9 September 2019 By karan
While working on domain controlled systems, while trying to remote access computers, users reported the following error:
“The remote computer you are trying to connect to requires Network Level Authentication (NLA), but its Windows domain controller cannot be contacted to run NLA. If you are an administrator on the remote computer, you can disable NLA using the options on the Remote tab of the System Properties dialog. "
The error kernel suggests that the domain controller cannot be contacted, so authentication at the network level cannot be performed. The error was also reported when Network Level Authentication was enabled.
Our strategy for addressing this problem would be to completely disable authentication at the network level. While the NLA provides additional security, we may not have a choice here.
Solution 1]: Delete the Default.rdp file
1. Go to My Documents and if you find a file called Default.rdp , just delete it. Try again.
If that doesn't work, remove the machine from the domain and then add it again. Now check if the problem persists.
Solution 2] Disable NLA using Properties
1] Press Win + R to open the Run window and type the command sysdm.cpl. Press Enter to open the System Properties window.
2] In the Remote tab, uncheck the "Only allow connections from computers running Remote Desktop with Network Level Authentication (recommended)."
3] Click To apply and so ok to save the settings.
Solution 3] Disable NLA using Registry
If the above method doesn't work, we can disable NLA from the registry itself.
1] Press Win + R to open the Run window and type the command regedit. Press Enter to open the Registry Editor.
2] Select archive then click Connect the network registry.
Connect to the network device by entering the details. Wait for the network to connect.
3] Go to the following path:
- Terminal server
4] Change the input values SecurityLayer e User authentication to 0.
5] Close Registry Editor.
6] Restart the system.
Solution 4] Disable NLA using Powershell
1] Press Win + R to open the Run window and type the PowerShell command. Press Enter to open the Powershell window.
2] Copy and paste the following command into Powershell:
$TargetMachine = “Target-Machine-Name”
Press Enter and then enter the command below.
(Get-WmiObject -class Win32_TSGeneralSetting -Namespace rootcimv2terminalservices -ComputerName $ComputerName -Filter "TerminalName="RDP-tcp"").SetUserAuthenticationRequired(0)
3] Press Log in to run the command and reboot once done.
I hope this helps!