Cannot connect to Guest OS after RC0 to RC1 update
-
Wednesday, May 21, 2008 11:43 AMI cannot connect to Guest OS after RC0 to RC1 update.
When i hit connect button it says connecting for a while and gives me an error:
Virtual Machine Connection:
A connection will not be made because credentials may not be sent to the remote computer. For assistance, contact your system administrator.
Would you like to try connecting again?
[connect] [exit]
Whats the problem and how to correct it? Any ideas. Guest OS is running fine.
Thanks for advance
Answers
-
Wednesday, May 21, 2008 5:56 PM
Looks like your Credssp configuration is messed up. There are two ways to fix it:
Option 1:
======
Put the following in a .reg file and add it to the registry:
Code Snippet[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowDefaultCredentials]
"Hyper-V"="Microsoft Virtual Console Service/*"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowDefaultCredentialsDomain]
"Hyper-V"="Microsoft Virtual Console Service/*"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowFreshCredentials]
"Hyper-V"="Microsoft Virtual Console Service/*"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowFreshCredentialsDomain]
"Hyper-V"="Microsoft Virtual Console Service/*"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowFreshCredentialsWhenNTLMOnly]
"Hyper-V"="Microsoft Virtual Console Service/*"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowFreshCredentialsWhenNTLMOnlyDomain]
"Hyper-V"="Microsoft Virtual Console Service/*"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowSavedCredentials]
"Hyper-V"="Microsoft Virtual Console Service/*"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowSavedCredentialsDomain]
"Hyper-V"="Microsoft Virtual Console Service/*"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowSavedCredentialsWhenNTLMOnly]
"Hyper-V"="Microsoft Virtual Console Service/*"Option 2:
=======
1. Gpedit.msc2. Computer configuration->Admin Templates-> System->Credentials Delegation
3. Enable allow delegating default credentials
4. Check concatenate os defaults.
5. Add the list of servers where credentials need to be delegated. Wild cards are supported (Ex: * indicates delegation to all targets)
6. Gpedit /force
In case of NTLM auth, you need to enable "Allow default credentials with NTLM only server auth" setting.
Note though that this is not equivalent, this allows remoting credentials using any SPN to any machine, not just the "Microsoft Virtual Console Service".
All Replies
-
Wednesday, May 21, 2008 2:53 PMModerator
Are you connecting from a remote machine? A Vista PC maybe?
If so, have you updated the remote management components as well as your Host?
The other option is to use RDP within your guest.
-
Wednesday, May 21, 2008 5:56 PM
Looks like your Credssp configuration is messed up. There are two ways to fix it:
Option 1:
======
Put the following in a .reg file and add it to the registry:
Code Snippet[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowDefaultCredentials]
"Hyper-V"="Microsoft Virtual Console Service/*"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowDefaultCredentialsDomain]
"Hyper-V"="Microsoft Virtual Console Service/*"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowFreshCredentials]
"Hyper-V"="Microsoft Virtual Console Service/*"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowFreshCredentialsDomain]
"Hyper-V"="Microsoft Virtual Console Service/*"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowFreshCredentialsWhenNTLMOnly]
"Hyper-V"="Microsoft Virtual Console Service/*"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowFreshCredentialsWhenNTLMOnlyDomain]
"Hyper-V"="Microsoft Virtual Console Service/*"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowSavedCredentials]
"Hyper-V"="Microsoft Virtual Console Service/*"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowSavedCredentialsDomain]
"Hyper-V"="Microsoft Virtual Console Service/*"[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowSavedCredentialsWhenNTLMOnly]
"Hyper-V"="Microsoft Virtual Console Service/*"Option 2:
=======
1. Gpedit.msc2. Computer configuration->Admin Templates-> System->Credentials Delegation
3. Enable allow delegating default credentials
4. Check concatenate os defaults.
5. Add the list of servers where credentials need to be delegated. Wild cards are supported (Ex: * indicates delegation to all targets)
6. Gpedit /force
In case of NTLM auth, you need to enable "Allow default credentials with NTLM only server auth" setting.
Note though that this is not equivalent, this allows remoting credentials using any SPN to any machine, not just the "Microsoft Virtual Console Service".
-
Thursday, May 22, 2008 4:29 AMThanks for help. It was Credssp and registry editing fixed it.
