RDP through a firewall fails with: “The RPC server is unavaliable”
This is just a quick one…
When trying to logon to Windows server 2003 via remote desktop you receive the following message:
The system cannot log you on due to the following error:
The RPC server is unavailable.
Please try again or consult your system administrator.
You will also receive the following event in the target server’s application event log:
Event ID: 1219
Logon rejected for Domain\User. Unable to obtain Terminal Server User Configuration. Error: The RPC server is unavailable.
There are a number of reasons you might see this message but in my case it was because the server I was connecting to was behind a firewall and in different domain to the one which my account was in.
When you logon via RDP, “Terminal Services” will contact the domain which your account is in to query terminal services information about your account e.g. profile path. It does this using RPC to a domain controller.
In my case the server concerned was in the perimeter network and there was no way I was going open RPC on the firewall to allow it to talk to an internal DC. And since the purpose for RDP to this server was purely for administration I really didn’t care if it couldn’t get my profile info from AD.
Fortunately there is a workaround as described in this Microsoft article, actually the article refers to a different problem, but the workaround is the same.
- Locate the following registry subkey:
- Create a new DWORD called IgnoreRegUserConfigErrors
- Give it a value of 1
Done! I might consider creating a group policy preference to implement this across all the servers in the perimeter domain.