none
Network Level Authentication error with Remote Desktop Connection between Windows 7 machines

    Question

  • Hello all

    I am having an issue with Remote Desktop Connection.

    I can connect to my Laptop from my Desktop using Remote Desktop Connection but when I try to connect to my Desktop from my Laptop I get an error stating that Network Level Authentication is not supported on the machine I am connecting from, i.e. the Laptop.

    Both the Laptop and the Desktop are running Windows 7 Ultimate.

    This used to work fine and I am unable to find what has changed.

    I have even tried doing a Repair Install of Windows 7 Ultimate on the Laptop but still have the same issue.

    Does anyone have any ideas, short of reinstalling Windows 7 Ultimate from scratch?

    Thanks in advance

    Kevin

    Monday, March 22, 2010 10:38 AM

All replies

  •  

     

    Hi Kevin,

     

    Based on my research, I suggest you refer to the following article to troubleshoot the issue.

     

    I would suggest you to read through the article in the link below and see if it can fix the issue.

     

    Why can’t I connect using Remote Desktop Connection?

     

    Meanwhile, please also refer to the following articles to configure the Network Level Authentication you can see if that has something useful

     

    Configure the Network Level Authentication Setting for an RD Session Host Server

     

    Configure Network Level Authentication for Remote Desktop Services Connections

     

    If the error message persists, please capture and upload it

     

    Thanks,

    Novak

     

    Wednesday, March 24, 2010 6:41 AM
  • Hello

    Thanks for the reply.

    I already followed the instructions in the articles you listed as I found them when I used Google to research the error.

    I have uploaded a snapshot of the error I receive at the address listed below.

    http://cid-22b6e37ca0e5c56f.skydrive.live.com/self.aspx/Troubleshooting/RDP%20Error.PNG

    Both machines are using Windows 7 Ultimate and I am able to RD into this machine fine, just not the other way.

    Thanks in advance

    Kevin

    Thursday, March 25, 2010 11:34 AM
  • Based on my research, I suggest you also try the following steps.

     

    1.Open registry editor.

     

    2.Navigate or browse to the following key:

     

    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Terminal Server

     

    3.Locate the fDenyTSConnections subkey, and change the DWORD value to 0.

     

    4.To enforce the use of RDP 6.0 and NLA, navigate to the following key:

     

    HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Terminal Server\WinStations\RDP-Tcp

     

    5.Locate the UserAuthentication subkey, and change the DWORD value to 1.

     

    6.Exit registry editor and restart the computer to make the changes effective.

     

    Note: Please backup the registry key before modifying the above keys.

     

    Thanks,

    Novak

     

     

    Friday, March 26, 2010 6:49 AM
  • Hello

    Thanks for the reply.

    I have checked the Registry on both machines and those values are already set as you stated.

    Thanks in advance

    Kevin

    Friday, March 26, 2010 10:22 AM
  • Hi,

     

    Please also try the suggestions from the link below on the problematic machine.

     

    Network Level Authentication

     

    Please Note: Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.

     

    Thanks,

    Novak

    Monday, March 29, 2010 9:03 AM
  • Hello again

    Thanks for the reply.

    I had already come across this way to enable NLA when researching this error and unfortunately the settings already exist.

    Thanks in advance

    Kevin

    Monday, March 29, 2010 12:00 PM
  • Hello all

    Does nobody have anymore ideas?

    Thanks in advance

    Kevin

    Thursday, April 08, 2010 5:20 PM
  • You were given the answers.  Sorry, but everything he said, is all I know as well.

    Network Systems Engineer * Zvetco Biometrics * Windows Server 2008 R2 * Core2 6600 @ 3.30GHz * 16 GIGS RAM * NVIDIA 9400GT * **>>PLEASE VOTE POSTS AS USEFUL TO ASSIST OTHER USERS<
    Monday, May 17, 2010 8:37 PM
  • You were given the answers.  

     

    Not a very helpful comment since none of the answers solved his problem.

    I have the exact same problem, I have a laptop and desktop, both Windows 7 Ultimate and fully updated, both with NLA enabled.  I cannot RDP from desktop to laptop, I get the exact same error about NLA.  I followed all the links above.  I can connect successfully if I disable the requirement for NLA in the remote desktop settings on the laptop.  Perhaps this has to do with some sort of firewall or antivirus interference? (I have Norton Security Suite installed on both computers).  Also the wireless network I am on is a work network, and they only allow communication over certain TCP ports, I don't know if that would cause NLA to fail.

