Solved

Network Level authentication

Posted on 2011-03-23
14
1,261 Views
Last Modified: 2012-05-11
Hi there i have a windows 2008 r2 standard server running as a terminal server
i have set the network level authentication to allow any rdp connection
i have set this using local group policy on the terminal server and the remote tab
however every time the server restarts this reverts back to using network level authentication and no one can log in.
i am not aware of this being set at any other policy so i dont understand why this keeps reverting back.
How can i set this permantely
0
Comment
Question by:dougdog
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 6
14 Comments
 
LVL 5

Expert Comment

by:NotVeryFat
ID: 35197523
Have you tried setting it on the cosole (rather than Terminal Service).

Also try running gpresult /r from a command prompt (or RSoP) to make sure there is definitely no over-riding policy.
0
 

Author Comment

by:dougdog
ID: 35197579
do you mean in remote desktop session host configuration
0
 
LVL 5

Expert Comment

by:NotVeryFat
ID: 35197612
I mean log on to the console desktop itself and change the network level authentication, rather than making the change via Remote desktop.

While you're there, check for group policies (Command Prompt, gpresult /r) or Start -> Run -> MMC and add the Resultant Set of Policy snap-in which will tell you exactly what settings are being applied by which policy.

Hope this helps...
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:dougdog
ID: 35197803
it was set to not configured
also no other policies are being applied
0
 
LVL 5

Expert Comment

by:NotVeryFat
ID: 35198341
"it was set to not configured" - Have you now configured, or does the same thing keep happening?
0
 

Author Comment

by:dougdog
ID: 35198572
i changed it to disabled but every time the server restarts it sets it back to enabled.
i ran rsop and it is the local security policy
everytime i change it after a restart it sets it back to enabled
0
 
LVL 5

Expert Comment

by:NotVeryFat
ID: 35198625
Sorry to ask what may sound like a daft question. Where exactly are you making the change (i.e. secpol.msc, gpedit.msc)?
0
 

Author Comment

by:dougdog
ID: 35198871
gpedit.msc
also tried logging in locally and changing it
0
 
LVL 5

Expert Comment

by:NotVeryFat
ID: 35199058
Is your Default Domain policy set to 'Enforced'?

Also, from Egghead Cafe site, not sure if it will help:
There is an option RDP server config to Allow connections only from computers running Remote Destop with Network Level Authentication and it is enabled by default.
I disabled it and RDP is working for Win XP clients.
0
 

Author Comment

by:dougdog
ID: 35199137
when i run a rsop it is the local security policy that is changing not a domain policy
0
 
LVL 5

Expert Comment

by:NotVeryFat
ID: 35199337
Not sure if it'll help, but according to Microsoft:  If the Allow connections from computers running any version of Remote Desktop (less secure) is not selected and is not enabled, the Require user authentication for remote connections by using Network Level Authentication Group Policy setting has been enabled and has been applied to the RD Session Host server.

Not sure if that's then causing the other policy to reset.
0
 

Author Comment

by:dougdog
ID: 35200165
still no luck
0
 

Accepted Solution

by:
dougdog earned 0 total points
ID: 35511386
turns out it was sccm client that was enabling this by default
0
 

Author Closing Comment

by:dougdog
ID: 35714668
this was the answer
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Automate Windows Updates with SCCM 2 93
trying to change time server to time.windows.com, errors 2 41
Windows server 2008 exchange 3 32
Fraud Email 11 43
The next five years are sure to bring developments that are just astonishing, and we will continue to try to find the balance between connectivity and security. Here are five major technological developments from the last five years and some predict…
OnPage: Incident management and secure messaging on your smartphone
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

697 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question