24

I have a Windows 10 Pro machine that is functioning as a RDP terminal for a single user.

This machine was configured more than 2 years ago and has had no major changes made to its configuration, except of course for the obligatory Windows 10 automatic updates.

Everything has been working fine until a few months ago, when the user started getting this error when window attempting to connect via RDC:

Remote Desktop Connection
An internal error has occurred.

I tried logging in via RDC via my Admin credentials, and I get the same error. The error appears immediately after clicking connect. There is no processing time and the connection attempt seem to be immediately rejected by the server.

I can't trace the problem down to any specific time, or event. It occurs seemingly at random. Sometimes after a few days, sometimes twice in one day.

Restarting the Windows 10 Pro machine always seems to fix the problem.

Strangely, accessing the Event Viewer on the Windows 10 Pro machine also seemed to fix the problem, but it almost always returns much more quickly if I use this "fix".

Speaking of the Event Viewer, these are relevant errors I found in the log related to RDC at the time that my login was rejected:

Error Event 227 RemoteDesktopServices-RdpCoreTS
    General: 'Failed OnConnected to Listener callback' in CUMRDPConnection::InitializeInstance at 606 err=[0x8007050c]
    Log Name: Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational
    Source: RemoteDesktopServices-RdpCoreTS
    EventID: 227
    Task Category: RemoteFX module
    Level: Error
    User: NETWORK SERVICE
    OpCode: Runtime

Error Event 227 RemoteDesktopServices-RdpCoreTS
    General: spCoreConnection is NULL!' in CUMRDPConnection::TerminalInstance at 741 err=[0x8007139f]
    Log Name: Microsoft-Windows-RemoteDesktopServices-RdpCoreTS/Operational
    Source: RemoteDesktopServices-RdpCoreTS
    EventID: 227
    Task Category: RemoteFX module
    Level: Error
    User: NETWORK SERVICE
    OpCode: Runtime

These are some other errors I noticed in the log, but don't correspond to the moment I try to connect:

Warning Event 226, RemoteDesktopServices-RdpCoreTS
    General: RDP_TCP: An error was encountered when transitioning from StateUnknown in response to Event_Disconnect (error code 0x80070040)

Warning Event 142, RemoteDesktopServices-RdpCoreT
    General: TCP socket READ operation failed, error 64

Note that the client machines are also running Windows 10 Pro.

Daniel
  • 1,594
  • 8
  • 26
  • 44

20 Answers20

20

May be a bit late but this worked for me, credit to Elton Saul. Create the DWORD below and set to 10000 My next task is to find out why it has outstanding connections :)


https://social.technet.microsoft.com/Forums/en-US/e1d60cc0-0096-4859-a0e7-eb7f11905737/remote-desktop-v10-error-0x4-from-mac?forum=winRDc

A temporary workaround for this issue is to increase the maximum outstanding connections limit. On client SKUs it is 100 by default, while on server SKUs it is 3000. The following DWORD registry key controls this value:

Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\
DWORD: MaxOutstandingConnections
VALUE: 10000

Alternatively, you can update the same from Command Prompt as Administrator by running the following.

REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v MaxOutstandingConnections /t REG_DWORD /d 65536
Dexmox
  • 301
  • 1
  • 3
  • 2
    Thank you, this worked for me many times! Here's a downloadable .reg file for that sets MaxOutstandingConnections to 3000 https://gist.githubusercontent.com/a-stankevich/1b5402aa60ba8733480205ae98af0948/raw/c3666761996161df33aef7097d24c9bd0a1dbffb/MaxOutstandingConnections.reg – Arthur Stankevich Mar 21 '19 at 11:43
  • This or reboot worked for me. – Valentin Kuzub Sep 11 '19 at 23:06
  • 7
    Is your RDP port open to the internet? I've found hacking attempts to RDP causes this problem. Every login attempt takes a connection and there's not enough left for valid connections. Raising the limit may work, but if you're getting that badly hammered, you should work out how to block the connections. – Wilson Waters Mar 22 '20 at 02:50
  • @WilsonWaters exactly. Check the failed login attempts in the log viewer. – Hasan Gürsoy Mar 28 '21 at 15:18
6

I've expirenced this issues several times lately, and one workaround is to connect to the machine locally if possible (or via a VmWare console).

Otherwise you can restart the Remote Desktop Services in services.msc (and say yes to also restart the dependant service).

But a permanent solution would be preferable.

