We have run into the strangest thing on our production machines, which are Windows Server 2012. The symptom is that you try to connect to the remote desktop, and immediately get a generic error, without asking for credentials.
Fortunately, we still could connect to the remote computer’s Event Log and registry. We found that the Terminal Service fails with the following error in the System events log:
TerminalServices-RemoteConnectionManager, Event ID 1057
The RD Session Host Server has failed to create a new self signed certificate to be used for RD Session Host Server authentication on SSL connections. The relevant status code was Object already exists.
People on the Internet suggested that cleaning Machine Certificates directory (
C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys) would resolve the issue, but it did not.
We had to turn off RDP security by remotely setting this registry value to 0:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\SecurityLayer. I believe this prevents RDP traffic from being encrypted, but I may be wrong.
We suspect that this was a result of some Windows update, or some other similar action, since the problems started happening on all machines at the same time. The investigation is ongoing.