Solved

Network Level authentication

Posted on 2011-03-23
14
1,246 Views
Last Modified: 2012-05-11
Hi there i have a windows 2008 r2 standard server running as a terminal server
i have set the network level authentication to allow any rdp connection
i have set this using local group policy on the terminal server and the remote tab
however every time the server restarts this reverts back to using network level authentication and no one can log in.
i am not aware of this being set at any other policy so i dont understand why this keeps reverting back.
How can i set this permantely
0
Comment
Question by:dougdog
  • 8
  • 6
14 Comments
 
LVL 5

Expert Comment

by:NotVeryFat
ID: 35197523
Have you tried setting it on the cosole (rather than Terminal Service).

Also try running gpresult /r from a command prompt (or RSoP) to make sure there is definitely no over-riding policy.
0
 

Author Comment

by:dougdog
ID: 35197579
do you mean in remote desktop session host configuration
0
 
LVL 5

Expert Comment

by:NotVeryFat
ID: 35197612
I mean log on to the console desktop itself and change the network level authentication, rather than making the change via Remote desktop.

While you're there, check for group policies (Command Prompt, gpresult /r) or Start -> Run -> MMC and add the Resultant Set of Policy snap-in which will tell you exactly what settings are being applied by which policy.

Hope this helps...
0
 

Author Comment

by:dougdog
ID: 35197803
it was set to not configured
also no other policies are being applied
0
 
LVL 5

Expert Comment

by:NotVeryFat
ID: 35198341
"it was set to not configured" - Have you now configured, or does the same thing keep happening?
0
 

Author Comment

by:dougdog
ID: 35198572
i changed it to disabled but every time the server restarts it sets it back to enabled.
i ran rsop and it is the local security policy
everytime i change it after a restart it sets it back to enabled
0
 
LVL 5

Expert Comment

by:NotVeryFat
ID: 35198625
Sorry to ask what may sound like a daft question. Where exactly are you making the change (i.e. secpol.msc, gpedit.msc)?
0
Why spend so long doing email signature updates?

Do you spend loads of your time carrying out email signature updates? Not very interesting are they? Don’t let signature updates get you down. Let Exclaimer Cloud - Signatures for Office 365 make managing email signatures a breeze.

 

Author Comment

by:dougdog
ID: 35198871
gpedit.msc
also tried logging in locally and changing it
0
 
LVL 5

Expert Comment

by:NotVeryFat
ID: 35199058
Is your Default Domain policy set to 'Enforced'?

Also, from Egghead Cafe site, not sure if it will help:
There is an option RDP server config to Allow connections only from computers running Remote Destop with Network Level Authentication and it is enabled by default.
I disabled it and RDP is working for Win XP clients.
0
 

Author Comment

by:dougdog
ID: 35199137
when i run a rsop it is the local security policy that is changing not a domain policy
0
 
LVL 5

Expert Comment

by:NotVeryFat
ID: 35199337
Not sure if it'll help, but according to Microsoft:  If the Allow connections from computers running any version of Remote Desktop (less secure) is not selected and is not enabled, the Require user authentication for remote connections by using Network Level Authentication Group Policy setting has been enabled and has been applied to the RD Session Host server.

Not sure if that's then causing the other policy to reset.
0
 

Author Comment

by:dougdog
ID: 35200165
still no luck
0
 

Accepted Solution

by:
dougdog earned 0 total points
ID: 35511386
turns out it was sccm client that was enabling this by default
0
 

Author Closing Comment

by:dougdog
ID: 35714668
this was the answer
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
Find out what Office 365 Transport Rules are, how they work and their limitations managing Office 365 signatures.
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now