Problem: When attempting to login to a remote RDS Server you see an error message". "Your computer can’t connect to the remote computer because a security package error occurred in the transport layer"
Systems Affected: Currently this has only been observed on Windows 10 Professional instances of the Remote Desktop Client. However it may apply to Windows 7 Professional also.
Cause: After the recent patch cycle when using the Remote Desktop Connection Client cached usernames and password credentials no longer work and display the above error.
Resolution: Clear the cached credentials and re-enter them. Please follow the Step by step below
- Right click on the Remote Desktop Connection Icon (this is the RDP file you use to connect) and choose the edit option from the context menu
- From the Remote Desktop Connection Dialog Box select the Advanced tab
- On the Advanced tab you will see a area named "Connect from anywhere" click the Settings…button
- You will see a RD Gateway Server Settings Dialog in the Logon Settings area click the "delete" link where it says "You can edit or delete these credentials"
- You need to click "Yes" confirm the deletion when prompted
- Click OK and then click the "Connect" button. You will prompted to re-enter your credentials. Check the "Remember me" checkbox only if the computer login you are using is not shared with other users.
- Continue to log in as normal
Update 31 Jan 2020 - Another Possible Resolution
I had a user complaining of this same error again but the above mentioned resolution failed to fix it.
Problem: "Your computer can’t connect to the remote computer because a security package error occurred in the transport layer"
Cause: The Remote Desktop Client local computer was a member of the same DOMAIN as the remote RDS Server. However the local computer was on the wrong subnet and was picking ups its DNS settings from a legacy Active Directory domain which didn't have a trust relationship with the remote DOMAIN. So when trying to connect to the remote server it was somehow using the local LEGACY domain DNS security settings and getting the above mentioned error message
Resolution: In the Remote Desktop Client change the username field to be fully qualified with DOMAIN\username instead of just username only. This then forces the Terminal Server Client to ignore the incorrect AD settings from the LEGACY DNS server and use the correct settings
this is an all-around valuable resource but most specifically is current to Windows 10 users. in my scenario a win10 notebook had been domain joined to SBS with the requisite updates to WMI and machine types. saved RDP connections work remotely. the latest point version update effectively is a new OS, However, the saved credentials will not work because the client is not yet fully validated as domain joined.
I think as soon as the user takes the computer back to the home domain and runs the connect computer program the computer will be again able to save credentials. the workaround is don't save credentials, or save the RDP gateway credentials only - no password. every time you get the error delete the credentials again if they get stuck.
thanks again for this timely fix.
@Wub: This was an issue I was having with a client, I deleted the credentials, manually entered them, and was able to connect. Thank you!
Thank you for this fix.
Perfect. Thank you for the excellent fix/write up.
Thank you!!!!!!
This is a good work around but not a fix as you still cannot save the credentials. I have tried it with both saving the credentials and not saving them and the only way to connect is by not saving them.
Dear Bill,
I have been looking around for a solution for this as well. But so far no success in fixing this. I have exactly same problem. Did you get any solution for this so far?
Thanks and regards,
ILYAS
I'm having the same issue here. Have you found anything out to fix this?
No, Mike. I am still looking for a solution. If I manage to fix this, I will surely share the fix here for everyone on this page.
Thank you
Thank you!!
This worked for me, thank you.
Thanks James. That did the trick nicely.
Logon Settings area click the “delete” link where it says “You can edit or delete these credentials”
When I go into these settings, the above option does NOT appear for me. Any other suggestions, this is driving me crazy. Please help!
I am having the same problem on Win 7 and I do not save credentials. I have to keep rebooting until I can connect.
Great fix, thanks 🙂
The solution is to change the following four files in a windows 10 operating system with the older versions of these files. Get older versions of these files from a Windows 10 with version not newer then Windows Version 1607.
C:\Windows\System32\mstsc.exe
C:\Windows\System32\mstscax.dll
C:\Windows\SysWOW64\mstsc.exe
C:\Windows\SysWOW64\mstscax.dll
Not sure if this has been resolved or not but the permanent and significantly safer solution to this issue, rather than replacing system files with older files, is to execute the following in an elevated command prompt:
reg.exe Add "HKCU\Software\Microsoft\Terminal Server Client" /V "RDGClientTransport" /T REG_DWORD /D "1"
Or you can edit the registry manually:
HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client
Name: RDGClientTransport
Type: Dword
Data: 1
Note: Backup the registry first.
Thank you!!! You saved my day!!!!
Super... worked for me
Doesn't work no such registry entry.
Worked for me
Turned out to be my ISP parent controls.
Legit fix!
Is there a fix?
We have the same Problem.
The regkey
“HKCU\Software\Microsoft\Terminal Server Client” /V “RDGClientTransport” /T REG_DWORD /D “1”
dosn't help.