has the RDP client changed or been updated? Can you disable the NLA in an RDP file and then try the connection? http://sogeeky.blogspot.com/2007/04/how-to-disable-credentials-prompt-of .html edit the rdp file and add - enablecredsspsupport:i:0 I guess then you know its definitely disabled both ends then... ? ________________________________ From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Steve Snyder Sent: 28 June 2011 09:29 To: thin@xxxxxxxxxxxxx Subject: [THIN] restricted RDP connections I'm baffled by this one two W2K8 TSE servers, both have local policies set to allow 2 connections and also *not* require NLA. One day both servers start prompting for credentials before establishing the connection and I can only make 1 connection to a server; I don't even get the preconnect auth prompt just an immediate "can't connect" error. However, run a RSOP on both boxes and NLA is still disabled and connections are still limited to 2. Searched the registry for UserAuthentication and every value is set to 0, content of LSA\Security Packages is kerberos msv1_0 schannel wdigest tspkg Ideas? ______________________________________ C. Hoare & Co. is authorised and regulated by the Financial Services Authority with registration no. 122093. The FSA’s address is 25, The North Colonnade, Canary Wharf, London E14 5HS. Registered in England no. 240822. Registered office 37 Fleet St, London, EC4P 4DQ Confidentiality Disclaimer: This message and attachments are confidential and may be privileged, and are sent for the personal attention of the addressee(s). If you are not the intended addressee, any use, disclosure or copying of this document is unauthorised. Information transmitted by email may be intercepted, lost, destroyed, corrupted or delayed and as a result, C. Hoare & Co. do not accept responsibility for any errors or omissions in the contents of this message. If you would like to confirm the contents of this email, please request a hard copy version. If the contents of this message are of a personal nature, the email will have been sent in a personal capacity and not on behalf of C. Hoare & Co. Monitoring/Viruses: C. Hoare & Co. may monitor all incoming and outgoing emails in line with current legislation. Although emails are screened for viruses, C. Hoare & Co. cannot guarantee that any transmissions will be virus free. ________________________________________