Share via

NTLM authentication failed because the account was a member of the Protected User group

Chris 1 Reputation point
2022-04-26T17:29:51.037+00:00

Hello all,

I'm setting up a new VPN in Azure that is connecting to a on-premise lab environment that is planned to replace the old VPN connection. While connected to the new IP range on the new VPN we are receiving this error while RDPing using elevated accounts that are part of the Protected Users group:

NTLM authentication failed because the account was a member of the Protected User group.
Event 100
Error Code: 0xC000006E

Noticed some alerts about certificates as well. NTLM and Kerberos aren't my specialty, so was looking for some help with this, is there somewhere we need to whitelist the new VPN IP range for NTLM / Kerberos to work correctly?

RDP works fine without error on the current VPN, but not the new one we are trying to implement.

Windows for business | Windows Client for IT Pros | Directory services | Active Directory
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2022-04-26T17:51:26.04+00:00
    1 person found this answer helpful.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.