Windows Server 2008 R2 NLA stops after restart/update

Recently I have upgraded a server to Windows Server 2008 R2 and have done updates over the past day, initially I had RDP setup to use NLA enforced and all worked fine.  It appeared after SP1 another update round went through, machine restarted and now on my remote pc (Windows 8.1) I get the message that the remote machine's identity could not be verified.  Do you want to connect anyways?  I select yes, but get denied (due to NLA being on enforced on remote machine), as of now the only way I can connect is by having NLA set to not enforced on my remote machine.  This seems to be solely isolated with Windows Server 2008 R2 SP1 updates, as this is the second install where this has occured.  Please note:  my client pc DOES support NLA, this is not a signed certificate error (certificate used to show up upon connection, no longer does).

Attached image of error:

http://cobaltsoftware.cf/img/no_connect.png

July 3rd, 2015 7:20pm

Hi,

Thanks for your post.

If we try disabling NLA on both the Remote Desktop [RDC] host machine and client, does it work, right?

Similar thread has been discussed, you could use it as a reference.

https://social.technet.microsoft.com/Forums/en-US/bb527fb4-fa41-48c7-8e64-4e58eef79c88/network-level-authentication-broken?forum=winserverTS

Regards.

Free Windows Admin Tool Kit Click here and download it now
July 7th, 2015 2:20am

yes it works fine with NLA disabled, but I want the added security benefits of NLA.  It appears to be with a recent update on the machine.

update: I'm having troubles finding where to install a certificate or to even make a self signed one, google isnt helping.  I may just stick with teamviewer, not sure why Windows isn't cooperating.

July 10th, 2015 5:41pm

yes it works fine with NLA disabled, but I want the added security benefits of NLA.  It appears to be with a recent update on the machine.

update: I'm having troubles finding where to install a certificate or to even make a self signed one, google isnt helping.  I may just stick with teamviewer, not sure why Windows isn't cooperating.

  • Edited by Zack Hable Friday, July 10, 2015 10:06 PM
Free Windows Admin Tool Kit Click here and download it now
July 10th, 2015 9:35pm

Hi,

Sorry for the delay reply.

If the issue occured after some updates installed, did you have try to uninstall the update and check the result?

For the RDS related issue, i would suggest you could ask in RDS forum for technical support:

https://social.technet.microsoft.com/Forums/windowsserver/en-US/home?forum=winserverTS

Certificate related issue, you could ask in security forums:

https://social.technet.microsoft.com/Forums/windowsserver/en-US/home?forum=winserversecurity

Thanks for your support.

Regards.

July 14th, 2015 10:14pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics