Cloud Computing

3 Mins Read

Troubleshooting RDS Access Issues After Windows Server License Grace Period

Voiced by Amazon Polly

Overview

There is a grace period of 120 days during which Windows Server’s Remote Desktop Services (RDS) can function without requiring CALs or a Remote Desktop License Server. Standard RDP access, including for administrators, is restricted after this time, which causes serious access problems. This blog post explains how to use the mstsc /admin command to get around the license limitation, restore administrator access, and, if desired, reset the grace period in recovery or lab scenarios.

Pioneers in Cloud Consulting & Migration Services

  • Reduced infrastructural costs
  • Accelerated application deployment
Get Started

Introduction

When Remote Desktop Services (RDS) is installed on a Windows Server, Microsoft provides a 120-day grace period during which RDS can be used without a license server or Client Access Licenses (CALs). Once this grace period expires, standard Remote Desktop Protocol (RDP) sessions will be blocked. Even administrators may find themselves unable to log in through normal RDP methods. In this guide, we explain how to regain access using the /admin switch in MSTSC and reset the grace period if needed.

What Happens After the Grace Period Ends?

After the 120-day RDS grace period expires:

  • Users will see an error such as:

“The remote session was disconnected because there are no Remote Desktop License Servers available to provide a license.”

  • Even administrator accounts will be blocked from initiating standard RDP sessions.

Solution: Open RDP Sessions with Administrative Rights Using MSTSC /admin

The /admin switch in the Remote Desktop Client (MSTSC) allows administrators to connect without consuming an RDS CAL. This is critical for regaining access when licensing has expired.

Step-by-Step Guide

Follow these instructions to execute the mstsc /admin command to launch an RDP session with administrative rights. This technique guarantees you complete control over the distant system to carry out necessary operations.

  • Launch the Run command
    The Run dialog box can be accessed by pressing Windows + R on your keyboard.
    Using this shortcut, you can quickly activate tools and run commands without going through menus.
  • Type the command MSTSC.

Enter the command mstsc /admin in the Run box.
In order to run the command, press Enter.
Remote Desktop is instructed to start a session with elevated administrative privileges by this action.

  • Specify the Server

In the interface for Remote Desktop Connection that displays:

In the “Computer” section, type the target server’s or computer’s name or IP    address.

To view more sophisticated connection settings, click “Show Options.”

  • Enter your credentials

In the extended settings:

In the “User name” column, type your username. Verify that the target system grants administrative privileges to this user account.

Enter your login information in the following way for domain environments:  DOMAIN\Username

To continue, click “Connect.”

  • Authenticate Your Session

A prompt asking for the password for the supplied username will show up.

Press OK after entering the password correctly and without typos.

Then, proceed to delete the grace period.

Troubleshooting Common Issues when Using MSTSC/Admin to Open an RDP Session

Here’s a detailed guide to troubleshoot and resolve common problems:

  • The issues with the connection
    Concern: The remote system could not be connected to it.
    Solutions:

    • Check Remote Desktop Settings:
  1. Make sure the destination machine has the Remote Desktop turned on.
    Go to System > Remote Settings under Control Panel
  2. Verify that the user account is authorized to connect by selecting Allow Remote Connections.
    • Verify the configuration of the network:
  3. Verify that the distant computer can be accessed across the network.
  4. Verify that the client’s and server’s firewall settings allow access to port 3389, the default RDP port.
    • Rules for Firewalls:
      1. Create a Windows Firewall exemption for RDP:
        Control Panel > Windows Defender Firewall > Configure Windows
      2. Defender Firewall to Permit an App or Feature
        Alternatively, set up the firewall so that port 3389 is open to inbound connections.
    • Authentication Issues

Concerns: The login credentials are not accepted.

Solutions:

  • Verify Admin Privileges:

Verify that your account on the target system has administrative rights.

  • Format for a Domain Account:

Use the format DOMAIN\Username for domain environments.

  • Change the password again:

Use the Active Directory console or the system administrator to reset the password if you think there may be a problem.

Conclusion

When the 120-day RDS grace period expires, and standard RDP logins fail, using mstsc /admin is vital for regaining access. From there, you can address licensing, install CALs, or reset the grace period for testing. Always ensure you remain compliant with Microsoft licensing in production environments.

Drop a query if you have any questions regarding Remote Desktop Services and we will get back to you quickly.

Making IT Networks Enterprise-ready – Cloud Management Services

  • Accelerated cloud migration
  • End-to-end view of the cloud environment
Get Started

About CloudThat

CloudThat is an award-winning company and the first in India to offer cloud training and consulting services worldwide. As a Microsoft Solutions Partner, AWS Advanced Tier Training Partner, and Google Cloud Platform Partner, CloudThat has empowered over 850,000 professionals through 600+ cloud certifications winning global recognition for its training excellence including 20 MCT Trainers in Microsoft’s Global Top 100 and an impressive 12 awards in the last 8 years. CloudThat specializes in Cloud Migration, Data Platforms, DevOps, IoT, and cutting-edge technologies like Gen AI & AI/ML. It has delivered over 500 consulting projects for 250+ organizations in 30+ countries as it continues to empower professionals and enterprises to thrive in the digital-first world.

FAQs

1. What is mstsc/admin used for?

ANS: – It circumvents licensing checks during emergencies or administration by enabling administrators to connect to a Windows server without using a Remote Desktop Services CAL.

2. What is the maximum number of times I can reset the RDS grace period?

ANS: – Although resetting it frequently in laboratory settings is technically impossible, this is not a sustainable solution. The right license ought to be used.

WRITTEN BY Ritushree Dutta

Share

Comments

    Click to Comment

Get The Most Out Of Us

Our support doesn't end here. We have monthly newsletters, study guides, practice questions, and more to assist you in upgrading your cloud career. Subscribe to get them all!