I have a Windows Service running on a Windows Server 2003 x64 machine. I have the Remote Debugger Service (from VS 2008 Sp1) running on that machine, with all permissions set to allow the development team to connect and debug.
The remote debugger service runs as a domain account that has administrator privileges.
When running Visual Studio 2008 Sp1 on a Windows Server 2003 development machine, we were able to connect without problems.
Now I am migrating to Windows Server 2008 R2 as my development platform, and I am no longer able to connect to the remote machine with the remote debugger without the use of a workaround involving the creation of local users (see workarounds).
Closer inspection (by switching on Network NTLM Auditing via Local Security Policy, and then examining the Security event log on the developer machine) shows that the process fails at some point after the debuggee machine reverse-authenticates back to the development machine using the credentials under which the debugger service is running.
Although authentication is successful, it appears that the logon sessions are then destroyed immediately afterwards. Whether this is a symptom, cause, or just a side-effect I cannot be sure.
My thinking is that there is an incompatibility with the network-logon NTLM token that is sent by the 2003 machine to the 2008 R2 when the reverse authentication occurs.