Skip to main content

Windows Server 2008 loses remote desktop admin

More
12 years 6 months ago #37905 by rdoherty
I recently installed some Windows Server 2008 updates (March 2012) that required a reboot. I was working from my remote connection down the hall. After I allowed the required reboot of the server, I went to lunch. When I got back and tried to log on remotely I was told the connection was not available. Several more tries gave partial logon, no logon, an error message box or some other non-connect.

After an initial period of panic (it's a live system), I went to the vault where the server is located and was able to log on with no problem.

What had I done? I had OKed an upgrade to SP1 ( a huge number of MBytes ), and I had rebooted from a remote connection.

Long story short:I was not alone in having this problem just after updating to SP1. Lots of research later, I went to look at the update history. One stood out as related to remote desktop. It was KB2667402. It seems there was a exploit allowing a malicious person to take control of the server easily. I set them up with the original installation, and I went home. I now know, however, that SP1 wasn't the problem; it was the single KB upgrade

As with most instances like this, I had the answer at 3:00 am, and I couldn't let it go. I went in on Saturday, the next day, when no one was using the school system. I first un-updated KB2667402 and rebooted. Problem gone! Then it dawned on me that there was a reason the server hadn't finished booting after I came back from lunch: I had tried to install an update of the remote connection system, but the system was in use (I was updating remotely), and it didn't update the .dll concerned appropriately.

The fix: I re-updated singly KB2667402. All that required was unchecking the others in the list. I rebooted, and the problem was gone. If you get an update for KB2667402, make sure you have no remote connections active, and then do the update directly on the server - not through a remote connection.

The moral: If you're doing updates, do them from the highest authority directly at the server. Good luck.
The following user(s) said Thank You: Chris, TheBishop, RedRanger, 41i3n
More
12 years 6 months ago #37906 by Chris
rdoherty,

Thanks so much for sharing this experience with the rest!! It is unfortunate how many times we are forced to undo damage done by Service Packs or single-KB updates at 3am in the morning!!

I'm sure a lot of people will benefit from your experience and thanks again for sharing it!

Chris.

Chris Partsenidis.
Founder & Editor-in-Chief
www.Firewall.cx
More
12 years 2 months ago #38071 by RedRanger
I've seen some updates do some squirrelly things in the past with Windows Updates. The Quality Assurance Department seems to have gotten their act together with updates in recent years, but some things still fall through the cracks.

When Service Pack 1 was first put into production for 7 and 2008/2008R2, I remember there being an issue where Remote Server Administration Tools (RSAT) couldn't be installed on a Windows 7 Client if the SP1 was already installed. The work around was to uninstall SP1, install RSAT, and reinstall SP1. A little ridiculous, if you ask me. Microsoft re-released SP1 later to resolve this problem.

RedRanger

"I'd Rather You Hate Me For Everything I Am Than Love Me For Something I'm Not."

Be Awesome
Time to create page: 0.130 seconds