I have a Windows 10 Pro machine that is functioning as a RDP terminal for a single user.
This machine was configured more than 2 years ago and has had no major changes made to its configuration, except of course for the obligatory Windows 10 automatic updates.
Everything has been working fine until a few months ago, when the user started getting this error when window attempting to connect via RDC:
Remote Desktop Connection
An internal error has occurred.
I tried logging in via RDC via my Admin credentials, and I get the same error. The error appears immediately after clicking connect. There is no processing time and the connection attempt seem to be immediately rejected by the server.
I can't trace the problem down to any specific time, or event. It occurs seemingly at random. Sometimes after a few days, sometimes twice in one day.
Restarting the Windows 10 Pro machine always seems to fix the problem.
Strangely, accessing the Event Viewer
on the Windows 10 Pro machine also seemed to fix the problem, but it almost always returns much more quickly if I use this "fix".
Speaking of the Event Viewer
, these are relevant errors I found in the log related to RDC at the time that my login was rejected:
Error Event 227 RemoteDesktopServices-RdpCoreTS
General: 'Failed OnConnected to Listener callback' in CUMRDPConnection::InitializeInstance at 606 err=[0x8007050c]
Log Name: Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational
Source: RemoteDesktopServices-RdpCoreTS
EventID: 227
Task Category: RemoteFX module
Level: Error
User: NETWORK SERVICE
OpCode: Runtime
Error Event 227 RemoteDesktopServices-RdpCoreTS
General: spCoreConnection is NULL!' in CUMRDPConnection::TerminalInstance at 741 err=[0x8007139f]
Log Name: Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational
Source: RemoteDesktopServices-RdpCoreTS
EventID: 227
Task Category: RemoteFX module
Level: Error
User: NETWORK SERVICE
OpCode: Runtime
These are some other errors I noticed in the log, but don't correspond to the moment I try to connect:
Warning Event 226, RemoteDesktopServices-RdpCoreTS
General: RDP_TCP: An error was encountered when transitioning from StateUnknown in response to Event_Disconnect (error code 0x80070040)
Warning Event 142, RemoteDesktopServices-RdpCoreT
General: TCP socket READ operation failed, error 64
Note that the client machines are also running Windows 10 Pro.
May be a bit late but this worked for me, credit to Elton Saul. Create the DWORD below and set to 10000 My next task is to find out why it has outstanding connections :)
A temporary workaround for this issue is to increase the maximum outstanding connections limit. On client SKUs it is 100 by default, while on server SKUs it is 3000. The following DWORD registry key controls this value:
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\
DWORD: MaxOutstandingConnections
VALUE: 10000
Alternatively, you can update the same from Command Prompt as Administrator by running the following.
REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v MaxOutstandingConnections /t REG_DWORD /d 65536
I've expirenced this issues several times lately, and one workaround is to connect to the machine locally if possible (or via a VmWare console).
Otherwise you can restart the Remote Desktop Services in services.msc (and say yes to also restart the dependant service).
But a permanent solution would be preferable.
Deleting saved credentials in the client.rdp session and re-entering solved the problem for me. Edit Delete
Any Windows 10 update can break anything in the system, including making it unbootable.
You will have to know when the RDP stopped working, check what update applied at that point and remove that update. TCP 64 error was found to appear after updates in several cases. So make sure you find the update that did it and also try to install update KB3200970 if you don't have it already.
Restarting the Remote Desktop Service worked for me. You don't have to conect locally to do that. In your local computer run services.msc
then go to Action, connect to another computer, and choose the remote computer. Once connected find the service and restart it.
I had this happen today. I noticed in the Security event log, numerous events each time i tried to connect:
Credential Manager credentials were read.
Subject:
Security ID: SCREWDRIVER\Ian
Account Name: Ian
Account Domain: SCREWDRIVER
Logon ID: 0x63814
Read Operation: Read Credential
This event occurs when a user performs a read operation on stored credentials in Credential Manager.
Which told me it was trying cached credentials over and over. I went back into Remote Desktop Connection client and deleted the cached credentials:
And then re-connected, re-entered the password, and it worked.
Warning Event 226, RemoteDesktopServices-RdpCoreTS
General: RDP_TCP: An error was encountered when transitioning from StateUnknown in response to Event_Disconnect (error code 0x80070040)
Warning Event 142, RemoteDesktopServices-RdpCoreT
General: TCP socket READ operation failed, error 64
You also get those messages in the RemoteDesktopServices-RdpCoreT log if there are issues with your smartcard certificate. In our case the certificate was revoked however we saw no indication of it when using Remote Desktop Connection from a Windows 10 client.
The same error occurs with Windows Server 2019.
In addition to the Eventlog entries above I see Error Event 1006 Microsoft-Windows-TerminalServices-RemoteConnectionManager/Admin The RD Session Host server received large number of incomplete connections. The system may be under attack.
Using Wireshark I only see one connection attempt. The Server sends TCP RST what obviously causes the eventlog entries we see. Maybe the defaults from older versions of Windows got discarded. I have set MaxOutstandingConnections to 3000 as @Dexmox reposted here and can confirm it works on both Server and Client Versions of Windows.
