Microsoft update 902400 and problems connecting to RDP console

Simply removing the

Simply removing the

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\TermService\Parameters\Certificate

registry key worked for me. i can now connect to servers via RDP from my windows mobile 2003SE device

Hi folks, I had the exact

Hi folks,

I had the exact same problem.
Fortunately I just solved it. Unfortunately I'm not sure how.

anyway it was one of the following (It was late and I made two changes but only one reboot..):

Alternative 1:
1. Start Registry Editor.
2. Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\TermService\Parameters
3. Under this registry subkey, delete the following value: • Certificate

Alternative 2:

Set MaxIcmpHostRoutes Registry key on Windows 2003 SP1 server.

The following registry change will negate the intention of the fix, as
it count will roll over when it reaches the max value, and will never
hit the max count.

KEY_LOCAL_MAXHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
Value Type: REG_DWORD
Set MaxIcmpHostRoutes to 0x7FFFFFFF

I made them both and now it works..

Good luck / Stor-Anders

MS is blaming the problem on

MS is blaming the problem on changed permissions but what they say are the defaults is not correct. I reset the %windir%\registration permissions as per their example in Article ID 909444 "echo Y| cacls ..."
This in itself did not help. I found a mention that one needs to change the local domain policy , User rights/Impersonate after authentication...and ensure it lists Administrators, Service and System. It worked for me after too many attempts to list.

kr

I got another call this

I got another call this morning from a customer w 9 workstations. All but one were fine. The one that had gone south was a user that had AutoUpdate configured to download but not install Win fixes until he confirmed, but he had kept putting it off until this past Monday. Similar problems as reported here & at other sites (I don't know about the remote access as none of the systems I've fixed - see my other posts above - have been setup for ra). And now, for the 3rd time, a reinstall of IE6SP1 was all it took to fix it.

So far, I have NOT seen the problem on any of the 12 W2K/03 servers I maintain for various customers - just workstations. But I'd give the IE re-inst a shot if I did see it on one.

Hey guys, I have (up to now)

Hey guys,
I have (up to now) two servers w2k3 sp1 with the same problems. I was also unable to connect to a console session on a patched server. Has Anyone already the procedure to solve this problem !? I spend a lot time with microsoft support and they did not solve my problem.

Thanks in Advance,
LRosa

Same issues with a customer

Same issues with a customer after installing MS05-51 patch on Windows Server 2003. Customer only has issues on DC's, not member servers. We rebuilt a DC from scratch on new hardware with a Server 2003 SP1 integrated CD, patched the box including MS05-51 and it was fine. After we ran DCPROMO to promote the box we installed GPMC with SP1 and Terminal Server Licensing service and rebooted. When it came up after the reboot it was dead with the COM+ service stuck on starting and the network connections folder empty. At no point during the install did we change any folder permissions or install any 3rd party software, this box had all MS and HP (drivers etc) code on it. Following the KB909444 didn't help and neither did removing the patch. We then did a repair install and it was working again with the AD still in tact so we reapplied all the patches EXCLUDING MS05-51 and the box is now stable.

Anther DC that had the same problem ended up being fixed (temporarily) by uninstalling all security updates and SP1. Reinstalling SP1 brought back the same problem so it had to be removed again. That box is now scheduled for a complete rebuild again EXCLUDING MS05-51.

MS need to get a new patch and a better KB out ASAP!

I picked up 2 more customers

I picked up 2 more customers this weekend & today with 902400 installed & having problems with printing, displaying & editing forms online (IE obviously), printing in OE, the Add-Remove Programs applet not displaying the installed list, LAN networking not working, etc. This time, instead of a clean install or a repair install of Windows, I just did a admin installation of IE6SP1 & it worked. I then had a bunch of the critical updates to re-install & everything was working again, including being able to see systems/shares on the LAN, Add-Remove listing correctly & all of the IE/OE problems gone!

Why MS ever tied IE so intimately into Win is beyond me. There's no excuse for Win components (eg, Add-Remove & networking) getting trashed because IE goes south. Hmmmmm??

The 902400 problems that I'm

The 902400 problems that I'm seeing are pretty complex. I have a small IT services business & about 5% of the systems I help maintain are seeing the problem. The above remote connection probs have occurred, but the most severe cases have seen the loss of all networking (thus n/w apps, email, browsing, file/print sharing, etc), the inability to copy/move files between folders or drives, & shutdowns that fail, stopping at a blue screen w just a mouse pointer. Uninstalling the patch has not fixed any of the problems, nor have doing the fixes detailed in kb909444.

Incidentally, none of my clients or I have EVER messed with the security settings on the system folder of subfolders - maybe other MS patches have done this?

The only fix that seems to work is a clean install of Win & all updates, then of programs. On 2 systems I had to remove hdd's & attach to a shop system to get backups, so all of this is time intensive/expensive. Thanks MS for the billable hrs, but I'd be embarrassed if I were you!

Fixed but not sure why

Hey guys... I WAS encountering this problem up until yesterday. It's only by accident that it got fixed...and I don't really know the details of WHY.

I am a total n00b when it comes to server stuff. I am working off a fresh install, and I hadn't completed all my server roles yet. Yesterday I installed DNS and configured the machine as a Domain Controller. Remote access to the console session works now I use "mstsc.exe -v:192.168.X.X /F -console" I'm not qualified to recommend reinstalling DNS and domains/domain controllers to fix this problem. I can only imagine what a pain this would be for a large organization. There has to be a better way. But I can tell you from a fresh install, before DNS/Domain/Domain Controller roles I could not get in. Once these roles were installed I can.

Hope this helps lead to a solution. Good luck guys.