Unable to start Remote Desktop Service Usermode Port redirector in Windows 10
I have two Windows 10 Pro [Version 21H1] with same GPO applied. The Remote desktop service usermode port redirector service on A can be started. But it is stopped immediately after started on B. There is a message popped "The Remote Desktop Services UserMode Port Redirector service on XXX started and then stopped. Some services stop automatically if they are not in use by other services or programs." There is no event message found in event viewer about the issue. I cannot use RDP to connect the computer without running the service. Could anyone advise how to troubleshoot the issue?
remote-desktop-servicesComment
Comment · Show 1
Comment
5 |1600 characters needed characters left characters exceeded
▼
- Visible to all users
- Visible to the original poster & Microsoft
- Viewable by moderators
- Viewable by moderators and the original poster
- Advanced visibility
Attachments: Up to 10 attachments [including images] can be used with a maximum of 3.0 MiB each and 30.0 MiB total.
JiaYou-MSFT · Jul 30, 2021 at 07:14 AM
HI
Is there any progress on your question?
0 Votes 0 ·
JiaYou-MSFT answered • Jul 28, '21 | DamonChan-4836 commented • Aug 2, '21
HI
1.Did you check the umrdp.dll file exists in the %WinDir%\System32 folder on issue computerB?
Remote Desktop Services UserMode Port Redirector - Windows 10 Service
//batcmd.com/windows/10/services/umrdpservice/
2.Did you check below 2 dependencise service are running fine on computer B?
Remote Desktop Services
Terminal Server Device Redirector Driver
3.Please do clean boot on issue computer B, after reboot please remote access computer B again, will the UmRdpService service still can not restart normally?
How to perform a clean boot in Windows
//support.microsoft.com/en-us/topic/how-to-perform-a-clean-boot-in-windows-da2f9573-6eec-00ad-2f8a-a97a1807f3dd
4.Can we logon the issue computer B console by using local admin account and try to disable virus scan software temporarily then restart UmRdpService service, will it still not running fine?
5.Can we run below command in command prompt[open as admin] on remote computer B then check if it can find and solve system file issue?
sfc scannow
dism /online /cleanup-image /scanhealth
dism /online /cleanup-image /restorehealth
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Comment
Comment · Show 1
Comment
5 |1600 characters needed characters left characters exceeded
▼
- Visible to all users
- Visible to the original poster & Microsoft
- Viewable by moderators
- Viewable by moderators and the original poster
- Advanced visibility
Attachments: Up to 10 attachments [including images] can be used with a maximum of 3.0 MiB each and 30.0 MiB total.
DamonChan-4836 · Aug 02, 2021 at 01:37 AM
Present.
The 2 dependent services are running.
Did clean boot as recommended but the problem still existed.
Computer A and B have same Endpoint protection software installed with same policy. So it should not be a cause of problem.
Tried but still failed to start the service.
Any other suggestion?
0 Votes 0 ·
Restore Default Startup Type for Remote Desktop Services UserMode Port Redirector
Automated Restore
1. Select your Windows 7 edition and Service Pack, and then click on the Download button below.
2. Save the RestoreRemoteDesktopServicesUserModePortRedirectorWindows7.bat file to any folder on your hard drive.
3. Right-click the downloaded batch file and select Run as administrator.
4. Restart the computer to save changes.
Note. Make sure that the umrdp.dll file exists in the %WinDir%\System32 folder. If this file is missing you can try to restore it from your Windows 7 installation media.
Yea, though I walk through the valley of the shadow of death, I will fear no evil: for thou art with me; thy rod and thy staff they comfort me.
How To Fix Windows 10 Remote Desktop Not Working Issue
By
Urvi MehtaWindows’s remote desktop feature allows you to access another computer from anywhere over the network through your personal computer. It is provided by Microsoft in Windows 10 as well as all the previous versions of Windows. All you need is a good internet connection to use this feature. However, sometimes users land up in a situation where the Windows 10 remote desktop is not workingcorrectly. You cannot access a remote PC if the remote desktop connection is causing issues.
People often address the remote desktop connection as RDP [Remote Desktop Protocol]. Well, you may experience RDP issues due to various reasons. Some of the reasons include incorrect firewall settings, disabled remote desktop connections, network-related issues, and glitches in the system. You can quickly fix these issues by tweaking the Windows 10 system.
10 Replies
· · ·
Habanero
OP
Sep 23, 2021 at 17:13 UTC
It's a registry value called fDenyTSConnections.
//gpsearch.azurewebsites.net/#2481
//www.interfacett.com/blogs/methods-to-enable-and-disable-remote-desktop-locally/
0 is ON[RDP enabled], 1 is OFF[RDP disabled].
0
· · ·
Mace
OP
Sep 23, 2021 at 17:43 UTC
AD group-based allowing remote desktop membership - is the best you can to control access to RDP.
