Remote Desktop not connecting unless logged into remote machine locally

[Skiibs]

Greetings,

I have recently been experimenting with remote desktop connectivity in a attempt to (eventually) be able to access my home PC while on the road. In my attempts, however, I have been plagued with problems, the most persistent of which is the inability to remote into the target PC at all until the account has been logged in locally.

I have created all the necessary holes in windows firewall and set up the remote desktop settings and services correctly (I believe) as I am able to remote into the desired account once someone has logged into it, kicking out the local user in the process (which is fine with me). I only have one network adapter and all the remote desktop services are set to automatic startup (I found that logging off once remote desktop worked successfully caused the same problem, but that was because a necessary service stopped as a result of the log out).

I am running Windows 7 Ultimate 64-bit on the computer that I am trying to connect to, and am attempting to connect to it using various devices including a windows 8 laptop and an android smartphone with an RDP app. I have set "Allow connections from computers running any version of remote desktop" under advanced system settings in the remote tab, in order to assure myself that connections with my smartphone will not be blocked (so far, they are not).

I have no idea why one must log into the target account before remote desktop will work, but once it is done, the connection works flawlessly. Any help the community could offer would be greatly appreciated. Thank you!

 

[burdenbound]

Because the software isn't running on the host computer until you log in, it has no idea you are trying to connect to it.

 

[Skiibs]

Because the software isn't running on the host computer until you log in, it has no idea you are trying to connect to it.

In that case, how do I ensure that the software starts before login? I am not using any 3rd party software for this purpose, only the standard Remote Desktop Protocol on port 3389. On windows this is managed by the remote desktop services, which are all set to automatic start, and they do start with windows prior to login.

To clarify, using mstsc on my windows 8 laptop I am able to provide a user name and password, but once those are accepted, unless someone has already logged into the home computer, it gives me the following error message: "Your Remote Desktop Services Session has ended. The connection to the remote computer was lost, possibly due to network connectivity problems. Try connecting to the remote computer again. If the problem continues, contact your network administrator or Technical Support."

Hope that this sheds light on the problem.

 

[Skiibs]

I have continued troubleshooting, and I have discovered that, under the remote tab in advanced settings, when I select the "Allow connections only from computers running Remote Desktop with Network Level Authentication (more secure)" option, Remote Desktop does not work at all. No solution yet, but that is interesting to say the least.

 

[Skiibs]

GOT IT!

Here's what I did:

First, if you do not have the Remote Server Administration Tools installed, you can get them for Windows 7 SP1 from this link: http://www.microsoft.com/en-us/download/details.aspx?id=7887

Next, go to Programs and Features and click on "turn Windows Features on or off" (You will need to run the standalone installer downloaded in the previous step first) Browse to Remote Server Administration Tools>>Role Administration Tools>>Remote Desktop Services Tools. Check the box next to the "Remote Desktop Services Tools" entry and then click "OK"

Next, Click start, then Run, type in "MMC" (no quotes) and click OK. Then click File > Add or Remove Snap-ins. Select "Group Policy Object" and click "Add," "Finish," and then OK.

Now, browse to Console Root\Local Computer Policy\User Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Security

(Note: the following will undoubtedly be heralded as the worst troubleshooting practice possible since I changed multiple things at a time, but it did work, so if someone wants to point out what helped and what probably didn't I have no problems with that at all)

Finally, double click on each of the following entries and set them as specified:

Always prompt for password upon connection => Disabled

Require user authentication for remote connections by using Network level authentication => Disabled

You may also modify other settings, such as encryption and specific security layers

Now when you boot the machine, so long as all other settings mentioned further up the page are properly set, you will be able to Remote Desktop into the remote PC without someone logging into it locally first.

Hope that this helps someone!

P.S. I'll leave the best solution unselected for awhile to allow for others to contribute should they desire.

 

[eess]

I dont have Security option under Console Root\Local Computer Policy\User Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\

What i have to do?

GOT IT!

Here's what I did:

First, if you do not have the Remote Server Administration Tools installed, you can get them for Windows 7 SP1 from this link: http://www.microsoft.com/en-us/download/details.aspx?id=7887

Next, go to Programs and Features and click on "turn Windows Features on or off" (You will need to run the standalone installer downloaded in the previous step first) Browse to Remote Server Administration Tools>>Role Administration Tools>>Remote Desktop Services Tools. Check the box next to the "Remote Desktop Services Tools" entry and then click "OK"

Next, Click start, then Run, type in "MMC" (no quotes) and click OK. Then click File > Add or Remove Snap-ins. Select "Group Policy Object" and click "Add," "Finish," and then OK.

Now, browse to Console Root\Local Computer Policy\User Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Security

(Note: the following will undoubtedly be heralded as the worst troubleshooting practice possible since I changed multiple things at a time, but it did work, so if someone wants to point out what helped and what probably didn't I have no problems with that at all)

Finally, double click on each of the following entries and set them as specified:

Always prompt for password upon connection => Disabled

Require user authentication for remote connections by using Network level authentication => Disabled

You may also modify other settings, such as encryption and specific security layers

Now when you boot the machine, so long as all other settings mentioned further up the page are properly set, you will be able to Remote Desktop into the remote PC without someone logging into it locally first.

Hope that this helps someone!

P.S. I'll leave the best solution unselected for awhile to allow for others to contribute should they desire.

 

[Skiibs]

"I dont have Security option under Console Root\Local Computer Policy\User Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\

What i have to do?"

Haven't looked at this thread for awhile, but I'll see what I can do.

I can only imagine that, for that entry not to be there, something must have not been installed properly by the installer downloaded in step 1.

Other than that, it seems to be a separate issue that is complicating things for you. Hope you can resolve your problems, but honestly I can't think of any reason why that entry would simply go missing like that if all of the above steps were followed correctly. After all, it would be a brand new entry added to the MMC console during step 1, so it isn't like a virus or a corrupt file would cause it to not show up.

Also, bear in mind that my solution implies a Windows 7 install that has been updated to SP1. Not having the service pack, or running a different version of windows would also cause differences.

 

[cryfcad]

I dont have Security option under Console Root\Local Computer Policy\User Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\

What i have to do?

@Skiibs did a great guide but made one small mistake. The correct path is not User Configuration but "Computer Configuration". I don't have Win in English so maybe it is not exactly accurate but simply the other option and not User Configuration. Rest of the path is fine so:

Console Root\Local Computer Policy\Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Security



By the way it worked for me without disabling "Always prompt for password upon connection => Disabled"

 

[FreonPSandoz]

Because the software isn't running on the host computer until you log in, it has no idea you are trying to connect to it.

Nonsense. It works on 99 out of 100 machines. Windows just f#@$ks up. Lots.