RDP Client(s) Not Authenticating to RD Gateway 2012

Issue:

Unable to connect to RD Gateway , connecting to Desktop or RemoteApp in Remote Desktop Services Infrastructure

RDS2.PNG

Reviewing Event Viewer – Microsoft-Windows-TerminalServices-Gateway/Operational

Incoming connection requests, indicated by event ID’s 312, but the connection does not authenticate successfully

RDS3.PNG

Reviewing the LAN Manager Authentication Level you’ll see the “Send LM & NTLM – use NTLMv2 session Security if negotiated” will be set.

RDS1.PNG

This is not the default setting by may have been set on clients to improve/resolve legacy compatibility problems.

Resolution

Option 1:

Adjust the NTLM Manager setting on the client to be “Clients use only NTLMv2 authentication” – Any of these options will resolve the issue as client will be using NTLMv2 only which is required by default on RD Gateway

RDS4.PNG

Option 2:

If your unable to change the client NTLM settings as per option 1. Add the following registry keys on the RD Gateway Server

HKLM\Software\Microsoft\WindowsNT\CurrentVersion\TerminalServerGateway\Config\Core
Type: REG_DWORD
Name: EnforceChannelBinding 
VALUE: 0 (Decimal)

This only applies when a reboot has been completed on the Server.

This will force the RD Gateway to recieve and process NTLMv1 requests.

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s