While working on domain-controlled systems, upon trying to remotely access computers, users have reported the following error:
“The remote computer that you are trying to connect to requires network level authentication (NLA), but your windows domain controller cannot be contacted to perform NLA. If you are an administrator on the remote computer, you can disable NLA by using the options on the remote tab of the System Properties dialog box.”
Cause
The crux of the error suggests that the domain controller cannot be contacted, thus network level authentication cannot be performed. The error has been reported even when Network Level Authentication was enabled.
Our strategy towards dealing with the issue would be to totally disable Network Level Authentication. While the NLA provides extra security, we perhaps have no choice here.
Solution 1] – Delete Default.rdp file
1. Go to My documents and if you find a file named Default.rdp , just delete it. Try again.
If it does not work , Remove the machine from the domain then add it again. Now, check if the problem persists.
Solution 2] Disable NLA using Properties
1] Press Win + R to open the Run window and type the command sysdm.cpl. Press Enter to open the System Properties window.
2] In the Remote tab, uncheck the option for “Allow connections only from computers running Remote Desktop with Network Level Authentication (recommended).”
3] Click on Apply and then OK to save the settings.
Solution 3] Disable NLA using Registry
If the above method does not work, we can disable NLA from the Registry itself.
1] Press Win + R to open the Run window and type the command regedit. Press Enter to open the Registry Editor.
2] Select File and then click on Connect Network Registry.
Connect to the network Device by entering details.Wait till the network connects.
3] Navigate to the following path:
- HKLM
- SYSTEM
- CurrentControlSet
- Control
- Terminal Server
- WinStations
- RDP-Tcp
4] Change the values of the entries SecurityLayer and UserAuthentication to 0.
5] Close the Registry Editor.
6] Restart the system.
Solution 4 – Disable and Enable Network adapter
1 – Search View Network connections from windows search and click on it.
2 – Now,right click on your network adapter and then disable it .
3 – After it gets disabled , again enable it.
Solution 5] Disable NLA using Powershell
1] Press Win + R to open the Run window and type the command PowerShell. Press Enter to open the Powershell window.
2] Copy-paste the following command in Powershell:
$TargetMachine = “Target-Machine-Name”
Hit Enter and then enter command below.
(Get-WmiObject -class Win32_TSGeneralSetting -Namespace root\cimv2\terminalservices -ComputerName $ComputerName -Filter "TerminalName='RDP-tcp'").SetUserAuthenticationRequired(0)
3] Press Enter to execute the command and restart the system once done.
Solution 6] Connect using Domain/user format
1 – Click on Show options in RDP client
2 – Use DOMAIN\user username format to connect in username field.
Solution 7] Using commands
1 – Search cmd in Search box and then click on command prompt from the
2 – Now, run the commands given below one by one.
netsh int ip set DNS
then run the command given below in cmd window.
netsh winsock reset
Now, close the cmd window and try again
me was to modify the RDP client by clicking Show Options (to the left of the Connect button) then on the General tab adding the domain username I wanted to connect as. The username format I used was DOMAIN\use
Hope it helps!
Disabling it from the registry resolve the issue instantly for me.
I changed the Netlogon Service from manual to automatic and started it, once that was done was able to rdp into the server without that error message.
Absolutely useless “solutions”. None of these fix the problem. Disabling security does not fix a security related problem any more than removing the lock on your front door because the key doesn’t work all the time.
One of our users that use rdp to monitor some machines have had this error today.
Tried disconnecting from the domain and the re-connecting. no difference.
I could have took the easy way and disabling NLA but this isn’t a fix.
What did work is disabling the wifi adapter the re-enabling.
What fixed it for me was to modify the RDP client by clicking Show Options (to the left of the Connect button) then on the General tab adding the domain username I wanted to connect as. The username format I used was DOMAIN\user. This allowed me to continue using NLM which was my preferred option.
@michael rife, so you are seeing this issue too and turning off and on nla fixes it as a temp. my question is do the workstations you are trying to rdp to, are they ok on the domain and can see the DC? are you sure there is no issue with the actual DC itself. This is such a cryptic odd error message. I agree that turning it on and off etc fixes it, any chance a recent windows 10 update has messed something up on the workstation you are trying to rdp into?
Problem not solved, it’s just a cheap insecure band-aid. Try again.
I am battling this problem on numerous domain computers. So far I have not found a solution but have found that if you disable and then re-enable the requirement that it temporarily solves the problem. Unfortunately days or weeks later the problem resumes.
Looks like it’s solved to me. The goal is to get the user connected to the network and shutting off the pc’s NLA requirement accomplished that goal. Remember the error is “The remote “computer” that you are trying to connect to requires network level authentication”. It doesn’t say the remote network requires it.
You’ve just turned it off rather then solve the issue.
ditto to Lucas
Solved? You call this “solve” the problem? You are just avoiding it…