Issue:
User receives error message 0x607 - An authentication error has occurred,
when attempting to launch a published RemoteApp or Desktop, check the logs on the client PC.
Cause:
In general there is problem with digital certificates you are using in RDS configuration.
Case 1:
This is likely due to the client PC not trusting your certificate. Either procure a certificate from a trusted third-party certificate authority, or the user will need to install and trust the root certificate authority and any intermediate certificate authorities in the certificate chain.
Case 2:![Remote Remote](/uploads/1/1/8/9/118984299/430486689.png)
If the user is unable to contact the certificate revocation list that is listed on the certificate (third-party or internal CA) to verify the revocation status of the certificate, they will receive the 0x607 error. So for example, if the URL of your certificate vendor is being blocked by a corporate web filter, you will have receive this error when launching a RemoteApp.
Certificate name mismatch during external access to RemoteApp or Session Host Desktop via Remote Desktop Gateway and 3rd-party digital certificate:
Ryan's script could be used to change *.extdomain.com to another *.intdomain.com trusted certificate (internal or third-party CA) on Remote Desktop Session Hosts. Another solution is to keep split-brain DNS scenario when design Active Directory/DNS domain name so you can use the same wildcard digital certificate internally and externally.
There is a workaround allowing you to connect to a computer with a vulnerable version of CredSSP. To do this, you need to configure a special Group Policy parameter named Encryption Oracle Remediation on your computer from which you are establishing the Remote Desktop connection. Press Win+R, type gpedit.msc, and press Enter. Jul 12, 2019 The most correct way to solve the problem is to install the latest cumulative Windows security updates on a remote. You can disable NLA (Network Level Authentication) on the RDP server side (as described below); Workaround 2. You can re-configure your desktops by allowing them to. An authentication error has occurred (Code: 0x607) Remote Computer: RDSHost.domain.local. A 0x607 error is caused by using an invalid security certificate for authentication. Certificate validation is picky, for good reason. While the error points to a failed certificate, it doesn’t share any information about which certificate failed or how it failed. ไม่สามารถ remote Desktop ได้ โดยขึ้นว่า This could be due to CredSSP encryption oracle remediation. โดยสามารถแก้ไขได้ด้วยการแก้ไข Gpedit.msc.
User receives error message 0x607 - An authentication error has occurred,
when attempting to launch a published RemoteApp or Desktop, check the logs on the client PC.
In general there is problem with digital certificates you are using in RDS configuration.
Case 1:
Authentication Error Has Occurred Remote Desktop This Could Be Due To Credssp
This is likely due to the client PC not trusting your certificate. Either procure a certificate from a trusted third-party certificate authority, or the user will need to install and trust the root certificate authority and any intermediate certificate authorities in the certificate chain.
Case 2:
![Remote Remote](/uploads/1/1/8/9/118984299/430486689.png)
If the user is unable to contact the certificate revocation list that is listed on the certificate (third-party or internal CA) to verify the revocation status of the certificate, they will receive the 0x607 error. So for example, if the URL of your certificate vendor is being blocked by a corporate web filter, you will have receive this error when launching a RemoteApp.
Authentication Error Has Occurred Remote Desktop Software
Case 3:Certificate name mismatch during external access to RemoteApp or Session Host Desktop via Remote Desktop Gateway and 3rd-party digital certificate:
An Authentication Error Has Occurred Remote Desktop Server 2012
- rdgw.extdomain.com (Public name of RDS Gateway) configured with *.extdomain.com certificate
- rdcb.extdomain.com (Public/Internal name of RDS Connection Broker) configured *.extdomain.com SSO certificate
- rdsh1.intdomain.com (Internal name of RDS Session Host) protected with *.extdomain.com certificate. Here is where error occurs.
- rdsh2.intdomain.com (Internal name of RDS Session Host) protected with *.extdomain.com certificate. Here is where error occurs.
Ryan's script could be used to change *.extdomain.com to another *.intdomain.com trusted certificate (internal or third-party CA) on Remote Desktop Session Hosts. Another solution is to keep split-brain DNS scenario when design Active Directory/DNS domain name so you can use the same wildcard digital certificate internally and externally.