User cannot RDP to Windows server using SAC
Article ID: 247155
Updated On:
Products
Issue/Introduction
Newly provisioned SAC tenant where no Applications were defined and Identity store was a local one.
Created an RDP app with default settings and applied the RDP policy to a few local users defined - confirmed that RDP to the Windows servers worked directly before creating the App
A locally logged in user was able to see the RDP app on Portal. After selecting and adding the username and short term password (shown below), they got an error message popping up that indicated authentication issues.
The forensic logs never indicated the same authentication issues were causing the RDP failure .
“Authentication for username '[email protected]' failed. failed getting active sessions for user: the user was not found”
Created a Web based Application and did not have any issues.
Environment
SAC.
RDP Application.
Cause
Looks like a corruption of the short term passwords.
Resolution
Switched users from short to long term RDP passwords as shown below and all worked fine - issue appears specific to short term passwords.
As soon as we re-enabled short term RDP passwords, all worked fine again. Looks like the operation reset the token database so that all worked well.
Feedback
