Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Network Level authentication

Posted on 2011-03-23
14
Medium Priority
?
1,284 Views
Last Modified: 2012-05-11
Hi there i have a windows 2008 r2 standard server running as a terminal server
i have set the network level authentication to allow any rdp connection
i have set this using local group policy on the terminal server and the remote tab
however every time the server restarts this reverts back to using network level authentication and no one can log in.
i am not aware of this being set at any other policy so i dont understand why this keeps reverting back.
How can i set this permantely
0
Comment
Question by:dougdog
  • 8
  • 6
14 Comments
 
LVL 5

Expert Comment

by:NotVeryFat
ID: 35197523
Have you tried setting it on the cosole (rather than Terminal Service).

Also try running gpresult /r from a command prompt (or RSoP) to make sure there is definitely no over-riding policy.
0
 

Author Comment

by:dougdog
ID: 35197579
do you mean in remote desktop session host configuration
0
 
LVL 5

Expert Comment

by:NotVeryFat
ID: 35197612
I mean log on to the console desktop itself and change the network level authentication, rather than making the change via Remote desktop.

While you're there, check for group policies (Command Prompt, gpresult /r) or Start -> Run -> MMC and add the Resultant Set of Policy snap-in which will tell you exactly what settings are being applied by which policy.

Hope this helps...
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:dougdog
ID: 35197803
it was set to not configured
also no other policies are being applied
0
 
LVL 5

Expert Comment

by:NotVeryFat
ID: 35198341
"it was set to not configured" - Have you now configured, or does the same thing keep happening?
0
 

Author Comment

by:dougdog
ID: 35198572
i changed it to disabled but every time the server restarts it sets it back to enabled.
i ran rsop and it is the local security policy
everytime i change it after a restart it sets it back to enabled
0
 
LVL 5

Expert Comment

by:NotVeryFat
ID: 35198625
Sorry to ask what may sound like a daft question. Where exactly are you making the change (i.e. secpol.msc, gpedit.msc)?
0
 

Author Comment

by:dougdog
ID: 35198871
gpedit.msc
also tried logging in locally and changing it
0
 
LVL 5

Expert Comment

by:NotVeryFat
ID: 35199058
Is your Default Domain policy set to 'Enforced'?

Also, from Egghead Cafe site, not sure if it will help:
There is an option RDP server config to Allow connections only from computers running Remote Destop with Network Level Authentication and it is enabled by default.
I disabled it and RDP is working for Win XP clients.
0
 

Author Comment

by:dougdog
ID: 35199137
when i run a rsop it is the local security policy that is changing not a domain policy
0
 
LVL 5

Expert Comment

by:NotVeryFat
ID: 35199337
Not sure if it'll help, but according to Microsoft:  If the Allow connections from computers running any version of Remote Desktop (less secure) is not selected and is not enabled, the Require user authentication for remote connections by using Network Level Authentication Group Policy setting has been enabled and has been applied to the RD Session Host server.

Not sure if that's then causing the other policy to reset.
0
 

Author Comment

by:dougdog
ID: 35200165
still no luck
0
 

Accepted Solution

by:
dougdog earned 0 total points
ID: 35511386
turns out it was sccm client that was enabling this by default
0
 

Author Closing Comment

by:dougdog
ID: 35714668
this was the answer
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Internet has made sending and receiving information online a breeze. But there is also the threat of unauthorized viewing, data tampering, and phoney messages. Surprisingly, a lot of business owners do not fully understand how to use security t…
2017 was a scary year for cyber security.  Hear what our security experts say that hackers have in store for us in 2018.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question