windows 8.1
Windows Server 2012 R2 Remote Desktop Unaccessible to Users
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Anonymous
Hi everyone.
Right now, I'm having issues with my server, running Windows Server 2012 R2 not allowing users to remote desktop to it. Me as a client will get Error Code 0x4
When looked into the errors in Event Viewer in the server, it always produces ID 36874 and 36888, which related to Schannel/TLS services.
I have tried multiple solutions like restart the server's remote desktop service, add TLS 1.2 to the servers regedit, update my Windows Server OS, change policy group in Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host -> Security, specifically "Require use of specific security layer for remote (RDP) connections" policy.
The previous methods didn't have any luck, but with the last method I manage to log in the server (let's say my username is User A) with RDP as it's Security Layer but other users (ex: User B) require a smart card. Although it seems resolved, I believe this is not an optimal solution.
I wanted to enable the server to allow remote access from any user with privileges (User A & User B) without trying to adjust more in the regedit or the group policy editor further to avoid my server to break because it's a production server, currently going live.
Is there any option I can try to ensure this issue won't happen in near future?
Regards,
Ahmad Dhamiri
Windows for business | Windows Server | User experience | Remote desktop services and terminal services
Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.
2 answers
Sort by: Most helpful
-
Anonymous
2024-10-16T15:57:45+00:00 -
Anonymous
2024-10-08T06:16:30+00:00 Hello,
The issue you're encountering might be due to a TLS version mismatch. Since you have enabled TLS 1.1 and 1.2 on your server, it's important to verify the settings on your client as well.
You can find more information about TLS registry settings here: Transport Layer Security (TLS) registry settings | Microsoft Learn
For details on the protocols supported by TLS/SSL, please refer to Protocols in TLS/SSL (Schannel SSP) - Win32 apps | Microsoft Learn
Please note that TLS 1.3 is supported starting with Windows 11 and Windows Server 2022. Additionally, starting with Windows 11 Insider Preview releases in 2024, TLS versions 1.0 and 1.1 will be disabled by default.
Regarding Event ID 36888, which is related to the smart card issue, you may find useful information here:Credential Security Support Provider - Win32 apps | Microsoft Learn
I hope this information helps.
Best regards,
Karlie Weng