Hi, @Mark Broughton
Thank you for posting in Microsoft Q&A forum.
Have we checked below article to troubleshoot the handshake issue.
If the local security group: ConfigMgr Remote Control Users is empty like the article mentioned, we may need to either add the permitted viewers using GPO or compliance baseline using SCCM.
Here is the article link for your reference:
(Note: This is a third-party link, Just for your reference)
If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.