1st August 2021

What is RDP? “The Local Security Authority Cannot Be Contacted” Error And Solution

Remote Desktop Connection (RDP) is among the primary methods we use to access the desktop for managing Windows-based servers. It is generally trouble-free and frequently preferred.

“The Local Security Authority Cannot Be Contacted” Error

When accessing Windows Server 2008, Windows Server 2012 or higher version servers that you have always connected to with a remote desktop connection, you may unexpectedly receive the “The Local Security Authority Cannot Be Contacted” error indicating the “This could be due to an expired password” status. When you get this error, the remote desktop connection attempt ends and you may not be able to access the desktop of the Windows-based server with RDP until you solve the problem.

"The Local Security Authority Cannot Be Contacted" Error
“The Local Security Authority Cannot Be Contacted” Error

 

Solution the “The Local Security Authority Cannot Be Contacted” Error

There are several different causes and solutions for this error. Usually associated with the user account you want to log in to. If you try with a different account at the time of the error, you will be able to log in most of the time. Below are the 3 most common scenarios you may encounter.

LEARN MORE  What is BitLocker? How is it used?

1. The password of the user account you want to login to the remote desktop may have expired. For a solution, you can log on to the server locally by logging on to the related server with a different and authorized user. If this is an AD account, you can change the password directly from the DC. You will then be able to log in.

2. The password of the user account you want to log in to a remote desktop with may be marked to be changed on the first login attempt(User must change password at next logon). For the solution, the solution in the scenario is exactly valid. You can log on to the remote desktop after changing the password by logging into the server locally or by any other suitable method.

User must change password at next logon
User must change password at next logon

 

3. The user account you want to log in to the remote desktop with belongs to a domain. It is associated with a server (computer account) from the “Log On To” section and “Network Level Authentication” may be active on that server.

This may be as follows;

  • If the server you want to login to is running Windows Server 2008 or higher and “Remote Desktop with Network Level Authentication” is active. As of certain Windows versions, this setting is also active by default when activating the remote desktop connection.

Allow connections only from computers running Remote Desktop with Network Level Authentication (recommended)

  • The account you want to log into is an Active Directory user account, its password is valid and does not need to be changed.
  • The Active Directory user account you want to log on to is mapped with “Log On To” to the server account you want to log on to. We usually use this setting to limit when we want a specific account to log on to specific servers/computers.
LEARN MORE  Windows Server 2019 RDS Installation And License Configuration
Active Directory - Log On To
Active Directory – Log On To

 

As a solution, if you get the “The Local Security Authority Cannot Be Contacted” error, which indicates the “This could be due to an expired password” status and is shown in the same way, because the conditions in scenario 3 are met, you can find the following solutions.

  • You can remove the “Log On To” mapping between the Active Directory user account and the Windows server. The connection will then be established.
  • You can try logging in with a user account that you think is not affected by the “Log On To” match.
  • You can disable the “Remote Desktop with Network Level Authentication” setting on Windows where you are trying to make a remote desktop connection.

 

Leave a Reply

Your email address will not be published. Required fields are marked *