2.2.1.2.2 RDP Negotiation Failure (RDP_NEG_FAILURE)
The RDP Negotiation Failure structure is used by a server to inform the client of a failure that has occurred while preparing security for the connection.
|
|
|
|
|
|
|
|
|
|
1 |
|
|
|
|
|
|
|
|
|
2 |
|
|
|
|
|
|
|
|
|
3 |
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
type |
flags |
length |
|||||||||||||||||||||||||||||
|
failureCode |
|||||||||||||||||||||||||||||||
type (1 byte): An 8-bit, unsigned integer that indicates the packet type. This field MUST be set to 0x03 (TYPE_RDP_NEG_FAILURE).
flags (1 byte): An 8-bit, unsigned integer that contains protocol flags. There are currently no defined flags, so the field MUST be set to 0x00.
length (2 bytes): A 16-bit, unsigned integer that specifies the packet size. This field MUST be set to 0x0008 (8 bytes).
failureCode (4 bytes): A 32-bit, unsigned integer that specifies the failure code.
-
Value
Meaning
SSL_REQUIRED_BY_SERVER
0x00000001
The server requires that the client support Enhanced RDP Security (section 5.4) with either TLS 1.0, 1.1 or 1.2 (section 5.4.5.1) or CredSSP (section 5.4.5.2). If only CredSSP was requested then the server only supports TLS.
SSL_NOT_ALLOWED_BY_SERVER
0x00000002
The server is configured to only use Standard RDP Security mechanisms (section 5.3) and does not support any External Security Protocols (section 5.4.5).
SSL_CERT_NOT_ON_SERVER
0x00000003
The server does not possess a valid authentication certificate and cannot initialize the External Security Protocol Provider (section 5.4.5).
INCONSISTENT_FLAGS
0x00000004
The list of requested security protocols is not consistent with the current security protocol in effect. This error is only possible when the Direct Approach (sections 5.4.2.2 and 1.3.1.2) is used and an External Security Protocol (section 5.4.5) is already being used.
HYBRID_REQUIRED_BY_SERVER
0x00000005
The server requires that the client support Enhanced RDP Security (section 5.4) with CredSSP (section 5.4.5.2).
SSL_WITH_USER_AUTH_REQUIRED_BY_SERVER
0x00000006
The server requires that the client support Enhanced RDP Security (section 5.4) with TLS 1.0, 1.1 or 1.2 (section 5.4.5.1) and certificate-based client authentication.<4>