Woody Leonhard's no-bull news, tips and help for Windows, Office and more… Please disable your ad blocker – our (polite!) ads help keep AskWoody going!
Home icon Home icon Home icon Email icon RSS icon
  • Terminal services/logon issues on freshly imaged Win7 Pro machine

    Posted on zero2dash Comment on the AskWoody Lounge

    Home Forums AskWoody support Windows Windows 7 Questions: Windows 7 Terminal services/logon issues on freshly imaged Win7 Pro machine

    This topic contains 2 replies, has 3 voices, and was last updated by  ch100 1 week, 2 days ago.

    • Author
      Posts
    • #209743 Reply

      zero2dash
      AskWoody Lounger

      My primary workstation running Win7 Pro is suddenly losing the ability for a log on, either locally (at the terminal) or via RDP or SSH.
      I have to do a hard reboot by holding the power button down, and then choosing “Start normally” at the boot prompt. I cannot Shut Down gracefully once it gets to this point. This morning is the 3rd time this has happened.

      When this happens, I cannot log on locally at the terminal (desktop). I can click my icon, but nothing happens – I am not prompted for my password. If I try to RDP to the machine, I enter password, but it just loads endlessly and never connects. I cannot SSH to the machine either; I enter username, am prompted to enter password, and then it loads endlessly, again. I’ve also tried logging on remotely using Chrome Remote Desktop, and that doesn’t work either. The machine, after a short time, shows up in there as Offline. (However it’s not losing network connection, as I can ping and try to RDP and get to the authentication prompt via RDP.) I’ve also tried to use psexec from another machine on the LAN to reboot the trouble machine, and psexec cannot connect.

      As far as I know, the profiles are not corrupted because when I am able to log on, it works. I don’t get any errors about “no able to load profile, using a temporary profile” like you’d typically see with a corrupted user profile. System was re-imaged from scratch a week ago. No updates have been installed since then.
      It is a Group B machine, with all Sec Only updates from 2016, all but Feb of 2017 (Feb had no patches), and March of 2018 (the Smeltdown patch issues). I have not installed anything past June 2018’s updates. It does have IE11 and .NET 4.6.2, up to date, again through June 2018.

      No updates other than Security related updates have been installed; no Optional updates. If an update did not say “Security” in the description, it was not installed. WU is completely disabled via Group Policy.

      I run Bitvise SSH server on this machine, and it is exposed to the world. I use it to remotely access my LAN from the outside world, and typically RDP to this machine (and if I need to, then I RDP-hop to another machine on the LAN). Bitvise SSH server is locked down; only my Windows account has the ability to log on. “Guest” cannot. I use both password and private key authentication for the SSH handshake, so it’s as secure as it can be. I mention this for full disclosure, but I do not believe Bitvise is the culprit here. I don’t believe there’s a hack attempt or anything like that going on here. Bitvise is set to block by IP for 5 unsuccessful logon attempts.

      I’m not sure what to look up in Event Viewer. Seems like there’s something happening here with Terminal Services or logon. I looked last night and didn’t see anything that really stood out as a possible culprit. (I have some familiarity with Terminal Servers and having RDP logon issues, but have never seen something like this happen on a desktop.)

      No real rhyme or reason to it. I thought it was an issue with VirtualBox since I had that running the prior 2 times it happened, so I left VB ‘off’ after rebooting last night and it just happened again anyway.

      The same machine was rock solid on 10 1709 with the same software including Bitvise SSH.
      I would say I have a bad update patch, but the other 2 machines at home I’m running that were re-imaged off the same 7 Pro ISO and updated with the exact same process have so far been rock solid.

      I do have EMET 5.52 installed and set to Maximum Security. I would hope though that this wouldn’t be causing issues with Windows or its services itself. (When this machine had Win10, EMET was not installed as the protection is now baked in to Defender.)

      Having a bit of a head scratching issue here…hoping someone can shed some light or bounce an idea off. I don’t really want to switch back to Win10.

    • #209900 Reply

      abbodi86
      AskWoody MVP
      • #209938 Reply

        ch100
        AskWoody MVP

        @abbodi86 I appreciate your patience in trying to identify the exact patch which cause this problem, but I think the OP would be better off being advised to stop selecting patches and install everything up to date (possible with the exception of the well documented KB2952664, KB3021917, KB971033). 🙂

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Terminal services/logon issues on freshly imaged Win7 Pro machine

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Your information:


    Comments are closed.