none
Remote Assistance and Machine Authentication (your remote desktop connection failed becuase the remote computer cannot be authenticated) RRS feed

  • Question

  • Hi,

    i have an issue with being able to securely connect to my users via remote assistance (in the same domain) the issue is that if i require server authentication, or even connect but warn me is set in my GPO (see capture 1)

    then i cannot commence a remote assistance session with a user as i get this(see capture 2)

    i have implemented a CA, and both machines (expert and novice machines) have machine certificates enrolled, issued from the CA (they were in the Remote Desktop branch of the local Cert store to but that made no difference so i have removed them)

    i have also tried importing the expert/novice machines Cert to the personal and Remote Desktop branches of either side of the local Cert Store but this hasn't worked either.

    i have also issued RemoteDesktopComputer Certificates as described in this MS page:

    http://blogs.msdn.com/b/rds/archive/2010/04/09/configuring-remote-desktop-certificates.aspx

    i am referencing my connection using the FQDN of the target machine and i have played with the settings for NLA on both sides, but it doesn't seem to make a difference.

    to clarify this is W7 pro to W7 pro. my certificates are valid on either side.

    i am know at a point where i have run out of threads to read and ideas to try.

    cheers

    Lee

    Wednesday, March 20, 2013 12:16 PM

Answers

  • Hi,

    Thanks for your post.

    Please ensure you clients both trust the CA. In addition, with the certificate template issued to the computer, make sure it contain both client authentication and server authentication. For further support, I would recommend that you repost this issue at Security forum.

    Best Regards,
    Aiden

     


    Aiden Cao
    TechNet Community Support

    Friday, March 22, 2013 2:45 AM
    Moderator

All replies

  • Hi,

    Thanks for your post.

    Please ensure you clients both trust the CA. In addition, with the certificate template issued to the computer, make sure it contain both client authentication and server authentication. For further support, I would recommend that you repost this issue at Security forum.

    Best Regards,
    Aiden

     


    Aiden Cao
    TechNet Community Support

    Friday, March 22, 2013 2:45 AM
    Moderator
  • Hi Aiden,

    they are both in trust with the CA and both certificates have client authentication and server authentication.

    i will post in the Security Forum, thank you.

    regards


    lee

    Monday, March 25, 2013 1:01 PM