Articles on: Secure RDP

How to troubleshoot servers not reporting into TruGrid Secure RDP


How to troubleshoot devices not reporting into TruGrid Secure RDP


If you have end user devices or servers that have been placed into the TG-Computers Active Directory group that are not reporting into TruGrid, even after clicking on the **"Refresh data from AD" **button, please see below steps to further troubleshoot this.


Common reasons for some servers not reporting in


  • Make sure the devices belong to the Active Directory domain connected to this TruGrid environment.
  • Double check if the devices are added in the "TG-Computers" group within Active Directory.
  • Check if the R**emote Desktop Protocol is turned on **the target device.
  • Make sure that the RDP that is set for the inbound connections is the default 3389 port.
  • Check the local log file (C:\Program Files\TruGrid\Sentry\agent.log) of the TruGrid Sentry Agent and see if the device from the TG-Computers group is listed. If it's not, either they were not added to the TG-Computers group or there may be a permissions issue within the custom OU setup of your Active Directory wherein the TruGrid Sentry cannot read those objects.
  • The server the Sentry Agent is installed on should have itself **or an **internal DNS server listed as the primary DNS server, this ensures that the device hostnames you are trying to report in can be resolved via DNS from that server.
  • The DNS name of the servers you are trying to report in should resolve to IPv4 IP addresses. You should be able to do an nslookup on of the computer hostname from the Server the TruGrid Sentry agent is installed on and it should resolve to the current correct IP address.
  • The DNS name should be listed in the Computer properties. See below example of a computer without a DNS name listed.



Provide troubleshooting information to TruGrid


If you have checked these things and it is still not reporting in, we created a PowerShell script you can run to retrieve the data we need to investigate your current DNS and AD configuration to help troubleshoot this further. Please use the below steps to execute this script. 


 # --- TruGrid Simple Diagnostic tool ---
 
$Path = "$([Environment]::GetFolderPath("Desktop"))\TruGrid_Log.txt"
Start-Transcript -Path $Path -Force

Write-Host "`n--- 1. SERVER NETWORK INFO ---" -ForegroundColor Cyan

#First, we run ipconfig to review the Server DNS and networking settings. 

ipconfig /all

#Then, we check if the Sentry server is correctly resolving the TruGrid cloud

Write-Host "`n--- 2. TRUGRID CLOUD CHECK ---" -ForegroundColor Cyan
$CloudHost = "ws.trugrid.com"
try {
    # Using .NET DNS for maximum compatibility (works on old servers)
    $IPs = [System.Net.Dns]::GetHostAddresses($CloudHost)
    Write-Host "Resolve $CloudHost : SUCCESS ($($IPs[0].IPAddressToString))" -ForegroundColor Green
} catch {
    Write-Host "Resolve $CloudHost : FAILED" -ForegroundColor Red
}

#Next, we check the TG-COMPUTERS group membership so we test the network connection to the each one in a loop

Write-Host "`n--- 3. AD GROUP MEMBERS (TG-COMPUTERS) ---" -ForegroundColor Cyan
try {
    Import-Module ActiveDirectory -ErrorAction Stop
    $Members = Get-ADGroupMember -Identity "TG-COMPUTERS" -Recursive:$false
    
    foreach ($node in $Members) {
        if ($node.objectClass -eq "group") { continue } # Skip nested groups
        
        $Name = $node.Name
        $IP = "Unresolved"
        $RDP = "FAIL"

        # 1. Get IP (Using .NET to support older PowerShell)
        try { 
             $IP = ([System.Net.Dns]::GetHostAddresses($Name) | Select-Object -First 1).IPAddressToString 
        } catch {}

        # 2. Test Port 3389 (Using TCPClient to support older PowerShell)
        if ($IP -ne "Unresolved") {
            try {
                $Socket = New-Object System.Net.Sockets.TcpClient
                $Connect = $Socket.BeginConnect($Name, 3389, $null, $null)
                # Wait 1 second for connection success
                if ($Connect.AsyncWaitHandle.WaitOne(1000, $false)) { $RDP = "OK" }
                $Socket.Close()
            } catch {}
        }

        Write-Host "Computer: $($Name.PadRight(15)) | IP: $($IP.PadRight(15)) | RDP(3389): $RDP"
    }
} catch {
    Write-Host "ERROR: Could not find group 'TG-COMPUTERS' or AD Module missing." -ForegroundColor Red
}

Stop-Transcript
Invoke-Item $Path


This script will only read information and save it to a file, it will not change anything.


  1. Open Windows PowerShell ISE as Administrator.
  2. Copy paste the code above into the Powershell ISE window.
  3. Execute the script on your Sentry Server.
  4. The script will create a new log file on the desktop of the Administrative user who ran it.
  5. You can then email or provide the output of the script via chat or to help@trugrid.com .



Updated on: 27/11/2025

Was this article helpful?

Share your feedback

Cancel

Thank you!