Windows 10 Pro Remote Desktop Client Login Fails

Written by James McDonald

May 24, 2017

Problem: When attempting to login to a remote RDS Server you see an error message”. “Your computer can’t connect to the remote computer because a security package error occurred in the transport layer”

Systems Affected: Currently this has only been observed on Windows 10 Professional instances of the Remote Desktop Client. However it may apply to Windows 7 Professional also.

Cause: After the recent patch cycle when using the Remote Desktop Connection Client cached usernames and password credentials no longer work and display the above error.

Resolution: Clear the cached credentials and re-enter them. Please follow the Step by step below

  1. Right click on the Remote Desktop Connection Icon (this is the RDP file you use to connect) and choose the edit option from the context menu
  2. From the Remote Desktop Connection Dialog Box select the Advanced tab
  3. On the Advanced tab you will see a area named “Connect from anywhere” click the Settings…button
  4. You will see a RD Gateway Server Settings Dialog in the Logon Settings area click the “delete” link where it says “You can edit or delete these credentials”
  5. You need to click “Yes” confirm the deletion when prompted
  6. Click OK and then click the “Connect” button. You will prompted to re-enter your credentials. Check the “Remember me” checkbox only if the computer login you are using is not shared with other users.
  7. Continue to log in as normal

Update 31 Jan 2020 – Another Possible Resolution

I had a user complaining of this same error again but the above mentioned resolution failed to fix it.

Problem: “Your computer can’t connect to the remote computer because a security package error occurred in the transport layer”

Cause: The Remote Desktop Client local computer was a member of the same DOMAIN as the remote RDS Server. However the local computer was on the wrong subnet and was picking ups its DNS settings from a legacy Active Directory domain which didn’t have a trust relationship with the remote DOMAIN. So when trying to connect to the remote server it was somehow using the local LEGACY domain DNS security settings and getting the above mentioned error message

Resolution: In the Remote Desktop Client change the username field to be fully qualified with DOMAIN\username instead of just username only. This then forces the Terminal Server Client to ignore the incorrect AD settings from the LEGACY DNS server and use the correct settings

24 Comments

  1. wub

    this is an all-around valuable resource but most specifically is current to Windows 10 users. in my scenario a win10 notebook had been domain joined to SBS with the requisite updates to WMI and machine types. saved RDP connections work remotely. the latest point version update effectively is a new OS, However, the saved credentials will not work because the client is not yet fully validated as domain joined.

    I think as soon as the user takes the computer back to the home domain and runs the connect computer program the computer will be again able to save credentials. the workaround is don’t save credentials, or save the RDP gateway credentials only – no password. every time you get the error delete the credentials again if they get stuck.

    thanks again for this timely fix.

    Reply
    • ryan

      @Wub: This was an issue I was having with a client, I deleted the credentials, manually entered them, and was able to connect. Thank you!

      Reply
  2. Mike

    Thank you for this fix.

    Reply
  3. mook

    Perfect. Thank you for the excellent fix/write up.

    Reply
  4. Andrea

    Thank you!!!!!!

    Reply
  5. Bill

    This is a good work around but not a fix as you still cannot save the credentials. I have tried it with both saving the credentials and not saving them and the only way to connect is by not saving them.

    Reply
    • ILYAS

      Dear Bill,

      I have been looking around for a solution for this as well. But so far no success in fixing this. I have exactly same problem. Did you get any solution for this so far?

      Thanks and regards,
      ILYAS

      Reply
      • Mike

        I’m having the same issue here. Have you found anything out to fix this?

        Reply
        • ILYAS

          No, Mike. I am still looking for a solution. If I manage to fix this, I will surely share the fix here for everyone on this page.

          Reply
  6. ITBros

    Thank you

    Reply
  7. Scott

    Thank you!!

    Reply
  8. Scott

    This worked for me, thank you.

    Reply
  9. Alex Rodrigues

    Thanks James. That did the trick nicely.

    Reply
  10. Amy Highfill

    Logon Settings area click the “delete” link where it says “You can edit or delete these credentials”

    When I go into these settings, the above option does NOT appear for me. Any other suggestions, this is driving me crazy. Please help!

    Reply
    • Cindy

      I am having the same problem on Win 7 and I do not save credentials. I have to keep rebooting until I can connect.

      Reply
  11. dimsim

    Great fix, thanks 🙂

    Reply
  12. ILYAS

    The solution is to change the following four files in a windows 10 operating system with the older versions of these files. Get older versions of these files from a Windows 10 with version not newer then Windows Version 1607.

    C:\Windows\System32\mstsc.exe
    C:\Windows\System32\mstscax.dll
    C:\Windows\SysWOW64\mstsc.exe
    C:\Windows\SysWOW64\mstscax.dll

    Reply
  13. Dwayne

    Not sure if this has been resolved or not but the permanent and significantly safer solution to this issue, rather than replacing system files with older files, is to execute the following in an elevated command prompt:

    reg.exe Add “HKCU\Software\Microsoft\Terminal Server Client” /V “RDGClientTransport” /T REG_DWORD /D “1”

    Or you can edit the registry manually:
    HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client
    Name: RDGClientTransport
    Type: Dword
    Data: 1

    Note: Backup the registry first.

    Reply
  14. Luyao Ren

    Thank you!!! You saved my day!!!!

    Reply
  15. Avinash

    Super… worked for me

    Reply
  16. ColSchmoll

    Doesn’t work no such registry entry.

    Reply
  17. Don

    Worked for me

    Reply
    • Colschmoll

      Turned out to be my ISP parent controls.

      Reply

Submit a Comment

Your email address will not be published. Required fields are marked *

You May Also Like…

How to Research a CPU Upgrade

How to Research a CPU Upgrade

Upgrade Time! Doing a lot of VMWare Workstation virtualization to create labs for self-study and training. Finding...