     

    Friday, May 13, 2011 8:36 PM
  • I actually had this problem.  My Windows 7 Pro would not remote to another Windows 7 Pro without NLA, and for some reason my version of RDP said it did not support NLA:

    I followed these directions and it worked.  I actually had tspkg in my list but I moved it to the bottom of the values list for no particular reason.  I was missing the reference to credssp.dll.  So, that was the source of my problem. I do not know for the life of me why it stopped working.

    Configure Network Level Authentication
    1. Click Start, click Run, type regedit, and then press ENTER.
    2. In the navigation pane, locate and then click the following registry subkey:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
    3. In the details pane, right-click Security Packages, and then click Modify.
    4. In the Value data box, type tspkg. Leave any data that is specific to other SSPs, and then click OK.
    5. In the navigation pane, locate and then click the following registry subkey:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders
    6. In the details pane, right-click SecurityProviders, and then click Modify.
    7. In the Value data box, type credssp.dll. Leave any data that is specific to other SSPs, and then click OK.
    8. Exit Registry Editor.
    9. Restart the computer.

    This worked for me.


    • Edited by Millerus Wednesday, March 14, 2012 9:05 PM
    • Proposed as answer by Rick Groszkiewicz Friday, August 16, 2013 7:01 PM
    Wednesday, March 14, 2012 9:04 PM
  • I actually had this problem.  My Windows 7 Pro would not remote to another Windows 7 Pro without NLA, and for some reason my version of RDP said it did not support NLA:

    I followed these directions and it worked.  I actually had tspkg in my list but I moved it to the bottom of the values list for no particular reason.  I was missing the reference to credssp.dll.  So, that was the source of my problem. I do not know for the life of me why it stopped working.

    Configure Network Level Authentication
    1. Click Start, click Run, type regedit, and then press ENTER.
    2. In the navigation pane, locate and then click the following registry subkey:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
    3. In the details pane, right-click Security Packages, and then click Modify.
    4. In the Value data box, type tspkg. Leave any data that is specific to other SSPs, and then click OK.
    5. In the navigation pane, locate and then click the following registry subkey:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders
    6. In the details pane, right-click SecurityProviders, and then click Modify.
    7. In the Value data box, type credssp.dll. Leave any data that is specific to other SSPs, and then click OK.
    8. Exit Registry Editor.
    9. Restart the computer.

    This worked for me.


    Worked for me too. Thank you.
    Tuesday, March 27, 2012 6:12 AM
  • That worked for me also.

    Does anyone know why this would change on a Windows 7 64bit Enterprise Edition OS?

    Someone else on my team did not have this issue and they have the same OS that I do.

    Wednesday, August 22, 2012 6:02 PM
  • I had the exactly the same issue, which was apparently caused by messed up computer (server) certificate. The issue was solved by simply changing the computer name which generated a new certificate and fixed the problem in my case.

    Hope this helps someone.

    Regards,

    Ondrej

    Tuesday, November 27, 2012 9:39 PM
  • That worked for me too.

    I use RDP almost every day, on two Windows 7 Pro machines (my desktop and laptop). Today RDP just stopped working, and I'm not sure what caused the problem.

    The key was a missing reference to credssp.dll (steps 5-7).  That was the source of my problem.


    Rick Groszkiewicz Life is too short to drink bad wine ... or bad coffee



    Friday, August 16, 2013 7:03 PM
  • Our problem was caused by a corrupted crypto database catalog:

    Solution
    Stop Cryptographic Services (cryptsvc) by running "net stop cryptsvc".
    Delete or rename the C:\Windows\System32\catroot2 folder.
    Start cryptsvc by running "net start cryptsvc".
    Restart the computer.
    C:\Windows\System32\catroot2 will be recreated. 
    Wait for all the catalog files from C:\Windows\System32\catroot to be imported into the catroot2 database. This may take up to an hour, so be patient.

    Wednesday, August 06, 2014 3:46 AM
  • I have this problem with Windows 7 pro to SBS 2011. The curious thing is NLA was working fine until one fine day it decided not to work anymore. (remote or local does not make a difference)

    The second server on the network has NLA enabled and connects fine. I tried 5 different PCs/Laptops from Windows 7 pro to Windows 8 pro all with the same result. All PCs DO support RDP NLA.

    So how did MS manage to break this again?

    BTW, none of the above mentioned solutions work....or are applicable e.g. credssp.dll was already in the registry etc. the hot fix and latest RDP updates (8.0) have been installed.

    Interim solution is to lower security ( I thought MS was all about security) to allow all sorts of connections.

    Would be nice to actually get MS to provide a solution for what they break. My take on it is that it was an update (as usual).


    Alex Goodside

    Friday, August 22, 2014 12:50 AM