Remote Desktop – The Local Security Authority cannot be contacted

Remote Desktop (RDP) connection to Windows 7 computer (from Windows 10 RDP client) fails with the following error:

The Local Security Authority cannot be contacted

Remote Desktop Connection
An authentication error has occurred.
The Local Security Authority cannot be contacted.

Remote computer: xx.xx.xx.xx
This could be due to an expired password.
Please update your password if it has expired.
For assistance, contact your administrator or technical support.

This was a slightly unusual setup. The target computer was not in a domain, but the user account used to log in via RDP had exactly the same name as a domain account on the same network. Furthermore, RDP client-side Windows PC used the same saved credentials to connect to the affected Windows 7 PC and some other domain joined PCs via the same public IP address (but different ports remapped to 3389 on a firewall). Obviously, it’s never a good idea to expose remote desktop publicly, in this setup the firewall was doing incoming connection filtering based on clients’ public IP address. The issue only affected the PC that was not in the domain.

I found a couple of ways to resolve the issue:

  • Use a different user account to connect to the non-domain PC. The disadvantage in this particular instance was that you had to manually enter user credentials when connecting to the affected PC (because you cannot have two sets of saved credentials for the same IP / FQDN address in RDP client).
  • Disable Network Level Authentication for the non-domain PC. This reduces RDP security so will not be suitable in all environments.
    Remote Desktop Preferences

January 2019
Windows 7 Pro
Windows 10 Pro

 


Comments

Leave a Reply

Your email address will not be published. Required fields are marked *