The case of the missing mouse on windows 2012 via rdp

Issue: No mouse pointer after you RDP to some windows 2012 servers, seems to be more common from linux systems. Also in my research it seems this fix works for slow mouse pointers too in RDP

Workaround:

  1. launch control panel
  2. click on mouse options
  3. click on the pointers tab
  4. uncheck “enable pointer shadow”

If you need keyboard shortcuts:

  1. windows key +R for run command
  2. then “control main.cpl”
  3. uncheck “enable pointer shadow” *use tab if needed to select option.

References:

https://support.microsoft.com/en-us/kb/192806

https://support.microsoft.com/en-us/kb/126449

bonus https://social.technet.microsoft.com/Forums/windows/en-US/3dcd8f57-3efc-46e9-b2e1-34e61f3ddb3d/remote-desktop-connection-mouse-slow-with-windows-2012?forum=winserver8gen

 

RDP error Local Security Authority cannot be contacted

The error:

Remote Desktop Connection: An authentication error has occurred.
The Local Security Authority cannot be contacted
Remote Computer: hostname or ip

The issue:

Seems to happen more on 2012 server but if you have Network Level Authentication enabled it will not prompt you for a GUI change password option if you have change password at next logon selected. This error could happen for other reasons as well

One of the possible fixes:

  1. uncheck change password at next logon if its selected
  2. use a different tool to change your password at first logon

Additional info can be found at https://blog.mnewton.com/articles/Solution-RDP-The-Local-Security-Authority-cannot-be-contacted/

Server hangs from RDP reboot

Problem:

Do a GUI reboot from RDP session, and RDP closes/no longer works but never reboots server because windows hung. (mostly found out by checking console)

Best way to try and prevent:

use shutdown command

“shutdown /r” may need /f option, also switches could be different depending on  your windows version.

RDP Access Denied do to licensing

WARNING: as always use at your own risk and take a backup of your registry before trying.

Problem:

RDP Access Denied when logging in.

What is needed:

  • Windows 2008 R2
  • Remote Desktop Services role
  • AD logins
  • May also have failed to renew license events in the event log

Log Name: System
Source: Microsoft-Windows-TerminalServices-RemoteConnectionManager
Date: xxxxxxxx
Event ID: 1028
Task Category: None
Level: Warning
Keywords: Classic
User: N/A
Computer: xxxxxx
Description:
The remote session could not be established from remote desktop client xxxxxx because its license could not be renewed.

How to check for bug: connect to server via RDP console mode (mstsc /admin) with same login if it works you are getting this bug.

Fix:

There is a known bug with Windows 2008R2 and the Terminal Services Role with Remote Desktop. Once installed if the following is not performed any user trying to log onto the server using AD credentials will not be allowed to logon.

The registry key affecting this behavior must be created and set. This change is only required on those servers hosting the Remote Desktop Role.

  1.  Go to start menu, run , and type regedit and choose enter.
  2. Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server
  3. Create a DWORD value called (IgnoreRegUserConfigErrors) and assign the value 1 to this property.

No reboot required will work for any new RDP connections

This could also be related to token size too, may want to check if you are getting kerberos errors because of token size