You run Windows Server 2012 RDS and have decent password policies in place, yet some users haven’t changed their passwords until it’s expired. Now, they are reporting this error when they attempt to connect to your Terminal Server:
An authentication error has occurred. The Local Security Authority cannot be contacted. Remote Computer:
Disable the NLA Requirement on your RDS Server!
- Navigate to your Session Collection’s Properties in Server Manager: Remote Desktop Services > Collections > ‘SessionCollection‘ > Tasks > Edit Properties.
- Expand the Security settings and remove the check from the box that requires NLA. Click OK.
- Verify that the change worked!
With NLA Required, RDS logs the same Event as when the wrong password is used.
EventViewer Log: Application and Services LogsMicrosoftWindowsRemoteDesktopServices-RdpCoreTSOperational
Event Source: RemoteDesktopServices-RdpCoreTS
Event Text: A connection from the client computer with an IP address of x.x.x.x failed because the user name or password is not correct.