All Products
Search

This Product

    :What do I do if I am prompted with a Remote Desktop Disconnected error when I connect to a Windows instance by using Remote Desktop?

    Document Center

    :What do I do if I am prompted with a Remote Desktop Disconnected error when I connect to a Windows instance by using Remote Desktop?

    Last Updated:Mar 17, 2023

    This topic describes how to resolve the issue that you are prompted with a Remote Desktop Disconnected error when you connect to a Windows instance by using Remote Desktop.

    Problem description

    You cannot connect to a Windows Elastic Compute Service (ECS) instance by using Remote Desktop and are prompted with a Remote Desktop Disconnected error.

    Cause

    Log on to the Windows instance by using Virtual Network Computing (VNC). Perform the operations that are descried in Use logs in Windows instances to view system logs in Event Viewer. The error message "The Terminal Server security layer detected an error in the protocol stream and has disconnected the client" appears. This issue may occur because the Certificate subkey in the registry of the instance is corrupted.

    Note

    The Certificate subkey is responsible for the authentication and encryption of data information in Terminal Services communication. If the subkey is corrupted, the protocol component of Terminal Services detects errors and interrupts communication between the client and the instance. The Certificate subkey may be corrupted because of various reasons. For example, the subkey may be corrupted because an administrator installs or uninstalls specific system software or because the parameters of Terminal Services are improperly configured.

    Solution

    In the example, an instance that runs Windows Server 2008 R2 is used. The operations that you must perform may vary based on the operating system of the instance.

    1. Connect to the Windows instance by using VNC.

      For more information, see Connect to a Windows instance by using a password.

    2. Choose Start > Run. In the Run dialog box, enter regedit and click OK.

    3. In the Registry Editor window, navigate to the HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Terminal Server\RCM path. Right-click Certificate, select Delete, and then click Yes.

    4. Choose Start > Administrative Tools > Remote Desktop Services > Remote Desktop Session Host Configuration.

    5. In the left-side navigation pane, click RD Session Host Configuration. Then, double-click RDP-Tcp on the right side. In the RDP-Tcp Properties dialog box, click the General tab and set Security Layer to RDP Security Layer. Then, click OK to save the configurations.

    6. Restart the instance for the configurations to take effect.

    7. Use Remote Desktop to connect to the Windows instance again and make sure that you can log on to the instance as expected.