1

I am having intermittent issues with RDP'ing from a Windows 11 Enterprise PC to another Windows 11 Enterpise PC.

Both PC's are domain joined and on the same subnet.

Both PC's have a GPO applied to enforce:

Require use of specific security layer for remote (RDP) connections' is set to 'Enabled: SSL'

Require user authentication for remote connections by using Network Level Authentication' is set to 'Enabled'

Set client connection encryption level' is set to 'Enabled: High Level'

This is the error I get when RDPing. Rebooting the remote PC fixes this sometimes. I do not get this error when RDP'ing from a different Windows 10 Enterprise PC at a different site that is authenticating to a different Domain Controller.

[RDP Error][1]

This is the negotiation captured by wireshark when the failure occurs.

Wireshark Fail

This is the response captured by wireshark when the failure occurs.

Wireshark Fail Response

This is the request captured by wireshark when the connection succeeds.

Wireshark Success

This is the response captured by wireshark when the connection succeeds.

Wireshark Success 2

If anyone could point me in the right direction or what to look at I would really appreciate it.

Riguez
  • 123
  • 1
  • 4

1 Answers1

2

The november security updates introduced bugs in kerberos that may be the reason for this behavior. You should install the out-of-band updates on your DCs that are meant to correct those. I had similar RDP problems that were solved by installing the updates. See https://techcommunity.microsoft.com/t5/ask-the-directory-services-team/november-2022-out-of-band-update-released-take-action/ba-p/3680144

Bernd Schwanenmeister
  • 482
  • 2
  • 5
  • Looks like we are missing that KB. Going to install it and test to see if that is the issue. Thank you – Riguez Dec 08 '22 at 15:11
  • This seems to have fixed my issue along with a couple other problems I was experiencing. Thank you again! – Riguez Dec 09 '22 at 13:06