Solved

Network Level authentication

Posted on 2011-03-23
14
1,254 Views
Last Modified: 2012-05-11
Hi there i have a windows 2008 r2 standard server running as a terminal server
i have set the network level authentication to allow any rdp connection
i have set this using local group policy on the terminal server and the remote tab
however every time the server restarts this reverts back to using network level authentication and no one can log in.
i am not aware of this being set at any other policy so i dont understand why this keeps reverting back.
How can i set this permantely
0
Comment
Question by:dougdog
  • 8
  • 6
14 Comments
 
LVL 5

Expert Comment

by:NotVeryFat
ID: 35197523
Have you tried setting it on the cosole (rather than Terminal Service).

Also try running gpresult /r from a command prompt (or RSoP) to make sure there is definitely no over-riding policy.
0
 

Author Comment

by:dougdog
ID: 35197579
do you mean in remote desktop session host configuration
0
 
LVL 5

Expert Comment

by:NotVeryFat
ID: 35197612
I mean log on to the console desktop itself and change the network level authentication, rather than making the change via Remote desktop.

While you're there, check for group policies (Command Prompt, gpresult /r) or Start -> Run -> MMC and add the Resultant Set of Policy snap-in which will tell you exactly what settings are being applied by which policy.

Hope this helps...
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 

Author Comment

by:dougdog
ID: 35197803
it was set to not configured
also no other policies are being applied
0
 
LVL 5

Expert Comment

by:NotVeryFat
ID: 35198341
"it was set to not configured" - Have you now configured, or does the same thing keep happening?
0
 

Author Comment

by:dougdog
ID: 35198572
i changed it to disabled but every time the server restarts it sets it back to enabled.
i ran rsop and it is the local security policy
everytime i change it after a restart it sets it back to enabled
0
 
LVL 5

Expert Comment

by:NotVeryFat
ID: 35198625
Sorry to ask what may sound like a daft question. Where exactly are you making the change (i.e. secpol.msc, gpedit.msc)?
0
 

Author Comment

by:dougdog
ID: 35198871
gpedit.msc
also tried logging in locally and changing it
0
 
LVL 5

Expert Comment

by:NotVeryFat
ID: 35199058
Is your Default Domain policy set to 'Enforced'?

Also, from Egghead Cafe site, not sure if it will help:
There is an option RDP server config to Allow connections only from computers running Remote Destop with Network Level Authentication and it is enabled by default.
I disabled it and RDP is working for Win XP clients.
0
 

Author Comment

by:dougdog
ID: 35199137
when i run a rsop it is the local security policy that is changing not a domain policy
0
 
LVL 5

Expert Comment

by:NotVeryFat
ID: 35199337
Not sure if it'll help, but according to Microsoft:  If the Allow connections from computers running any version of Remote Desktop (less secure) is not selected and is not enabled, the Require user authentication for remote connections by using Network Level Authentication Group Policy setting has been enabled and has been applied to the RD Session Host server.

Not sure if that's then causing the other policy to reset.
0
 

Author Comment

by:dougdog
ID: 35200165
still no luck
0
 

Accepted Solution

by:
dougdog earned 0 total points
ID: 35511386
turns out it was sccm client that was enabling this by default
0
 

Author Closing Comment

by:dougdog
ID: 35714668
this was the answer
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Pop culture is prime bait for hackers seeking to infect user’s computers and mobile devices with malicious malware. Hackers know exactly what the latest trends are online and know how to use them to their advantage.
One of the biggest threats in the cyber realm pertains to advanced persistent threats (APTs). This paper is a compare and contrast of Russian and Chinese APT's.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question