Can't access RDP session via RDM except on PC credentials were updated on
Can't access RDP session via RDM except on PC credentials were updated on
Hello all!
I have an issue with RDM 11.0.12.0 (was running 11.0.3.0 I believe, upgraded to see if issue was resolved).
A few days ago credentials for a group of our sessions were expiring, so I updated the credentials on the servers, and updated the record in RDM. On the PC that I used originally to edit the credentials, I have no problem establishing the connection to the servers.
However, on other PC's that used to work with no problem connecting to those servers, I now get an authentication error: "An authentication error has occurred (Code: 0x80004005)". I have tried troubleshooting, and my findings are more and more confusing:
1. If I disable the requirement for NLA on the server I am trying to RDP into, I can connect via RDM with no issue. I have reenabled it however for security reasons.
2. If I connect via RDP (not through RDM) - the connection works with no issue.
3. Since RDP without RDM works, I tried using the Open in External option in RDM, but have the same issue.
4. After open external in RDM, opening RDP shows that it wants to connect using Cached credentials - this fails with the same error unless I delete the creds.
5. I have also verified that the credentials are the updated credentials in my local db in RDM, not the old credentials.
6. I have also gone to the credential manager in windows on the computers that have the issues, and ensured that there are no credentials for the servers that are erroring.
This happens on any computer that is running RDM besides the one computer the credential was updated on. The credential entry is just a regular Windows credential, not even stored in the Credential Manager.
All Comments (14)
Hello,
Could you try to copy the credentials to the clipboard to see if you get the right one? Perhaps you have a local or user override or an inherited value.
David Hervieux
That was actually the method I used for #5 above (verifying the creds in local DB were correct). Thats also the way I copy the password when attempting to connect via RDP in a separate window (copy PW/paste into cred prompt).
Just to be sure you've tried in external and embedded mode?
David Hervieux
Yep! As per #3 above, I usually open in Embedded mode. But when that was failing, but opening manually in RDP worked, I then tried opening External - which also doesn't work. Not only that, but after attempting to open in External, when I go back to the RDP client, I can't connect in there until I delete the saved credentials via the delete link in RDP, and then reenter the credentials after. At this point RDP will work until I attempt to reopen externally from RDM again, at this point the saved credentials appear to change again, and I have to delete them.
The weird thing is, the credentials I use are the same ones that RDM SHOULD be using: I copy/paste the username and password from the session entry via right-click, copy username/password into the RDP window.
I have no explanation. Could you make sure to click on the NLA in RDM and retry
First topic:
http://help.remotedesktopmanager.com/troubleshooting_automaticlogon.htm?zoom_highlightsub=nla
David Hervieux
Could you try to create a new entry and re-enter the credentials?
David Hervieux
Could you also go in Help->Profiler and select the Debug tab. Try to open the connection and check the error log you get
David Hervieux
Sorry that the previous reply came in as Guest - I think i waited so long after logging in to finally hit reply that the user session was lost.
The new entry didn't work - same issue.
The Help>Profiler>Debug only shows this:
[[[Opening in Console / Admin mode]]]
I don't get any further error/info from the connection.
However, I'd like to add that I went and checked the Windows Event log. The only place I find errors that appear to be linked to this is Microsoft>Windows>TerminalServices-ClientActiveXCore:
My connection attempts generate several logs (I = Information, W = Warning):
1- I-RDP ClientActiveX is trying to connect to the server (.....)
2- I-Server supports SSL = supported
3- I-Base64(SHA256(UserName)) is = .....
4- W-RDPClient_SSL: An error was encountered when transitioning from TsSslStateHandshakeInProgress to TsSslStateDisconnecting in response to TsSslEventHandshakeContinueFailed (error code 0x80004005).
5- I-The multi-transport connection has been disconnected.
6- I-RDP ClientActiveX has been disconnected (Reason= 519)
7- I-The multi-transport connection has been disconnected.
8- W-RDPClient_TCP: An error was encountered when transitioning from TcpStateExpectingX244CC to TcpStateFailure in response to TcpEventErrorProcessingX224CC (error code 0x80004005).
9- I-RDP ClientActiveX has been disconnected (Reason= 519)
The above logs are all from the same attempt - UN/server obfuscated
From the error you gave me we could check something related to UDP:
Could you try to disable it?
http://help.remotedesktopmanager.com/tools_localrdpremoteappconsole.htm?zoom_highlightsub=disable%2Budp
David Hervieux
Still no dice. Same error code as before when connecting.
Honnesly I really don't know. Could you try RDCMan with the same connection settings? I want to verify if it's related to the activeX
David Hervieux
OK - so, I actually just was able to resolve it. I am more perplexed NOW than I was before though. When I changed the PW, all I changed was the PW in the credential entry, and that was it. At that point, it still worked on the PC it was changed on, but all others not.
Now, the credential entry didn't have a domain specified, because the same UN\PW were used on a couple servers, that weren't actually on a domain (another issue). This was never a problem before the credential change - but apparently is now??
When I created the connection in RDCMan, it had a spot for domain, that was prefilled in with the one my local PC runs on. I removed it, and attempted connecting - same issue. I then went back on a whim and retyped my local PC domain in the box (I can GUARANTEE that the servers are not on a domain, and the PC names are not the domain name either), and now the connection works.
Sure enough, I go back to RDM, and put in a domain into the credential entry, and now it works locally, and the other PC (I made sure to refresh the data source to be sure).
So - I still don't know why the lack of domain name only became a problem AFTER the credential change, but it appears to be working now!
Sorry for the difficulty in resolving this, I hope this helps other customers who end up having the issue resolve their problem.
Thank you James for the details. Honestly I'm glad you've found something because I was out of idea and a remote support would not have helped.
Regards
David Hervieux
No problem. I'm still confused as to why it was only an issue on other machines, and only after the change, but at this point, I'll take the win!
Have a great holiday!