Disable RDP port through Firewall if security concerns, on and off basis.
netsh advfirewall firewall add rule name="allow RemoteDesktop" dir=in protocol=TCP localport=3389 action=allow
netsh advfirewall firewall add rule name="allow RemoteDesktop" dir=in protocol=TCP localport=3389 action=deny
remotely turn on or off
Powershell
On Invoke-Command -ComputerName computer1 -ScriptBlock{ Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTSConnections" -Value 0} off Invoke-Command -ComputerName computer1 -ScriptBlock{ Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTSConnections" -Value 1}0
· · ·
Habanero
OP
Sep 23, 2021 at 17:54 UTC
My bad. I misread your question. I can think of a few ways.
Separate your machines into separate OU's and apply GPO accordingly.
Use GPO delegation to allow/deny certain machines the ability to read/apply the GPO.
0
· · ·
Jalapeno
OP
Sep 23, 2021 at 18:04 UTC
So the GPO is not changing the registry value. fDenyTSConnections is set to 0 and the GPO is still keeping me from connecting to the computer. So the GPO is changing something deeper than just a registry value. jrp78, you're right we are excluding some machines from the GPO to allow RDP. If we needed to we could exclude others if we need to remote into them. I was hoping to be able to figure out what changes the GPO makes so if I needed to I could undo those changes and reapplying the GPO would just change them back so I could RDP on demand if the need arised.
0
· · ·
Habanero
OP
Sep 23, 2021 at 18:20 UTC
Magus76 wrote:
So the GPO is not changing the registry value. fDenyTSConnections is set to 0 and the GPO is still keeping me from connecting to the computer. So the GPO is changing something deeper than just a registry value. jrp78, you're right we are excluding some machines from the GPO to allow RDP. If we needed to we could exclude others if we need to remote into them. I was hoping to be able to figure out what changes the GPO makes so if I needed to I could undo those changes and reapplying the GPO would just change them back so I could RDP on demand if the need arised.
Did you check both locations?
HKEY_LOCAL_MACHINE
\System\CurrentControlSet\Control\Terminal Server\fDenyTSConnections
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\fDenyTSConnections
0
· · ·
Mace
OP
Sep 24, 2021 at 18:16 UTC
Magus76 wrote:
So the GPO is not changing the registry value. fDenyTSConnections is set to 0 and the GPO is still keeping me from connecting to the computer. So the GPO is changing something deeper than just a registry value. jrp78, you're right we are excluding some machines from the GPO to allow RDP. If we needed to we could exclude others if we need to remote into them. I was hoping to be able to figure out what changes the GPO makes so if I needed to I could undo those changes and reapplying the GPO would just change them back so I could RDP on demand if the need arised.
Group-based- RDP access - control from active directory make it easy
0
· · ·
Jalapeno
OP
Sep 27, 2021 at 12:48 UTC
"Did you check both locations?
HKEY_LOCAL_MACHINE \System\CurrentControlSet\Control\Terminal Server\fDenyTSConnections
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\fDenyTSConnections"
Yep, both locations are changed and still unable to use Remote Desktop. So it's more than just a registry
0
· · ·
Habanero
OP
Sep 28, 2021 at 17:27 UTC
Magus76 wrote:
"Did you check both locations?
HKEY_LOCAL_MACHINE \System\CurrentControlSet\Control\Terminal Server\fDenyTSConnectionsHKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\fDenyTSConnections"
Yep, both locations are changed and still unable to use Remote Desktop. So it's more than just a registry
Ok next test would be to try one of these commands from a cmd prompt on your workstation[not the server]. This may confirm whether it's a firewall issue. If the server firewall is open, you will get a blank cmd prompt window, it it's blocked, you will get connection failed.
telnet hostname 3389
telnet IPaddress 3389
If this fails, you can also do netstat -a | findstr /c:":3389" from the server's cmd prompt to confirm you see the server listening on port 3389
1
· · ·
Jalapeno
OP
Sep 28, 2021 at 19:44 UTC
It connected using Telnet by hostname.
0
· · ·
Habanero
OP
Sep 28, 2021 at 20:05 UTC
If I have time, I'll perform a test to see if I can find anything else in the registry that changes. I have had pretty good success using Registrychangesview by Nirsoft to snapshot the registry, apply a GPO then compare the registry to the snapshot to find all changes. You can give this method a try yourself if you are feeling adventurous :]
EDIT: Since that GPO is really geared towards allowing RDP, check those registry locations for AllowTSConnections. See if that value is set to 1 which would block RDP.
0
Oops, something's wrong below.
Text
-
-
-
Quote Post
|
Add link Text to display: Where should this link go?
Add Cancel
Insert code
Language Apache AppleScript Awk BASH Batchfile C C++ C# CSS ERB HTML Java JavaScript Lua ObjectiveC PHP Perl Text Powershell Python R Ruby Sass Scala SQL VB.net Vimscript XML YAML
Insert Cancel
Join me to this group
Reply