Issue
- You are trying to log in to a computer via Remote Desktop Protocol (RDP) secured by ESA, but the login fails with the message “Incorrect password or username”, even though you are using proper login credentials
- If ESA RDP protection is uninstalled, RDP logon works
Solution
In order to use Remote Desktop protection, RD Session Host must be configured to use SSL (TLS 1.0) or Negotiate as instructed in the Remote Desktop Protection article.
To modify the settings on Windows Server 2008 or earlier, follow the instructions below:
- Go to the Start menu → Administrative Tools → Remote Desktop Services → Remote Desktop Session Host Configuration.
- In the Connections section, open RDP-Tcp.
- Click the General tab.
- In the Security section, the Security Layer setting must be set to SSL (TLS 1.0) or Negotiate.
To modify the settings on Windows Server 2012, follow the instructions below:
- Open Server Manager.
- Click Remote Desktop Services from the left pane.
- Open the Collections properties.
- In the Security section, the Security Layer setting must be set to SSL (TLS 1.0) or Negotiate.