$registryPath = "HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server"
$Name = "MaxOutstandingConnections"
$value = 3000
IF(!(Test-Path $registryPath))
{
New-Item -Path $registryPath -Force | Out-Null
New-ItemProperty -Path $registryPath -Name $name -Value $value -PropertyType DWORD -Force | Out-Null}
ELSE {
New-ItemProperty -Path $registryPath -Name $name -Value $value -PropertyType DWORD -Force | Out-Null}
I have encountered similar errors with RDP and found that disabling local resource sharing resolved the issues for me.
Under advanced tab of the RDP connection find "if server authentication fails". The default is set to Warn me. Change it to "connect and don't warn me". This just worked for me on multiple machines.
Try deleting saved credentials from RDP session. Then re-enter and save. Use RDP template below. This worked for me on three machines where I kept getting the "internal fault" error while connecting.
update try this example. Change full address X.X.X.X and USERNAME then save as
xxxx.rdp
screen mode id:i:2
use multimon:i:0
desktopwidth:i:3840
desktopheight:i:2160
session bpp:i:24
winposstr:s:0,3,0,0,800,600
compression:i:1
keyboardhook:i:2
audiocapturemode:i:0
videoplaybackmode:i:1
connection type:i:7
networkautodetect:i:1
bandwidthautodetect:i:1
displayconnectionbar:i:1
enableworkspacereconnect:i:0
disable wallpaper:i:0
allow font smoothing:i:0
allow desktop composition:i:0
disable full window drag:i:1
disable menu anims:i:1
disable themes:i:0
disable cursor setting:i:0
bitmapcachepersistenable:i:0
full address:s:X.X.X.X
audiomode:i:0
redirectprinters:i:0
redirectcomports:i:0
redirectsmartcards:i:1
redirectclipboard:i:1
redirectposdevices:i:0
drivestoredirect:s:
autoreconnection enabled:i:1
authentication level:i:2
prompt for credentials:i:0
negotiate security layer:i:1
remoteapplicationmode:i:0
alternate shell:s:
shell working directory:s:
gatewayhostname:s:
gatewayusagemethod:i:4
gatewaycredentialssource:i:4
gatewayprofileusagemethod:i:0
promptcredentialonce:i:0
use redirection server name:i:0
rdgiskdcproxy:i:0
kdcproxyname:s:
username:s:USERNAME
gatewaybrokeringtype:i:0
As of some Windows update within the past 9 months, this problem no longer occurs. So I assume that Microsoft finally got it sorted out.
Logging another possibility for folks to try - this just fixed connecting from my Windows 10 dev box to a 2008R2 server:
If your RDP client box has unusual crypto settings, you may get "An unexpected error has occured" when trying to connect to a perfectly normal RDP server.
I was checking that various clients could still connect to an app on my dev box with restrictive protocols, so I used Nartac's IISCrypto to set my dev box to Best Practices and rebooted. At that point, I could still connect.
Then I restricted things further, aiming for an A+ from SSL Test. Knocked out a few combinations, got my A+... and found later that I couldn't connect to anything over RDP!
So, if you've been hardening your IIS crypto beyond Best Practices and find you can't connect out from the hardened machine over RDP, try setting things back down to Best Practices.
As Wilson Waters noted, you may be being flooded by hacking attempts. Do your firewall rules allow inbound RDP connections from anywhere? You should restrict the scope to your own IP address(es).
For example, for Windows Firewall on the server:
for me the issue seemed to be that i was sharing the rdp via MS cloud and saving credentials.
I was not able to delete
stored credentials as the ui was not showing the option so what i opened the .rdp file in VS code and made the following changes
prompt for credentials:i:0
-> prompt for credentials:i:1
gatewaycredentialssource:i:
promptcredentialonce:i:0
-> promptcredentialonce:i:1
then save as to a local dir that is not stored in MS cloud so it would no happen again
For me, it was because I was in the middle of a hacking attempt. I kept trying to RDP to my VPS server, and got the error mentioned here 9 out of 10 times. When I did manage to log in, there were about 5 "Audit Failure" messages in the Security Event Log every second. It looked like someone was trying to brute force the administrator password. The RDP error occurred because the maximum number of simultaneous connections had been reached because of this.
I wasn't able to limit my firewall to only my IP address as mentioned in another answer, so instead I changed the port that RDP listens on, and opened up that port in the Windows Firewall, and the attacks (and the error) went away - at least for now. I used this method described on the Microsoft website: https://docs.microsoft.com/en-us/windows-server/remote/remote-desktop-services/clients/change-listening-port
I just try the following and worked:
Just try to connect with a bib existing username and password, then mstsc will try to connect, in fact it will connect, and then the windows server screen will tell you that username and password entered are bad, then simply user correct name and pass and will work.
I seem to have encountered the same issue. For me none of the above answers solved it, but I was able to connect again after I restarted the Remote Desktop Licensing service.
User contributions licensed under CC BY-SA 3.0