- Newest
- Most votes
- Most comments
I'm sure you've moved on from this issue, but I am going to provide a solution for others since I have been messing with this very issue all afternoon while studying for the SAA exam.
Assuming you have RDP inbound on port 3389 allowed in the security group, the problem is with the Network Level Authentication setting on the Windows Server. It is located in Settings - System - Remote Desktop, and then click on advanced settings. To be able to RDP into server from outside the VPC (as in, my house), I had to uncheck the box. Then, I could RDP into the system as the AWS documentation says you should.
Be aware this is not the recommended setting and may make your machine vulnerable, but there was no other way to get the CredSSP error to go away.
To figure this out, I had to create a Linux instance with the MATE GUI in the same VPC just so I could RDP to the Windows instance from the Linux instance using Remmina.
I then took the time to figure out how to do it through Powershell. I installed the Session Manager role and agent on the Windows instance so I could connect to Powershell through the AWS console.
First, get the Windows hostname...
PS c:> $env:computername
Then, set a new env variable for the computer name...
PS c:> $ComputerName = "EC2AMAZ-******" (or whatever the name is)
Finally, enter this command...
PS c:> (Get-WmiObject -class Win32_TSGeneralSetting -Namespace root\cimv2\terminalservices -ComputerName $ComputerName -Filter "TerminalName='RDP-tcp'").SetUserAuthenticationRequired(0)
After all that, you should be able to RDP in. You might reboot the instance to be sure the new policy takes effect.
Relevant content
- Accepted Answerasked 3 years ago
- Accepted Answerasked 4 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 7 months ago
- AWS OFFICIALUpdated 6 months ago
Confirmed that unchecking the "Network Level Authentication" box worked with Server 2019 Datacenter. Much appreciated.