Clients which did not support Windows Server 2008 R2 could not connect to our Remote Desktop Servers.

    We first did your 7 steps on our License server, then we did step 6 on each Remote Desktop Server, and we also removed the License Server entry on each Remote Desktop Server in the RD Session Host Configuration. Then added the License Server entry again, then restarted the Remote Desktop Servers.

    Now we can connect with the older clients again.

    Thanks for the tips.

    Wednesday, November 7, 2012 8:24 AM
  • I have tried the above method and it works! for MC9060's and MC9090's....but it only works once. After I disconnect a handheld and try to reconnect it gives the same security error. Any suggestions?
    • Proposed as answer by Jaap van Zijp Thursday, April 11, 2013 3:01 PM
    • Unproposed as answer by Jaap van Zijp Thursday, April 11, 2013 3:01 PM
    Friday, November 9, 2012 3:06 PM
  • YEP!! It worked for our old NT4 Clients (and I hope not only until the next WindowsUpdate ;-) )

    THANKS A LOT!!!

    Monday, November 12, 2012 1:31 PM
  • Ok, here's what I had to do and this fixed the issue on all 3 of our servers.

    1. Go to RD Licensing Manager

    2. Right click on your Licensing Server name and select properties.

    3. Change Connection Method to 'Web Browser'

    4. Go back to the Licensing Server and right click on your server.  Select Advanced -> 'Reactivate Server'

    5. Reactive server via the given Wizard + web browser

    6. Delete the following registry keys (they will be reset when you reboot)

               HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM

      • Certificate
      • X509 Certificate
      • X509 Certificate ID
      • X509 Certificate2

    7. Reboot

    After doing the above steps, I was able to log in using RD Mobile.


    Work for Me,  Just make 1 at 7 steps in Licensing server and 6 and 7 steps in RD servers.
    Tuesday, November 13, 2012 5:32 PM
  • Presuming that it's going to work when I can reboot the server...... update - yes it did fix it - thanks all.

    We have two new 2008r2 boxes both setup as independent licensing and RD servers with new licences, peer to peer network. HP WinCE 5.0 Thin Clients T5210 series. The thin clients happily connect to one server and not the other. They are set up identically as far as I can figure, both new from scratch. Firewalls off still.

    (Problems with Mac clients connecting to both machines resolve with fix found elsewhere - either or both of new RDP client 2.1.2 and a permissions fix.)

    Curiously, since this fix, or perhaps coincidentally, the Mac clients had no problems connecting using RDP client 2.1.1 without any changes.
    • Edited by cheongi Sunday, November 25, 2012 10:05 AM update
    Friday, November 23, 2012 2:26 AM
  • In my case we had problems connecting a Windows 2008 R2 running HyperV  with a Wyse Thin OS C10LE. The solution for us was to disable the NLA. We are working with a FTP-server on which we have a general WNOS.INI file. We added there


    SessionConfig=RDP EnableNLA=no

    You can test it by unchecking the "enable NLA" in de RDP-tab of the connection.


    Tuesday, January 22, 2013 1:01 PM
  • I assume the OS on these thin clients is Dell Wyse ThinOS? If this is the case, it should support NLA. Dell Wyse OS 7.1 supports Remote Desktop Protocol 7.1.

    On the other hand, I see Wyse C10LE can come with Windows XP embedded, which can have Remote Desktop Protocol 5.x. That protocol version does not support NLA. Please check the OS/Firmware from the Thin Clients. 

    Thursday, March 7, 2013 11:25 AM
  • If your thin client has Windows XP Embedded Sp3 or Windows Embedded Standard 2009, you can on your own download the RDC 7.0 for XP and install it.  It should work fine and you can at least have RDP 7.0.  Just don't forgot to add the additional registry keys for NLA.
    Thursday, March 7, 2013 12:06 PM
  • Tried the solution mentioned. It seems to permanently fix this issue we've had when connecting with Motorola MC9090 and Intermec CK3 devices (Windows Mobile 6.1) to and Windows 2008R2 terminal server.
    Thursday, April 11, 2013 3:05 PM
  • THANK YOU!!!

