I'm experiencing inconsistent problems connecting to both Windows 11 workstations and Windows Server 2016 using Remote Desktop (mstsc). Even when I enter the correct password, the connection fails sometimes. For example, I tried connecting from a Windows 11 Pro machine to a Windows Server 2016 instance, and it wouldn't accept the RDP connection. However, I could log in through the VMWare console without any trouble. Sometimes, RDP works later without issues. My network is generally stable and includes an Active Directory (AD) domain that is currently being upgraded from Windows Server 2008 R2 to 2012 R2. Recently, I added two new Windows Server 2019 Domain Controllers, one of which has the FSMO roles transferred to it. This might or might not be related, but I'm mentioning it since it's a recent change. The issues occur on the local area network as well as via VPN. My AD replication appears to be functioning correctly. For example, a user connected via VPN couldn't connect remotely but was able to connect when they came into the office, though it could also work on another occasion. Any tips on where to investigate? Thanks in advance!
3 Answers
Another suggestion is to connect using the Fully Qualified Domain Name (FQDN). Sometimes this can help resolve connection issues, though I understand from your experience it hasn't made a difference.
I faced similar issues before. Try using the IP address of the machine instead of the hostname. When you use the IP, it relies on NTLM for login, while using the name employs Kerberos. If your Domain Controller is older or if you're operating on a deprecated domain/forest level, Kerberos authentication might get rejected. I switched all my connections to IP and it significantly improved things, but it's a complicated situation due to some legacy systems I can't upgrade yet.
Totally! Using the IP worked for me when the hostname, short name, and fully qualified domain name all failed. It’s bizarre how that worked—thank you for the tip!
This sounds like a DNS issue. You might want to check the event logs on your servers, especially on the Domain Controllers and the DHCP server, to see if there are any sync or communication problems.
+1 to that. It definitely could be a DNS mismatch or a communication issue.
Thanks for the input! Unfortunately, using the FQDN didn’t resolve the issue for me either. I did notice I can connect to the Domain Controllers (DCs) without problems, but I still can’t log into member servers with the same credentials. Looks like DNS could be the common factor, as someone else mentioned. (We all know it’s often DNS!)