Skip navigation.

Blog

Solved: Terminal Services "Logon Attempt Failed" with RDP 8.0

The logon attempt failedFinally a resolution to an issue which has been ongoing since KB2592687 (RDP 8.0) was released late last year.

Users of Windows 7 with the RDP 8.0 update installed, and Windows 8 (which only has RDP 8.0 available) could not connect to Windows Server 2008 via TS Gateway. Whenever they tried to login they always got the message back The logon attempt failed.

In addition, once an RDP 8.0 client had tried to login, all subsequent logins via TS Gateway (regardless of RDP version) failed until iisreset was run on the server, with Windows XP clients just returning to the login screen without an error message. All valid logins via direct RDP (without using TS Gateway) connect successfully.

The reason for the problem is related to the NTLMv2 interaction between the RDP 8.0 client and IIS, and the solution turns out is very simple (and goes against the suggestions of various forum posts out there)...

Solution: Turn off Windows Authentication on the Default Web Site.

IIS Default Website - Authentication IIS Authentication - Just Anonymous

You may also need to check your Network security: LAN Manager authentication level setting in the Security Policy for the machine as the issue appears to start occuring if this has been changed to something other than the default (Send NTLMv2 response only) although reversing that change doesn't then solve the problem so there are presumably other NTLM policy settings involved as well.

The Rpc and RpcWithCert applications have their own settings so should not be affected by changing the Authentication settings for Default Web Site.

There may be the odd occasion where this solution cannot be implemented due to the Default Web Site being used for other purposes that do require Windows Authentication to be Enabled.

Thanks to MS Support for eventually coming up with a solution to this one; I'm sure they are as happy as we are to have this case solved after all the months of working on it.

By on July 24, 2013 | Permalink | Comment


Reader Comments

Skip to form

July 24, 2013, Theo Gray says:

If you are using HTTP Redirection, another possibility may be this one on the RDS Blog.

October 16, 2013, Plugdin says:

You are as the kids ay "Da Bomb" This has been doing my nut in for days!

October 21, 2013, Imran says:

The solution on the RDS blog mentioned by Theo worked for me. I too changed the redirect, which then gave the "Logon attempt failed" error. Changing the redirect to "Only redirect requests to content in this directory (not subdirectories)" worked for me.

October 28, 2013, Shan says:

The solution mentioned by Theo fixed my RDWeb issues. We had the problem with all our Windows 7 Desktops with RDP8.0 installed. This issue became a showstopper for our RemoteAccess web portal moving to production. Thank you very much!

March 27, 2014, Naresh Negi says:

Hey Theo,

Is it the same case on which we worked?


Regards,

Naresh Negi

May 13, 2015, Billy Lucas says:

I had the issue of connecting to a remoteapp, and the "enter your credentials" pop-up constantly popped up and would not let me pass. I disabled HTTP redirect on the default site and presto!


Comment on This Article:

Your Name:
Your Email Address:
 

Your Email Address will not be made public,
but the MD5 hash of it will be used to display your Gravatar.
Comment:
All HTML, except <i>, <b>, <u> will require your comment to be moderated before it is publicly displayed.
 
If you would like your own avatar displayed, read about comment avatars.