Tag: error

Cannot RDP using OSX. RpcOverHttpEndpointException: 2, Your connection was denied because of a Resource Access Policy (TS_RAP). Please contact your server administrator

Cannot RDP using OSX. RpcOverHttpEndpointException: 2, Your connection was denied because of a Resource Access Policy (TS_RAP). Please contact your server administrator

Posted on by Mark Pace

remote-desktop

After spending many hours trying to resolve a Mac OSX system remoting to a 2012 R2 RDS/TS Server, we have found the fix.

When remoting in you may get the following error:
Cannot RDP using OSX. RpcOverHttpEndpointException: 2, Your connection was denied because of a Resource Access Policy (TS_RAP). Please contact your server administrator

This error is with Microsoft Remote Desktop on a Mac with version 8.0.28 that had been upgraded from 8.0.26.

Interestingly we didn’t have the problem on a fresh client that had 8.0.28 installed fresh and not upgraded from an earlier version.

Navigate and delete or move the following folder: (NOTE: doing so will delete all your preconfigs saved currently)

/Users/username/Library/Containers/com.microsoft.rdc.mac/

Then the next time that you load the client, you get a completely fresh client version, including first run prompts etc. You will need to re-create the profile and gateway however.

After doing that, we no longer get the ‘login failed’ popup.

It seems that something in the version upgrade doesn’t correctly upgrade the settings files, causing the issue. But a fresh setup works.

We haven’t yet found out exactly which file causes the issue however we have tested and can confirm this fix allows the system to connect and work.

 

Credit: Tony “tbigby” Bigby

SBS 2011 Devices or Users cannot relay even after setting anonymous to the connector in Exchange Management

Posted on by Mark Pace

After spending hours trying to rectify our send connector to allow our accounting program to send invoices out, we stumble across an article from Mark Berry at https://www.mcbsys.com.

We had run the Fix My Network Wizard in SBS 2011 and after that Exchange 2010 would not accept email from non authenticated users even if the anonymous was selected.

Can’t Anonymously Send External Email

Once I had made those changes, the accounting system wouldn’t send email external, only internally to our domain/network.

When the application tried to send an email to a recipient outside the network, it failed with a 5.7.1 error:

sterling-it-mail-relay

 

 

 

 

The Persits knowledge base has a helpful article identifying the problem:  it means that “the SMTP server you are using is configured to reject messages sent to outside email addresses and originating from unauthorized IP addresses or users.”

So it’s a separate setting to be able to send mail outside the organization?

Yup, and for some reason it can only be enabled from the Exchange Management Shell, not from the Console. Once I found and executed the command at the bottom of this Petri article, sending mail to external recipients worked as well:

Get-ReceiveConnector "Default SBS" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -ExtendedRights "ms-Exch-SMTP-Accept-Any-Recipient"

Never in a million years would I have figured that one out. Thanks Mr. Petri! (no, thank you Mark Berry for reposting in a clean easy format)

NOTE:  If you need to re-run the Internet connection wizard, it will overwrite most of the above settings, and my mail wasn’t going out. So either don’t run that wizard, or make a note of your Exchange Hub Transport settings first.