I troubleshot this for a few hours and I am out of ideas. In my experience, remote desktop issues are because the firewall has no exception for RDP, the user you're trying to log in as doesn't have the correct permissions, or the you simply cannot connect to the system on the network. In this case, it looks like even though the Remote Desktop Services are started and running, the services are not listing.

Version: Windows 10 Enterprise LTSC 1809 Typical questions:

1. This is from an internal image of Windows 10.
2. No, remote desktop has never been able to connect to this system
3. Yes, this system can connect to other systems on the network including the system that all the following tests were done from.

Now for the troubleshooting. For all of this, I tried to connect to the remote computer from a computer on the same network using its IP address.:

1. Disabling firewall. Normally, you should add an exception to the firewall, but I wanted to be able to ping the system.
   • Once I disabled the firewall, I was able to ping the system.
2. Directly connecting the tester to the network switch instead of a router. 3. I created a new user, added them to the Administrators and Remote Desktop Users groups
   • The new user was very slow, and I saw a number of issues with slow desktop behavior. For example, the Settings Panel would never load for me to enable Remote Desktop
   • Because of this, I switched back to the Administrator account.
3. Ran Windows Update
4. Enabled the administrator account
   • By default, the administrator account is disabled on Windows 10. This is why you cannot immediately log in as admin.
5. Added a password to the Administrator account
   • There is a registry key that requires passwords in order to remote into computers
   • Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\LimitBlankPasswordUse = 0
6. I started the TermService service. This is the service responsible for all the remote desktop subservices.
   • Is was a big red flag that these were off
7. I checked that the 3 sub services were running: Remote Desktop Services, Remote Desktop Configuration, Remote Access Connection Manager
8. Remote desktop protocol uses port 3389 so I used netstat -a -o | find “3389” in the command window to see if there were any other programs that were using the port and the service started successfully
   • No other programs were using this port
   • The RDP service didn’t seem to start since nothing was using this
   • qwinsta did not show an active rdp-tcp session open session either
   • qwinsta on a system that can connect and be connected to shows this:

C:\Users\administrator>qwinsta SESSIONNAME USERNAME ID STATE TYPE DEVICE services
0 Disc console administrator 1 Active rdp-tcp 65537 Listen

10. I tried disabling the IPv6 part of the network adapter
11. I tried changing the port for RDP to 3390 by changing the following registry key and restarting the system:
    • HKLM\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\PortNumber to 3390 Decimal
    • You need to log in differently to test connect this way. The :, example: 16.145.32.65:3390
    • Netstat did not show anything using these ports either
12. I disabled Windows Defender

Update: I found out this only happens in Audit mode (control+shift+F3). Going through the first time experience makes everything work as expected. This begs the question, is RDP supposed to work in audit mode? I could not find any documentation that said it isn't.

Any further ideas would be super helpful and very appreciated.