Second Security Prompt when users access Remote Web Access from Server 2012 R2

We have recently deployed Server 2012 R2 that replaced an existing SBS2003 box.

They would like to have Remote Web Workplace - Which is now Remote Web Access.

I think that we have everything installed and configured correctly.

The user is able to log into the first prompt.
First Prompt
Once the user is logged in they can select the workstation that they want to connect to.
Select Device
Next they get the security warning for RDC.
Security for RDC
After clicking Connect, the user is met with another login prompt. However this one will not allow the user to login.
Windows Security PromptFailed LogonThe user can enter the correct password but it says logon attempt failed. Any ideas folks... this client is in a real pickle.

Thanks in advance,
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Ganesh Kumar ASr Infrastructure SpecialistCommented:
Check if the user have RDP enabled on the actual remote computer. RDS provides access to take remote session of desired computer. Also check if the domain\username is used with valid credential.

Just a hint, check if both RDS, client workstation and Remote server has proper time sync.
Preferred_ITAuthor Commented:
Workstation has remote access enabled. User is a local administrator. And time synch is correct.
Ganesh Kumar ASr Infrastructure SpecialistCommented:
I also ran into this issue. The final answer in my case was to remove two optional updates from our Windows 7 Pro SP1 x64 clients:
1) KB2574819 - DTLS in Windows 7 SP1 and Windows Server 2008 R2 SP1
2) KB2592687 - Remote Desktop Protocol 8.0 update for Windows 7 SP1 and Windows Server 2008 R2 SP1
Thereafter 'Nowhere Access' became Anywhere Access. Note also, that only Ports 80 and 443 need to be forwarded and once you're done with the 'Gizard' you can close 80 if you wish. Just access the secure port directly using https://...

Try to manually enable RDP 8.0 on the Win 7 desktop computer you want to connect to:
Open the Local Group Policy Editor.
Enable the Remote Desktop Protocol policy (Remote Desktop Protocol 8.0).
The setting for this policy is under the following node:
Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Remote Session Environment
See also:
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Preferred_ITAuthor Commented:
This issue is the same on both win7 and win8
Also chrome and I.E. Exhibit the same behavior.

I enabled rdp 8 on a workstation. and still came to the same issue.
Ganesh Kumar ASr Infrastructure SpecialistCommented:
Did you tried accessing the same machine via LAN.
Preferred_ITAuthor Commented:
I just checked. Yes it works correctly from the LAN.
Muhammad BurhanManager I.T.Commented:
give a try with removing all saved credentials from Credentials Manager and RDP logon settings.
Preferred_ITAuthor Commented:
I removed all entries from credential manager and removed all entries from Windows Remote Connection Client.

I am still unable to get past the second login prompt.
Preferred_ITAuthor Commented:
We tried to make this work with port translation and host headers neither worked.

If we use 443 direct it works.

The client has a single IP static IP address.

We have figured out a workaround to make OWA work and RWA work using the same IP for the time being that doesn't require the user to add a port number to the URL.

Thank for the advice. It would seem RWA does not like to be port translated or host headered.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Preferred_ITAuthor Commented:
This solution worked.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Remote Access

From novice to tech pro — start learning today.