Holger
  • 161
  • 3
  • I'm now experiencing this on another unrelated computer. Still Windows 10 Professional, but completely different hardware and configuration. But the exact same "Internal Error" problem with connecting via Remote Desktop, which presents intermittently. I never had any problems with Windows 10 and Remote Desktop until about a year ago, so I'm assuming one of the newer revisions of Windows 10 introduced this problem. :( – Daniel Nov 09 '18 at 20:25
  • Yeah, I've never seen it either, but have begun seeing it on some of my colleagues computers a couple of months ago. Restarting the Remote Desktop Service seems to help, but it can happen again later. – Holger Nov 15 '18 at 09:40
  • This worked for me, though for some reason my RDP services were all stopped. I was puzzled by the cryptic "An internal error occurred" message too... Anyway, I just started the services back up and was able to connect to RDP. – Zack Jan 04 '20 at 15:34
3

Deleting saved credentials in the client.rdp session and re-entering solved the problem for me. Edit Delete

BigAl
  • 31
  • 2
1

I had this happen today. I noticed in the Security event log, numerous events each time i tried to connect:

Credential Manager credentials were read.

Subject:
    Security ID:        SCREWDRIVER\Ian
    Account Name:       Ian
    Account Domain:     SCREWDRIVER
    Logon ID:       0x63814
    Read Operation:     Read Credential

This event occurs when a user performs a read operation on stored credentials in Credential Manager.

Which told me it was trying cached credentials over and over. I went back into Remote Desktop Connection client and deleted the cached credentials:

enter image description here

And then re-connected, re-entered the password, and it worked.

Ian Boyd
  • 5,131
  • 14
  • 57
  • 79
1

for me the issue seemed to be that i was sharing the rdp via MS cloud and saving credentials. I was not able to delete stored credentials as the ui was not showing the option so what i opened the .rdp file in VS code and made the following changes

  1. update prompt for credentials:i:0 -> prompt for credentials:i:1
  2. remove this line gatewaycredentialssource:i:
  3. update promptcredentialonce:i:0 -> promptcredentialonce:i:1

then save as to a local dir that is not stored in MS cloud so it would no happen again

workabyte
  • 111
  • 2
1
Warning Event 226, RemoteDesktopServices-RdpCoreTS
    General: RDP_TCP: An error was encountered when transitioning from StateUnknown in response to Event_Disconnect (error code 0x80070040)

Warning Event 142, RemoteDesktopServices-RdpCoreT
    General: TCP socket READ operation failed, error 64

You also get those messages in the RemoteDesktopServices-RdpCoreT log if there are issues with your smartcard certificate. In our case the certificate was revoked however we saw no indication of it when using Remote Desktop Connection from a Windows 10 client.

shelter
  • 11
  • 1
1

Any Windows 10 update can break anything in the system, including making it unbootable.

You will have to know when the RDP stopped working, check what update applied at that point and remove that update. TCP 64 error was found to appear after updates in several cases. So make sure you find the update that did it and also try to install update KB3200970 if you don't have it already.

Overmind
  • 2,970
  • 2
  • 15
  • 24
1

Restarting the Remote Desktop Service worked for me. You don't have to conect locally to do that. In your local computer run services.msc then go to Action, connect to another computer, and choose the remote computer. Once connected find the service and restart it.

AlexDev
  • 171
  • 1
  • 3
1

Logging another possibility for folks to try - this just fixed connecting from my Windows 10 dev box to a 2008R2 server:

If your RDP client box has unusual crypto settings, you may get "An unexpected error has occured" when trying to connect to a perfectly normal RDP server.

I was checking that various clients could still connect to an app on my dev box with restrictive protocols, so I used Nartac's IISCrypto to set my dev box to Best Practices and rebooted. At that point, I could still connect.

Then I restricted things further, aiming for an A+ from SSL Test. Knocked out a few combinations, got my A+... and found later that I couldn't connect to anything over RDP!

So, if you've been hardening your IIS crypto beyond Best Practices and find you can't connect out from the hardened machine over RDP, try setting things back down to Best Practices.

0

As Wilson Waters noted, you may be being flooded by hacking attempts. Do your firewall rules allow inbound RDP connections from anywhere? You should restrict the scope to your own IP address(es).

For example, for Windows Firewall on the server:

  1. Open Windows Firewall with Advanced Security.
  2. Click Inbound Rules.
  3. For each inbound rule whose name starts with Remote Desktop:
    1. Double-click the rule.
    2. Go to the Scope tab.
    3. Under Remote IP addresses, check These IP addresses.
    4. Add the IP addresses to restrict inbound RDP connections to.
Eric Eskildsen
  • 243
  • 3
  • 13
0

For me, it was because I was in the middle of a hacking attempt. I kept trying to RDP to my VPS server, and got the error mentioned here 9 out of 10 times. When I did manage to log in, there were about 5 "Audit Failure" messages in the Security Event Log every second. It looked like someone was trying to brute force the administrator password. The RDP error occurred because the maximum number of simultaneous connections had been reached because of this.

