If you are unable to connect your Windows computer remotely and you receive a message The remote computer requires Network Level Authentication, then this post may be able to help you. Users have reported receiving this error on domain-connected systems even when Network Level Authentication or NLA is enabled. Show
 The variants of the message that you could see are:
Or-
This article will help you with a step-by-step guide to this solution. However, you might want a more permanent solution because you cannot run the device forever without an actively enabled NLA. So you need a better solution. This article will offer you that as well. 1] Change Remote Desktop setting Going via the Remote Desktop Settings route is the simpler solution. It will work for you and you might not feel the need to enable NLA back on. So, if you are ready for this solution, here is how you go about it. Follow the steps carefully. 1] Go to ‘Run’ and type ‘sysdm.cpl’ and hit the ‘Enter’ button. 2] You are now in the System Properties window. You need to go to the Remote tab. 3] Find the “Allow connections only from computers running Remote Desktop with Network Level Authentication (recommended)” and uncheck this option. 4] Click ‘Apply’ and then click ‘OK’ or hit the ‘Enter’ button to disable Network Level Authentication. 5] Reboot your device and check if you can connect devices remotely. This fix should work because you just undid the only thing that was causing the problem. But just in case it did not work, or you do not want to pursue this route, there is another option which is also simple to follow. 2] Edit Registry Note: Please backup your data before making changes to the registry of the system. Follow the steps very carefully and you will be good to go. You have already created your System Restore point so there’s nothing to worry about anymore. So here we go. 1] Go to ‘Run’ and type ‘regedit’ and click ‘OK’ or hit ‘Enter’. This opens the Registry Editor. 2] Look at the left panel in the Registry Editor window and find the registry key called: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa3] Select Lsa and then locate Security Packages in the right panel. Double-click on it. 4] Find the Edit Multi-String option and type ‘tspkg’ in the Value data box. This will be the only value. 5] Thereafter, locate the following registry key in the navigation pane: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders6] Double-click SecurityProviders in the right-pane to open its properties. 7] Type credssp.dll in the Value data box and let it be the only value. 8] Click ‘OK’ and close the Registry Editor. Though the second method is more elaborate and needs more attention, it is the recommended solution. I hope this helps. How do I connect to Remote Desktop with Network Level Authentication?If there is no way to connect to a remote desktop with the NLA or receive an error asking you that NLA is missing, you need to enable an option. It is available with the Group Policy. Open Group Policy Editor and navigate to Computer Configuration > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Security. Locate and enable the Require user authentication for remote connections by using Network Level Authentication policy. Are third-party services better than Remote Desktops?Remote Desktops are limited to when you connect to a computer on the same network or through the IP address. Compared to this, services such as AnyDesk or Team Viewer use their network to connect computers. On top of this, third-party services offer a lot more compared to Remote Desktop, which is primarily used on Enterprise and Home networks. KB ID 0001375 Seen when attempting to connect to a remote machine via Remote Desktop;
Also See: Windows RDP: ‘An authentication error has occurred’ SolutionWell the clue is in the error massage, RDP is enabled but it requires NLA authentication. e.g. This box has been selected. Now, if you want NLA that’s fine, make sure your RDP client has been updated, and you, and the target, are domain authenticated, and can see a domain controller. But what if that computer is on a remote site, and you need to get on it? Or it’s in the server room downstairs and you’re lazy like me! Well the simplest way to get on is to use a LOCAL account on that machine, (if you know the username and password for a LOCAL account,) like so; WARNING/DISCLAIMERThis article was written at a time when clients may not have had up to date RDP clients that supported NLA, that’s no longer the case (If you are in a sole Windows environment, and you are updating your clients). Simply disabling NLA is NOT a solution. I’m really getting tired of people posting comments saying ‘This is a bad article’ and ‘I don’t understand’. Well how about you have 500 linux based thin clients that use RDP software that does not support NLA? Before posting a criticism please take some time to work in, and support a few different environments guys. And appreciate that you are here because you couldn’t fix it yourself, so you clicked on the link to come here, to read information that I’m providing for free, in my own time, to help you out. Disable NLA Remotely (via Registry)Read above disclaimer before proceeding The drawback of this method is it usually requires a reboot (which we can do remotely, but if it’s a production server that will mean some downtime). Open Regedit > File > Connect Network Registry > Search for and select your target machine > OK. Navigate to;
HKLM > SYSTEM > CurrentControlSet > Control >Terminal Server > WinStations > RDP-Tcp Locate the following two values, and set them to 0 (zero)
Give it a try now, but I found I needed to reboot the target first, using the ‘restart-computer’ PowerShell Commandlet. Disable NLA Remotely (via PowerShell)Read above disclaimer before proceeding I prefer this method as it works instantly, and can be reversed just as quick! Open an administrative PowerShell command window. Execute the following two commands;
$TargetMachine = “Target-Machine-Name“ (Get-WmiObject -class “Win32_TSGeneralSetting” -Namespace root\cimv2\terminalservices -ComputerName $TargetMachine -Filter “TerminalName=’RDP-tcp'”).SetUserAuthenticationRequired(0) Disable NLA Remote Desktop Requirement Through Group PolicyRead above disclaimer before proceeding If you want to ‘blanket disable’ NLA then group policy is the way to go;
Computer Configuration > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Security Locate the ‘Require user authentication for remote connections by using Network Level Authentication’ and set it to disabled. Then Force a Domain Group Policy Refresh, Related Articles, References, Credits, or External LinksNA |
The remote computer requires Network Level Authentication, which your computer does not support
Pos Terkait
Copyright © 2024 ketajaman Inc.
