none
Remote Desktop Gateway 2008 R2 - logon attempt failed

    Question

  • I've already read through a lot of threads regarding this. Our RDGW has been working for approx 2 years. Suddenly now, some clients start to get the "logon attempt failed" when they are using rdgw. It does seems to be an increasing problem..

    - Redirection in IIS is OK, checked out!
    - Blank page appears when i try to logon to http://rdgw.server.com/rpc - This is OK.

    I see NO non-normal entries at all in event viewer on the gateway server.

    The only thing I get in event viewer on the client is:

    TerminalServices-ClientActiveXCore/Microsoft Windows-TerminalServices-RDPClient/Operational:

    EventID: 1026 - RDP CLientActiveX is disconnected (reason= 50331649)

    EventID: 1025 - Connection with multiple transport is disconnected(not correct - google translate from locale)

    This is the only thing I can see in the logs, it pops right after I get the: "The logon attempt failed"

    I think a certificate issue is excluded since most of my clients can connect - all certs er valid.

    We got people externally and locally that are experiencing this issue (I've forced rdgw to be sure on the local clients) So most likely this problem has nothing to do with external/internal.  

    On those computers who are unable to logon using rdgw, none accounts works(i've even tried domain admin). So the problem is not user-based either.

    Since the "the logon attempt failed" pops within a second I was'nt sure if the traffic even got to our RDGW, so I checked with wireshark, and I can see that the gw is responding in ssl back to the client. Still there is no entries in the log on the rdgw server..

    Any suggestions?

    thanks





    • Edited by retreiver Monday, October 29, 2012 6:00 PM
    Monday, October 29, 2012 5:45 PM

Answers

  • Hi,

    What Remote Desktop Client version are the problem clients running?  If they recently installed the RDP 8 client (version 6.2.9200, KB2592687) you might want to try removing it to see if that corrects the issue.

    -TP

    • Marked as answer by retreiver Monday, November 05, 2012 8:30 AM
    Monday, October 29, 2012 6:10 PM
    Moderator
  • Try this:

    On your Server 2008 R2 Machine:

    1.  open IIS manager

    2.  Select the default web site

    3.  Select SSL

    4.  Change the setting to ignore client certificates.

    This solves some issues with Windows 8 clients (which have RDP8), so it may fix some of your issues.


    • Marked as answer by retreiver Monday, November 05, 2012 8:30 AM
    Friday, November 02, 2012 3:50 AM

All replies

  • Hi,

    What Remote Desktop Client version are the problem clients running?  If they recently installed the RDP 8 client (version 6.2.9200, KB2592687) you might want to try removing it to see if that corrects the issue.

    -TP

    • Marked as answer by retreiver Monday, November 05, 2012 8:30 AM
    Monday, October 29, 2012 6:10 PM
    Moderator
  • Sorry to hijack the thread... I am having this exact same issue an the client systems are not running the RDP 8 client. 
    Monday, October 29, 2012 9:11 PM
  • Hi,

    What Remote Desktop Client version are the problem clients running?  If they recently installed the RDP 8 client (version 6.2.9200, KB2592687) you might want to try removing it to see if that corrects the issue.

    -TP

    That was also my first guess - so on the first client we noticed this problem I did check windows update - the client still had the kb listed as an optional update. - Then I kind of ruled that out to not be the issue.(Ironically I actually did run all the updates afterwards, just to be sure)..
    But hey, now I tested it on my home computer(which had'nt installed the latest rdp version) -  It worked fine before upgrade, but after I'll get the same symptoms( logon attempt failed + EventID: 1024,1105,1026 in TerminalServices-ClientActiveXCore/Microsoft Windows-TerminalServices-RDPClient/Operational:)

    So I think you're right, I will extend my testing tomorrow and post back.

    Thanks for the fast suggestion.

    Monday, October 29, 2012 10:30 PM
  • Try this:

    On your Server 2008 R2 Machine:

    1.  open IIS manager

    2.  Select the default web site

    3.  Select SSL

    4.  Change the setting to ignore client certificates.

    This solves some issues with Windows 8 clients (which have RDP8), so it may fix some of your issues.