    From Microsoft's troubleshooting, I was looking in HKLM\SYSTEM\CurrentControlSet\Services and found none of these values. Went through the uninstall, deactivation, reactivation and reboots... nothing. Your solution nailed it!

    Thanks again!

    Friday, April 12, 2013 3:03 PM
  • Ok, here's what I had to do and this fixed the issue on all 3 of our servers.

    1. Go to RD Licensing Manager

    2. Right click on your Licensing Server name and select properties.

    3. Change Connection Method to 'Web Browser'

    4. Go back to the Licensing Server and right click on your server.  Select Advanced -> 'Reactivate Server'

    5. Reactive server via the given Wizard + web browser

    6. Delete the following registry keys (they will be reset when you reboot)

               HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM

      • Certificate
      • X509 Certificate
      • X509 Certificate ID
      • X509 Certificate2

    7. Reboot


    This solution solved my problem. Now i can lof from old client without any issue.
    Thursday, June 20, 2013 3:15 PM
  • Ok, here's what I had to do and this fixed the issue on all 3 of our servers.

    1. Go to RD Licensing Manager

    2. Right click on your Licensing Server name and select properties.

    3. Change Connection Method to 'Web Browser'

    4. Go back to the Licensing Server and right click on your server.  Select Advanced -> 'Reactivate Server'

    5. Reactive server via the given Wizard + web browser

    6. Delete the following registry keys (they will be reset when you reboot)

               HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM

      • Certificate
      • X509 Certificate
      • X509 Certificate ID
      • X509 Certificate2

    7. Reboot

    After doing the above steps, I was able to log in using RD Mobile.

    Work just fine.

    Windows Server 2008 R1 sp2, with licence server

    Windows Server 2008 R1 sp2, with TS

    Clients Motorola hand barcode reader Windows 6.5

    • Proposed as answer by Roberto Waquil Tuesday, September 3, 2013 11:58 AM
    • Unproposed as answer by Roberto Waquil Tuesday, September 3, 2013 11:58 AM
    Thursday, July 18, 2013 8:54 AM
  • Dear All. 

    I'm with a big problem to solve that.

    I make the process but when I reboot the machine all the registry keys return and the RDP 5.1 don't connect.

    I have 45 Thin Client Wyse 1125LE.

    Please help me.

    Best regards,

    Roberto


    RW

    Tuesday, September 3, 2013 12:12 PM
  • We had the same problem with older terminals after cloning a 2008R2 rds server and sysprep it.

    The original rds server worked fine but when the old terminals connect to the new 1 they come up with the error : Because of a security error, the client could not connect to the remote computer.  Verify that you are logged onto the network and then try connecting again"

    After reading all of the postings about this issue and tried the reactivate solution of the license server, I was sure that it had something to do with the x509 certificates that are generated the first time you connect to a valid license server.

    What I did, I installed a new license server activate it but did not install licenses on it.

    I pointed the defective rds server to the newly installed license server and deleted the following registry keys:

               HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM

      • Certificate
      • X509 Certificate
      • X509 Certificate ID
      • X509 Certificate2

     

    Then reboot.

     

    After the reboot all old terminals can connect fine again. As final step I pointed the rds server to the same license server as the other ones, reboot and all worked fine.

     

    So conclusion is that when you pont a rds server to a license server that has the new type of licenses on it it will generate the wrong x509 certificates that are not supported by the older clients, by pointing it first to 1 without any rds calls on it, it generates the older x509 certificates which are compatible with the older rdp clients then the switch to new license server will then not regenerate the x509 certs so it keeps working.

     

    I hope this helps someone

     

    This issue was driving me crazy so very happy that it is resolved now

    Cheers Frits

    Monday, September 9, 2013 11:10 AM
  • Ok, here's what I had to do and this fixed the issue on all 3 of our servers.

    1. Go to RD Licensing Manager

    2. Right click on your Licensing Server name and select properties.

    3. Change Connection Method to 'Web Browser'

    4. Go back to the Licensing Server and right click on your server.  Select Advanced -> 'Reactivate Server'

    5. Reactive server via the given Wizard + web browser

    6. Delete the following registry keys (they will be reset when you reboot)

               HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM

      • Certificate
      • X509 Certificate
      • X509 Certificate ID
      • X509 Certificate2

    7. Reboot

    After doing the above steps, I was able to log in using RD Mobile.

