Windows 7 Thread, RDP error in Technical; ok tried to connect to schools Terminal Server (2K8) Via a TS Gateway (from outside)
now this worked fine in ...
27th January 2009, 12:27 AM #1
ok tried to connect to schools Terminal Server (2K8) Via a TS Gateway (from outside)
now this worked fine in Vista before i blew away the Laptop to install Win7 Beta
i now get this error
The remote computer could not be authenticated due to problems with its security certificate. it may be unsafe to proceed.
Name in the Certificate from the remote computer:
The Following errors were encountered while validating the remote computer's certificate:
A revocation check could not be performed for the certificate.
You cannot proceed because authentication is required.
Now the TS gateway mydesktop.schoolsdomain.sch.uk has a real proper Trustico Certificate, but obviously the actually Terminal Servers has an internally generated certificate from the domans Certificate authority.. the Cert is valid and working. even installing the root cert of my internal domain as a trusted root authority doesn't resolve it...
Anyone tried RDPing yet from Win 7 via a TS gateway???
IDG Tech News
27th January 2009, 12:32 AM #2
Ok.. this adds to the mystery.. using the TS gateway i can connect to a 2K3 server that is accepting RDP sessions. by manually filling out the RDP connection settings... manually filling them out for the 2K8 TS server i get the same error... so it must be something between 2K8 and Win7... a new feature / check that MS added either to 2K8 or Win7 that only gets tested between the two.... hum...
Edit... Interestingly I can connect to a normal 2K8 Server.. Via the TS gateway.. just not the actual Terminal Server!!
Last edited by k-strider; 27th January 2009 at 12:42 AM.
27th January 2009, 12:53 AM #3
I think you need to look at what that (internal) certificate says about revocation via view certificate or whatever W7 has now - it probably points to somewhere internal you can't get to from the outside world.
You might be able to turn off revocation checking somewhere. Or you can, with a little effort, make certificates with custom revocation info.. or even no revocation info.
18th March 2009, 06:04 PM #4
i fixed this the otherday so i thought i should say what i did encase anyone else comes acropper
The Terminal Server was using cert signed by my CA, compname.internal.lan by changing the cert to a auto generated one the Win7 clients then started to connect just fine :-)
The TS gateway kept its Real world signed Cert
25th June 2009, 08:48 PM #5
- Rep Power
What do you mean by an auto generated certificate?
9th July 2009, 12:02 PM #6
18th August 2009, 10:29 AM #7
- Rep Power
Possibly you have enabled NLA, this is new for W2008 and causes non-connections for older clients (Network Level Authentication)
24th November 2009, 09:42 PM #8
- Rep Power
It seems im missing some little piece to this issue. I believe on a few win7 pro clients i need to set the certs to auto generated as K strider has shown, however win7 doesnt contian tsconfig, is there another way to do this on win7 pro so I can connect to 2008 servers?
25th November 2009, 11:49 AM #9
i had to set the Terminal Server certificate to Autogenerated.. as per the picture i posted earlier..
Administrative tools -> Terminal services -> Terminal Services Configuration.
Right Click RDP-TCP under the connectiosn box Properties... the bottom of the genral TAG chose autogenerated.
Last edited by k-strider; 25th November 2009 at 11:52 AM.
4th February 2010, 06:22 PM #10
Originally Posted by k-strider
I tried that but my home machine (not domain aware) sulks at a unidentified certificate, even when I try importing the certificate (user and computer) it still sulks.
What the heck have Microsoft done, looked around the web and this seems to be a common problem! I would love to get this sorted so I can offer the service to some of our staff.
4th February 2010, 06:59 PM #11
If it's anything like Citrix Secure Gateway, all the certificates along the length (so each hop) of the connection have to be trusted by each of the machines. This is so that you are gauranteed of a secure connection from start to finish.
My Secure Gateway connection takes advantage of this to limit who can access it. By installing the required certificate on machines that you trust (and license) to use the connection, you limit who can get access
4th February 2010, 07:08 PM #12
I might not be anyhelp here, i just know 2k8 can be a pain... by anychance do you use the more secure option? and if so have to tried using the less secure way?
Note: I have not using TSgateway for 2k8 but just a thought
28th May 2010, 12:58 AM #13
- Rep Power
Thank You k-strider. That solved my problem. A+
18th July 2012, 03:42 PM #14
- Rep Power
Thank you k-strider this solved an issue I was having within my corporate network as well!
By WebbA in forum MIS Systems
Last Post: 4th October 2012, 01:22 PM
By firefighting in forum Wireless Networks
Last Post: 4th June 2008, 07:15 PM
By Jamie_a in forum Windows
Last Post: 23rd January 2008, 02:56 PM
By Norphy in forum Windows
Last Post: 29th November 2006, 11:21 AM
Last Post: 27th April 2006, 10:44 AM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)