Today I worked on an issue with a client who has a Small Business Server providing AD/DNS, Exchange, and RRAS services among others.  They also have a member server that does web content filtering.  The problem was that after a patching session and reboots, the web filtering server would no longer accept remote desktop sessions.  The event log had various errors, some which indicated “There are no more endpoints available from the endpoint mapper.”  The server was unjoined from the domain and rejoined but continued having problems.  DCDiag and NetDiag indicated multiple failures, specifically with communicating with the domain, the trust relationship, and DNS resolution.  The errors were still present after rejoining to the domain and deleting the computer account in between.

DCDiag and NetDiag led me back to the simple principle of pinging the domain, the DC short name, etc.  I noticed the short name of the server responded with an IP that was not consistent with the assigned IP of the server, so I looked for the RRAS service and saw it was running with the “bad” IP.  I deleted the DNS entry for that IP and RDP worked!…then didn’t again.  I looked back in DNS and the offending entry was back, so I went into the DNS management GUI and noticed it was listed in the IP addresses of the interfaces tab.  I removed this, deleted the entry, flushed DNS on the web filtering server, and RDP worked.  I also ran DCDiag and NetDiag again, both of which passed their tests.