Pages

Monday, March 21, 2022

Attempting to log onto a domain controller via RDP fails with the message: "An authentication error has occurred. The specified network password is not correct."

Problem

You attempt to use Remote Desktop to log into a domain controller but the attempt fails with the following message:

An authentication error has occurred.
The specified network password is not correct.

image

Attempting to log in via the console is not an option.

Solution

The workaround to successfully RDP to this domain controller is to disable the Allow connections only form computers running Remote Desktop with Network Level Authentication (recommended) in the RDP settings:

imageimage

If console access is available, try to log in via direct console access and disable the configuration. For situations where the domain controller is hosted in cloud providers such as Azure, console access will not an option. In scenarios where console access is not available, one of the potential workarounds is to use the Registry Editor to remotely connect to the domain controller and disable this setting via the registry.

Launch the Registry Editor, select the File tab and choose Connect Network Registry:

image

Enter the remote domain controller’s name:

image

The connection should succeed:

image

Navigate to the following registry path:

dc2\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp

Locate the REG_DWORD named UserAuthentication and change the value from 1 (enabled) to 0 (disabled):

imageimageimage

Changing this registry key should now have the NLA configuration disabled as such:

image

You should now be able to log into the domain controller:

image

Proceed to review the event logs of the domain controller and correct any health issues.

No comments: