Administration of Active Directory does not have to be hard. Too often what should be a simple task is made more difficult than it needs to be.The solution? Hyena from SystemTools Software. With ease-of-use as well as powerful importing and bulk updating capabilities.
Could not remote into Server 2008 R2
Dear Experts, we could not use remote Desktop service into a Win server 2008 R2, it said that "Your credential did not work"; some steps were performed but could not help:
1. Open all Firewall profiles, disable Antivirus
2. Changing password
3. Create a new local user and add to Remote Desktop Group
4. Change remote port
5. Restart RDP service
6. Allow remote desktop service
Any idea please?
1. Open all Firewall profiles, disable Antivirus
2. Changing password
3. Create a new local user and add to Remote Desktop Group
4. Change remote port
5. Restart RDP service
6. Allow remote desktop service
Any idea please?
Who is Participating?
LVL 4
Sorry guys, my bad. This is duplicate IP problem. I turned off a host with the same IP and RDP on this server worked again.
So by the server saying "Your credentials did not work" that means that it's not a connection issue; you're successfully getting to the server it's just the username or password is wrong or the account is not part of the RDP users group.
This means that it is not #1,4,5 or 6.
Can you RDP using the local admin account?
This means that it is not #1,4,5 or 6.
Can you RDP using the local admin account?
- just to make sure: when you say "local user" you mean local to the server, right?
- any special characters in the password? can you type the password somewhere where you can actually SEE what gets wirtten? (e.g. in the username field). same keyboard layout on server and client?
- no blanks before or after the username (happens here more often than expected)
- any special characters in the password? can you type the password somewhere where you can actually SEE what gets wirtten? (e.g. in the username field). same keyboard layout on server and client?
- no blanks before or after the username (happens here more often than expected)
These threads may help you isolate the issue:
https://www.experts-exchange.com/questions/25050843/RDP-to-Server-2008-credentials-always-fail-initially.html#answer26326753
https://social.technet.microsoft.com/Forums/office/en-US/f6eefd1f-88d9-434c-a2f8-7789651d6b9a/windows-7-remote-desktop-says-the-credentials-that-were-used-to-connect-to-xxxxxxxxxx-did-not?forum=w7itpronetworking
https://www.experts-exchange.com/questions/25050843/RDP-to-Server-2008-credentials-always-fail-initially.html#answer26326753
https://social.technet.microsoft.com/Forums/office/en-US/f6eefd1f-88d9-434c-a2f8-7789651d6b9a/windows-7-remote-desktop-says-the-credentials-that-were-used-to-connect-to-xxxxxxxxxx-did-not?forum=w7itpronetworking
@Tuli:
just to make sure: when you say "local user" you mean local to the server, right?
---> YES, it is local user on that server
- any special characters in the password?
----> No
can you type the password somewhere where you can actually SEE what gets wirtten? (e.g. in the username field). same keyboard layout on server and client?
-----> Yes, I tried copy paste from txt file but no luck
- no blanks before or after the username (happens here more often than expected)
------> No, it does not have
@Neil: the user had "Password never expired " setting, but no luck
just to make sure: when you say "local user" you mean local to the server, right?
---> YES, it is local user on that server
- any special characters in the password?
----> No
can you type the password somewhere where you can actually SEE what gets wirtten? (e.g. in the username field). same keyboard layout on server and client?
-----> Yes, I tried copy paste from txt file but no luck
- no blanks before or after the username (happens here more often than expected)
------> No, it does not have
@Neil: the user had "Password never expired " setting, but no luck
@CES IT: I reviewed the EE link but could not find this option, can you help?
.... on the general tab I changed Security layer from 'Negotiate' to 'RDP Security Layer' and I no longer need to enter credentials to start an RDP session.
.... on the general tab I changed Security layer from 'Negotiate' to 'RDP Security Layer' and I no longer need to enter credentials to start an RDP session.
If it works as a local logon, but not RDP, then it is the permissions on the listener.
Generally, add the user to the Remote Desktop Users group and that will do the trick. If this has been messed with, then you may want to check the permissions on the listener itself.
Generally, add the user to the Remote Desktop Users group and that will do the trick. If this has been messed with, then you may want to check the permissions on the listener itself.
go to Remote Desktop Session Host Configuration in Admin Tools
Under connections, right click the listener in question (most servers only have one) and select properties
On the security tab, add/remove users and groups. (Add the user you want to log in as)
Under connections, right click the listener in question (most servers only have one) and select properties
On the security tab, add/remove users and groups. (Add the user you want to log in as)
There are two layers of authentication in 2008 and upwards. There's authentication with the server (NLA) and then RDP authentication for the session.
Which one is it failing on?
Have you tried disabling NLA?
To do this, right click 'My Computer' and select properties
Click on the remote settings link
When system properties comes up, click on the Remote tab
There are 3 selections at the bottom. pick the middle one (Allow connections from computers running any version of Remote Desktop (less secure))
Which one is it failing on?
Have you tried disabling NLA?
To do this, right click 'My Computer' and select properties
Click on the remote settings link
When system properties comes up, click on the Remote tab
There are 3 selections at the bottom. pick the middle one (Allow connections from computers running any version of Remote Desktop (less secure))
In a command prompt, try
Netstat -ano
Do you have this:?
Proto Local Address Foreign Address State PID
TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING 1176
There will be lots of lines. It needs to match the line above. The PID is not important, but the rest is.
Netstat -ano
Do you have this:?
Proto Local Address Foreign Address State PID
TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING 1176
There will be lots of lines. It needs to match the line above. The PID is not important, but the rest is.
The authentication problem was that you were logging in to serverB with a username and password for serverA due to the IP conflict.
ServerB must have responded to the ARP request last and got it's MAC address in your ARP cache
ServerB must have responded to the ARP request last and got it's MAC address in your ARP cache
No, I did not have a warning in the Desktop notification, I only realized this problem when typed: "ipconfig /all"
Many thanks for your support!
Many thanks for your support!
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
All Courses
From novice to tech pro — start learning today.
