Hello
About the difference between "IP1\USER1" and "SERVER1\USER1" :
In Remote Desktop Protocol (RDP) connections, the main difference between using "IP1\USER1" and "SERVER1\USER1" is the method and path of authentication. When using an IP address and a user name (such as "IP1\USER1"), the system may not be able to authenticate directly through the domain environment because the IP address itself does not contain domain information. With the server name and user name (such as "SERVER1\USER1"), the system can find the corresponding server through DNS or NetBIOS name resolution, and then authenticate through the domain environment, because the server name is usually associated with the domain.
Why does NLA allow "SERVER1\USER1" but not "IP1\USER1" :
NLA (Network Layer Authentication) is a mechanism for authenticating a user's identity before an RDP connection is established. It requires the user to provide credentials and authenticate before the connection is actually established. In a domain environment, the NLA may be configured to require authentication through the domain environment. Because "SERVER1\USER1" contains the server name, which is associated with the domain, NLA is able to identify and verify the user's identity. "IP1\USER1", on the other hand, contains only the IP address and user name, without explicit domain information, which may cause the NLA to fail to verify the user's identity properly and thus deny the connection.
In summary, when using "SERVER1\USER1" for RDP connections, it is easier to meet the authentication requirements of the NLA because it contains the server name and domain information. When "IP1\USER1" is used, the authentication requirements of NLA may not be met due to the lack of clear domain information, resulting in a connection failure. When making RDP connections in a domain environment, it is recommended to use the "server name \ user name" format to ensure that the correct authentication path is used.