Remote Desktop – The Local Security Authority cannot be contacted

On trying to make a Remote Desktop connection from a Windows 7 PC to another Windows 7 PC I received the following error:

Remote Desktop Connection
An authentication error has occurred.
The Local Security Authority cannot be contacted
Remote computer: <computername>

Additionally, the following error was logged in the System event log:

Log Name:      System
Source:        TermDD
Event ID:      56
Level:         Error
Description: The Terminal Server security layer detected an error
in the protocol stream and has disconnected the client.
Client IP: aaa.bbb.ccc.ddd.

Clicking the Details tab, you can see the following:

Binary data:
In Words
0000: 00040000 002C0002 00000000 C00A0038
0008: 00000000 C00A0038 00000000 00000000
0010: 00000000 00000000 C0000070

The last word in my case is C0000070. This is the error code in hexadecimal. Using the err.exe error code lookup tool (which despite what the download page says, is not just for Exchange) gave me the following information:

# for hex 0xc0000070 / decimal -1073741712 :
   STATUS_INVALID_WORKSTATION                        ntstatus.h
# The user account is restricted such that it may not be used
# to log on from the source workstation.
# 1 matches found for "C0000070"

Which is both helpful and interesting, and enabled me to solve the problem. The PC I was trying to make the RDP connection to was running some “server” software that ran as a desktop application, not as a service. Thus the PC had to be permanently logged on with a particular account. In order to stop this account from being used to log on to other PCs I had configured it’s properties in Active Directory such that it was only allowed to log on to one computer name. It seems as though this also blocks you from being able to make Remote Desktop connections using that account from other PCs – even if you’re trying to connect to the allowed PC. So I had to take the restriction off the user account, once that was done Remote Desktop worked normally.

This entry was posted in Remote Desktop, Windows and tagged , , , , , , , , . Bookmark the permalink.

13 Responses to Remote Desktop – The Local Security Authority cannot be contacted

  1. rcmtech says:

    It’s interesting how this post has been read quite a few times and has somehow racked up two votes of one star… Not that I care particularly, but I wonder why? I’ve taken the information I found when fixing the problem myself and re-hashed it into a more easily/logically/clearly explained format. This is an explanatory “teach a man to fish” article, it shows you how to diagnose why YOU are getting the error message – there are clearly many different situations that can cause this problem, and I’d not found anyone else who was getting it for the reason I was when I wrote this article.
    If you know HOW to get the underlying error then you’re one step closer to eliminating the problem (or in my case, there was only one step!).

  2. AJ says:

    Thanks, this helped me find out users can’t RDP into a machine when their password needs to be reset on next logon. I never would have thought to try an exchange tool but worked great.

  3. Paul says:

    Great help to an annoyingly frustrating issue.

  4. Björn says:

    I had another problem, but the solution was the same as yours…Thank you! Helped me a lot!!!

  5. Blake says:

    I was going crazy trying to figure out this problem. One day my user could connect, using a special RDP connection and user account, next day they could not.

    Evidently, there is now two way communication between Server 2008 and the client computer. If the user account does not have login rights on the local client computer, RDP will not connect to Terminal Services.

    Gave the user account rights to both server and the local computer, problem solved. This post pointed me in the right direction. Thanks.

  6. Stjepan says:

    I had a same problem, but i’ve just: Log In as Remote Admin -> Log Off -> Log In as Remote User. For me it was simple as that. Regards

  7. Bohus says:

    In my case, problem was that the remote account I’ve been trying log onto was not password protected.

  8. Mohammed Najmuddin says:

    Can somebody provide the Solution..

    • rcmtech says:

      Hi Mohammed, the solution involves you doing some work – possibly based on the information above. Look in the system event log, get the error code, use err.exe to find out what that code means, and then take the appropriate action. If you need more assistance then I’m unable to provide that for free.

  9. PeteLong says:

    Here’s some more information that might be helpful, It can also be cause by a missing language pack

    An authentication error has occurred. The Local Security Authority cannot be contacted

    Pete
    PeteNetLive

  10. So_thankful says:

    thanks so so helpful

  11. gerry says:

    Thank you for sharing. This is similar to another article I found online re: using the ERR tool against the (reversed) binary data. Can you provide an example of how the ERR command was used? The binary data I have is 06000AD0 & B50000D0 (from the Event Viewer) or C00A0600 & C000B500
    (if reversed as per article here: http://blogs.msdn.com/b/scstr/archive/2012/02/29/how-to-troubleshoot-the-terminal-server-security-layer-detected-an-error-in-the-protocol-stream-and-has-disconnected-the-client-client-ip-and-the-rdp-protocol-component-x-224-detected-an-error-in-the-protocol-stream-and-has-d.aspx)

    Thanks,
    Gerry

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s