RDP to Terminal Server does not prompt for credentials and gives identity error

KAM9774 0 Reputation points
2024-02-19T21:00:02.12+00:00

Hello,

We have 4 different terminal servers and only one of them has this problem. It is Windows Server 2012 R2. 2 of the other terminal servers are also this same version. They work just fine. I don't know if these two issues are related or just two separate issues.

  1. First issue. When remoting to this particular server, it prompts that the computer cannot be verified. Unsure why it is saying this. This device is on the domain and in the DNS. You can click yes to move pass it.
  2. Second issue. RDP does not prompt for credentials with this particular server. The only time we can enter credentials is when it is on the Windows login screen. Is this some sort of setting in Windows? How do I disable it and return it to normal?
  3. I've already checked credential manager and that is empty on this server. Also this behavior happens when remoting from other servers to this particular server.

User's image

User's image

Windows Server 2012
Windows Server 2012
A Microsoft server operating system that supports enterprise-level management, data storage, applications, and communications.
1,564 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,525 questions
Remote Desktop
Remote Desktop
A Microsoft app that connects remotely to computers and to virtual apps and desktops.
4,369 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Erik Moreau 581 Reputation points MVP
    2024-02-19T22:28:30.6466667+00:00

    Hi KAM,

    1. The verification message on your connection is due to the certificate used by the server not being trusted by the device you are connecting from. If you want to avoid this, you will need to configure certificate auto enrollment for your servers.
    2. For the authentication that is showing the logon screen instead of a prompt, this means NLA (Network Level Authentication) is not turned on for this server's RDP access, check this setting:

    User's image

    It's highly advisable to turn it back on, as this being turned off results in a security risk.

    Hope this helps,

  2. Karlie Weng 16,076 Reputation points Microsoft Vendor
    2024-02-20T09:19:35.1166667+00:00

    Hello, All the confusion stems from the fact that NLA has been disabled on this server. This is the step to enable it: https://www.virtuesecurity.com/enable-network-level-access-windows-rdp/ NLA works like a pre-auth , client will communicate with the auth server. If you disable NLA, terminal server will communicate with the auth server, that's the difference. As for the initial error, please disregard it. It occurred because you haven't configured the trust certificate between the two devices. However, this is completely acceptable.

    ---If the Answer is helpful, please click "Accept Answer" and upvote it.