    I am replying to let everyone know that this worked for me using Windows 2012 RDS with HP Compaq T5510 terminals running RDP5.x.  Client had a single WYSE CX0 unit that worked fine running RDP v6.x.  I do not know if any would have worked PRE-activation since this was not tested.  We tried to log on users after it was activated.

    Additional info - You will not see the reg keys if you check the registry again after the reboot.  For me the keys re-generated when I had the first HP terminal log in.

    The user was able to log in in successfully and also the WYSE terminal.


    Cesar

    Tuesday, September 24, 2013 8:00 PM
  • This worked for me!

    Thanks Much

    Tuesday, November 19, 2013 5:03 PM
  • Thank you! This works with perfectly MS RDP 7.1 on 2008 R2 SP1 as well.

    My device is Motorola MC75A Windows Mobile 6.5

    Tuesday, February 18, 2014 1:26 PM
  • Thanks it is working for me to !!!
    Monday, March 24, 2014 10:05 AM
  • unfortunately it's not solved my similar problem with WinCE based Motorola MC8080 scanners and Terminal Server 2008 :(

    http://social.technet.microsoft.com/Forums/en-US/390e1d2e-6eec-47c7-abc1-60affa1f129a/server-2008-ts-some-client-could-not-connect-to-the-server?forum=winserverTS

    Have you any idea?

    Saturday, June 7, 2014 7:31 AM
  • Hi, 

    thanks for the resolution, i tried and it worked once and then gave me the same error i tried with other users and still the same.

    each time i apply the resolution i can login remotely from the PDA and then if i try to reconnect again it gives the same error.

    so i need something more stable any ideas ??

    thanks in advance for your help. 


    Sunday, August 31, 2014 10:55 AM
  • Ok, here's what I had to do and this fixed the issue on all 3 of our servers.

    1. Go to RD Licensing Manager

    2. Right click on your Licensing Server name and select properties.

    3. Change Connection Method to 'Web Browser'

    4. Go back to the Licensing Server and right click on your server.  Select Advanced -> 'Reactivate Server'

    5. Reactive server via the given Wizard + web browser

    6. Delete the following registry keys (they will be reset when you reboot)

               HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM

      • Certificate
      • X509 Certificate
      • X509 Certificate ID
      • X509 Certificate2

    7. Reboot

    After doing the above steps, I was able to log in using RD Mobile.

    I am replying to let everyone know that this worked for me using Windows 2012 RDS with HP Compaq T5510 terminals running RDP5.x.  Client had a single WYSE CX0 unit that worked fine running RDP v6.x.  I do not know if any would have worked PRE-activation since this was not tested.  We tried to log on users after it was activated.

    Additional info - You will not see the reg keys if you check the registry again after the reboot.  For me the keys re-generated when I had the first HP terminal log in.

    The user was able to log in in successfully and also the WYSE terminal.


    Cesar


    This solution works very well. Thanks a lot!

    Gerald

    Friday, May 8, 2015 9:12 AM
  • Ok, here's what I had to do and this fixed the issue on all 3 of our servers.

    1. Go to RD Licensing Manager

    2. Right click on your Licensing Server name and select properties.

    3. Change Connection Method to 'Web Browser'

    4. Go back to the Licensing Server and right click on your server.  Select Advanced -> 'Reactivate Server'

    5. Reactive server via the given Wizard + web browser

    6. Delete the following registry keys (they will be reset when you reboot)

               HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM

      • Certificate
      • X509 Certificate
      • X509 Certificate ID
      • X509 Certificate2

    7. Reboot

    After doing the above steps, I was able to log in using RD Mobile.


    We were having the same issue on our 2012 R2 Standard terminal server. This workaround works -- Thank you!


    • Edited by Aj Collins Friday, May 22, 2015 12:34 PM
    Friday, May 22, 2015 12:33 PM