Monthly Archives: May 2017

Remotely disable Network Level Authentication (NLA)

If you try to RDP to a machine, but can’t because you receive the error below, you can use PSExec to remotely disable the requirement for NLA.

“The remote computer that you are trying to connect to requires Network Level Authentication (NLA), but your Windows domain controller cannot be contacted to perform NLA.  If you are an administrator on the remote computer, you can disable NLA by using the options on the Remote tab of the System Properties dialog box.”

Download PSExec from TechNet.  Run the code below updating the following values.

\\VMNAME – The name of the machine on which you want to disable NLA

VMNAME\ADMIN_ACCOUNT – The username of a local administrator on the machine on which you want to disable NLA, e.g. pc1\admin

psexec \\VMNAME -u VMNAME\ADMIN_ACCOUNT -p PASSWORD reg add “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp” /f /v SecurityLayer /t REG_DWORD /d 0

 

 

 

Advertisements

DPM services fail to start following an upgrade to Windows Server 2016

I had SCDPM 2012 R2 running on Windows Server 2012 R2 with SQL Server 2012.  I followed the instructions here to upgrade to SCDPM 2016 UR 2 running on Windows Server 2016 with SQL Server 2016.

Everything was working fine until the final step to upgrade from Windows Server 2012 R2 to Windows Server 2016.  Following this the DPM services failed to start and the Event Log was full of errors like the below:

System.Exception: -2147023107

ATL Failure in Initializing Security of msdpm

Microsoft.Internal.EnterpriseStorage.Dls.Utils.DlsException: exception —> System.Runtime.InteropServices.COMException: Server execution failed (Exception from HRESULT: 0x80080005 (CO_E_SERVER_EXEC_FAILURE))

The resolution was to change the Netlogon service from Manual to Automatic.  Following this change and a reboot everything started working again.