I wasn't able to limit my firewall to only my IP address as mentioned in another answer, so instead I changed the port that RDP listens on, and opened up that port in the Windows Firewall, and the attacks (and the error) went away - at least for now. I used this method described on the Microsoft website: https://docs.microsoft.com/en-us/windows-server/remote/remote-desktop-services/clients/change-listening-port

Matt
  • 101
  • 2
0

I just try the following and worked:

Just try to connect with a bib existing username and password, then mstsc will try to connect, in fact it will connect, and then the windows server screen will tell you that username and password entered are bad, then simply user correct name and pass and will work.

Uwe Keim
  • 2,370
  • 4
  • 29
  • 46
0

Every single time we get that error over here is because someone is already logged in or didn't log out properly. With query user /server:remote (replace remote with IP address or computer name) i can see who is logged in though. You can logoff people remotely with LOGOFF [session | id_session] [/SERVER:serveur] (RPC needs to be activated for both operation).

Michael Hampton
  • 237,123
  • 42
  • 477
  • 940
Pop
  • 1
0

The same error occurs with Windows Server 2019.

In addition to the Eventlog entries above I see Error Event 1006 Microsoft-Windows-TerminalServices-RemoteConnectionManager/Admin The RD Session Host server received large number of incomplete connections. The system may be under attack.

Using Wireshark I only see one connection attempt. The Server sends TCP RST what obviously causes the eventlog entries we see. Maybe the defaults from older versions of Windows got discarded. I have set MaxOutstandingConnections to 3000 as @Dexmox reposted here and can confirm it works on both Server and Client Versions of Windows.

$registryPath = "HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server"
$Name = "MaxOutstandingConnections"
$value = 3000

IF(!(Test-Path $registryPath))
  {
    New-Item -Path $registryPath -Force | Out-Null
    New-ItemProperty -Path $registryPath -Name $name -Value $value -PropertyType DWORD -Force | Out-Null}
 ELSE {
    New-ItemProperty -Path $registryPath -Name $name -Value $value -PropertyType DWORD -Force | Out-Null}
Klaus
  • 16
  • 2
0

I have encountered similar errors with RDP and found that disabling local resource sharing resolved the issues for me.

Ben Bowman
  • 21
  • 2
0

Under advanced tab of the RDP connection find "if server authentication fails". The default is set to Warn me. Change it to "connect and don't warn me". This just worked for me on multiple machines.

Nathan
  • 1
0

Try deleting saved credentials from RDP session. Then re-enter and save. Use RDP template below. This worked for me on three machines where I kept getting the "internal fault" error while connecting.

update try this example. Change full address X.X.X.X and USERNAME then save as

xxxx.rdp

screen mode id:i:2
use multimon:i:0
desktopwidth:i:3840
desktopheight:i:2160
session bpp:i:24
winposstr:s:0,3,0,0,800,600
compression:i:1
keyboardhook:i:2
audiocapturemode:i:0
videoplaybackmode:i:1
connection type:i:7
networkautodetect:i:1
bandwidthautodetect:i:1
displayconnectionbar:i:1
enableworkspacereconnect:i:0
disable wallpaper:i:0
allow font smoothing:i:0
allow desktop composition:i:0
disable full window drag:i:1
disable menu anims:i:1
disable themes:i:0
disable cursor setting:i:0
bitmapcachepersistenable:i:0
full address:s:X.X.X.X
audiomode:i:0
redirectprinters:i:0
redirectcomports:i:0
redirectsmartcards:i:1
redirectclipboard:i:1
redirectposdevices:i:0
drivestoredirect:s:
autoreconnection enabled:i:1
authentication level:i:2
prompt for credentials:i:0
negotiate security layer:i:1
remoteapplicationmode:i:0
alternate shell:s:
shell working directory:s:
gatewayhostname:s:
gatewayusagemethod:i:4
gatewaycredentialssource:i:4
gatewayprofileusagemethod:i:0
promptcredentialonce:i:0
use redirection server name:i:0
rdgiskdcproxy:i:0
kdcproxyname:s:
username:s:USERNAME
gatewaybrokeringtype:i:0
BigAl
  • 31
  • 2
0

As of some Windows update within the past 9 months, this problem no longer occurs. So I assume that Microsoft finally got it sorted out.

Daniel
  • 1,594
  • 8
  • 26
  • 44
-1

I tried the reg file-max connections option. It worked initially - but then still the same issue.

Checking services I could see a bunch of Remote Desktop services that were stopped. Initialised them all and it's all working again.

I will probably make a batch file to reinitialise if it continues.

-1

I seem to have encountered the same issue. For me none of the above answers solved it, but I was able to connect again after I restarted the Remote Desktop Licensing service.

Exec
  • 101
  • 4