    • Marked as answer by retreiver Monday, November 05, 2012 8:30 AM
    Friday, November 02, 2012 3:50 AM
  • Hi there, I am having the same problem - already tried many different hints, nothing works... RDP-GW worked fine for more than 2 years.. Maybe it's a certificate issue, altough my certificates are valid. I had one message in the event log about that, but didn't find anything. With XP connections are possible without any problem.

    Wolfgang


    • Edited by Zeppelzauer Sunday, November 04, 2012 11:10 PM
    Sunday, November 04, 2012 11:08 PM
  • I'm having the same issue.

    RDWeb works fine, but when connecting to the Gateway, I receive "The logon attempt failed."

    I've never been able to connect to Gateway from day one. 

    Anyone have anything for me?

    Thanks.


    Gold is for the mistress -- silver for the maid -- Copper for the craftsman cunning at his trade. "Good!" said the Baron, sitting in his hall, "But Iron -- Cold Iron -- is master of them all."

    Tuesday, May 28, 2013 11:00 PM
  • I'm also having this issue for a 2008 R2 RD Server. It has been working great for maybe 2 years, but now I can't logon remotely, except when I'm on the same subnet. Why is this thread marked as "Solved"? I don't see the solution, nor do I find anybody has gotten the problem solved either.
    Monday, June 10, 2013 8:52 AM
  • We are having same issue, i've read about 20 threads about this topic with no success.

    • Proposed as answer by SpinnZ_AU Thursday, June 27, 2013 12:52 AM
    • Unproposed as answer by SpinnZ_AU Thursday, June 27, 2013 12:52 AM
    Wednesday, June 26, 2013 5:02 PM
  • Guys,

    Thought i would post our fix here considering so many have had the same issue.

    After applying a microsoft template for server hardening. Our clients could no longer RDP to the "hardened" servers.

    The key is the following setting in Group Policy:

    (Server Policy)

    Computer Configuration\Windows settings\Security settings\Local Policies\Security Options\

    Policy: Network Security: LAN Manager authentication level

    Setting: Send NTLMv2 response only. Refuse LM & NTLM

    This setting was changed during the server hardening process, which elevated our authentication level. Which as a result, now requires our clients to authenticate using NTLMv2.

    We then had to change the same policy that was being applied to our workstations who were not able to connect to the servers.

    (Workstation Policy)

    Policy: Network Security: LAN Manager authentication level

    Old Setting: Send LM & NTLM - use NTLMv2 session security if negotiated 

    New Setting: Send NTLMv2 response only. Refuse LM & NTLM (now same as server setting)

    More info the Network Security: LAN Manager authentication level setting

    Hope this helps

    • Proposed as answer by SpinnZ_AU Thursday, June 27, 2013 11:43 PM
    Thursday, June 27, 2013 1:51 AM
  • Hello all,

    Something that worked for me : 

    1. On the RD Session Host server, open Remote Desktop Session Host Configuration. To open Remote Desktop Session Host Configuration, click Start, point to Administrative Tools, point to Remote Desktop Services, and then click Remote Desktop Session Host Configuration.

    2. Under Connections, right-click the name of the connection, and then click Properties.

    3. In the Properties dialog box for the connection, on the General tab, select the server authentication and encryption settings that are appropriate for your environment, based on your security requirements and the level of security that your client computers can support.

    4. In the Properties dialog box for the connection, on the Log on Settings tab, uncheck the box Always prompt for password

    5. Click OK.

    Sunday, September 01, 2013 11:13 PM
  • Hi,

    The solution provided by SpinnZ_AU worked for me. However, I only applied the change on the 2008 server side only.

    The key is the following setting in Group Policy:

    (Server Policy)

    Computer Configuration\Windows settings\Security settings\Local Policies\Security Options\

    Policy: Network Security: LAN Manager authentication level

    Setting: Send NTLMv2 response only. Refuse LM & NTLM

    Thanks much, now rest of the users can login successfully.

    Thursday, January 30, 2014 4:30 AM