Unable to RDP Windows 2019/2022 servers from within PAM
Article ID: 189457
Updated On:
Products
Issue/Introduction
When trying to RDP the Windows 2019/2022 devices using the PAM RDP applet, the following error message occurs:
"An error occurred in NTLM handshake"
Environment
Privileged Access Manager, all versions
Cause
The most common cause for this issue is related to the following GPO policy settings.
- Encryption Oracle Remediation: Enabled.
- Protection Level: Force Updated Clients.
When the GPO is set to those values, the built-in RDP client will not be at a new enough version whenever Microsoft releases a new RDP client and the server will stop allowing it to connect.
Resolution
The recommendation is to use the following GPO settings in order for the PAM RDP applet to work.
- Encryption Oracle Remediation: Enabled.
- Protection Level: Mitigated.
If the security policy can only be set to "Protection Level: Force Updated Clients," then the built-in RDP applet cannot be used for these servers. Instead, please configure a TCP/UDP service to launch mstsc.exe locally on the workstation.
If the RDP (Mstsc.exe) has not been patched on the remote workstation that the PAM Client is executing on, the same errors will occur because the RDP client is not at the latest version.
Feedback
