Prev: Only 2 Connections Allowed on SBS, Why?
Next: Windows Explorer details view
From: Steve G on 5 Feb 2006 15:37
I've seen several post about the protocol error and I think it is related to
having purchased licenses for non-XP Pro and Win2K PCs "The remote computer
disconnected the session because of an error in the licensing protocol.
Please try connection to the remote computer again or contact your server
administrator." My problem is that we do have licneses for 5 XP home PCs and
they have worked up until about 3 weeks ago. The only thing that changed was
I updated the Server from Windows update, but there was only the usual
securty updates.

--
Steve G MCSE
From: John Chen [MSFT] on 6 Feb 2006 02:20
Hello Steve,

Thanks for posting in this newsgroup!

According to your environment, I think the problem was caused by Terminal
server licensing server. The issue may not be related to client licenses.
Let us try the following steps to isolate/eliminate this problem:

1. If you are using Citrix, test with the latest RDP client. If RDP works
but ICA fails, please contact Citrix for assistance.

2. Verify they are NOT depending on the license server discovery process.

In ALL cases Microsoft recommends explicitly specifying the license server
on the terminal server. This is done with the DefaultLicenseServer registry
value in Windows 2000 terminal server. Because your Terminal Server
Licensing cannot find a valid license server, designate the
DefaultLicenseServer registry value may help us eliminate this problem. For
detailed steps, please refer to the following Microsoft KB article:
239107 Establishing Preferred Windows 2000 Terminal Services License Server
http://support.microsoft.com/?id=239107

3. Verify the terminal server can access the license server.

Make sure there is no software-based or hardware-based firewall on the
terminal server and license server that may block necessary ports. TS
licensing works over RPC, which means port 135 and a dynamically assigned
port above 1024 must be open.

Make sure DNS is properly configured on the client, terminal server, and
license server. Verify you can ping in between them all by IP address,
FQDN, and NetBIOS name. Also try "ping -l 1472 -f <IP address>" to
determine if the MTU is too small on the network, in which case you can
change it on the router, or configure the machines to use a smaller MTU in
the registry. Setting the MaxMTU to 576 and or setting EnablePMTUDiscovery
to 0 may allow them to work. For details, please refer to:
120642 TCP/IP and NBT configuration parameters for Windows 2000 or Windows
NT
http://support.microsoft.com/?id=120642

4. Delete the MSLicensing registry key and verify that the users have at
least Read access on the HKLM\Software\Microsoft key on the client
computer.

5. Verify Authenticated Users have "Access this computer from the network"
and "Bypass Traverse Checking" permissions to the terminal server.

By default, the only group policy object that has the "Access this computer
from the network" right defined is the Default Domain Controllers policy.
All other machines (member servers, clients, machines in a workgroup) have
that right defined in their local security policy.

6. Verify the RDP-tcp connection is enabled and that "Maximum Connection
Count" on the Network Adapter tab of RDP-Tcp properties is set to Unlimited.

Verify that Everyone has Full Control on the RDP-Tcp properties, Security
tab (Everyone Full Control isn't required, just so the users trying to
connect have permissions to it).

In Terminal Services Configuration click Connections, right-click RDP-Tcp,
select All Tasks. If Enable Connection is an option, the connection is
currently disabled. There will also be a red X over the icon for the
specified connection when disabled.

If RDP-tcp encryption level is set to High, and clients are failing to
connect, try setting the encryption level to low, or keeping it on high but
using the latest RDP client on the client machines.

7. Delete the certificate registry values on the client and terminal server.
Because of a security error, the client could not connect to the Terminal
Server
http://support.microsoft.com/?id=329896


Sincerely,
John Chen, MCSE, MCSA, MCDBA, MCSD
Microsoft Online Partner Support

Get Secure! - www.microsoft.com/security

=====================================================
When responding to posts, please "Reply to Group" via
your newsreader so that others may learn and benefit
from your issue.
=====================================================

This posting is provided "AS IS" with no warranties, and confers no rights.

 | 
Pages: 1
Prev: Only 2 Connections Allowed on SBS, Why?
Next: Windows Explorer details view