7

We have Windows Server 2012 Standard as a remote desktop server, and older legacy thin clients cannot connect to it. Is there guidance that indicates the minimum required version of RDP to connect to Server 2012?

When we activated a license server on our 2012 Standard RDS server, some of the thin clients started receiving an error when they connect: "Remote Desktop disconnected because of a security error. The client cannot to the remote computer. verify you are logged on the network and try connecting again"

The server also logs "A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10."

We believe that the version of RDP on the thin client dictates whether or not it can connect.

Windows 8, Windows 7, and Windows XP SP3 can connect, as can newer thin clients.

We have unchecked the "Allow connections only from computers running Remote Desktop with Network Level Authentication (recommended)" located on the Remote tab of System Properties, and on Server Manager\Remote Desktop Services\Collections[servername]\Properties of the collection->Tasks->Edit Properties. However, older thin clients still cannot connect.

I can't find an authoritative answer from Microsoft as to exactly what version(s) of RDP are supported to connect to RDS under Server 2012.

Chris Vesper
  • 438
  • 1
  • 7
  • 18
  • What OS are the legacy clients? – DanBig Apr 29 '13 at 18:50
  • As @DanBig said the OS version would be helpful and the version of the RDP Client from the clients too. IIRC, Microsoft recommends RDP version 7 as a minimum to connect to Server 2012. – colealtdelete Apr 29 '13 at 18:54
  • See here as well: http://social.technet.microsoft.com/Forums/en-US/winserverTS/thread/1a7edd78-e4c6-4aad-9af2-7196bb165096 - it really boils down to whether you'll be able to update the thin clients properly if they are old like CE6. – TheCleaner Apr 29 '13 at 18:56
  • Well, the real question is "What is the minimum version of RDP supported by Server 2012 RDS?" I want to get an answer so it will be documented for other users who might have this same problem. I'd like to get the clients working as well, but that's not really the subject of this question. I have some ideas as to the minimum supported version, but I can't find an authoritative answer. – Chris Vesper Apr 29 '13 at 19:22
  • FWIW: We did try the registry changes in the linked question, but they didn't help. Also, the legacy clients are Win CE 5 (rdp 5.2) XP embedded, WTOS (freebsd based O/S for dell/wyse winterms) – Chris Vesper Apr 29 '13 at 19:58

1 Answers1

5

Microsoft confirmed that only RDP 6 and later is supported with Server 2012.

RDP 5.x clients cannot connect, except as follows:

RDP 5.x clients CAN connect if no license server is activated. In this case, Server 2012 RDS does not issue any license to the client, and allows the client to connect at a low encryption level, 512 bits.

However, when an RDS license server is activated, a higher level of encryption is required (2048 bits) and RDP 5.x cannot support this level of encryption. Therefore, the RDP 5.x client can no longer connect.

We paid for a support call and confirmed this with the tech.

Chris Vesper
  • 438
  • 1
  • 7
  • 18
  • We had to upgrade our WTOS firware to at least WNOS 6.5.0_30 before it would start working with Server 2012 at all with our Wyse S10 or V10L models. Our 10+ year old Wyse 1200LE models do not support this firmware level and will not connect to Server 2012. – BeowulfNode42 May 01 '14 at 00:25