Forum Discussion

VeeDub1's avatar
VeeDub1
Copper Contributor
Oct 01, 2025

RDP from W11 to W11 computer fails with invalid credentials error. But credentials are correct.

Hello,

I'm unable to RDP from one W11 computer to another in a Active Directory domain environment.

The error reported in the RDP app is: The login attempt failed. Your credentials did not work.

I'm able to use the same credentials on a W10 computer and successfully RDP to the W11 'server' computer.

There are no Event 4625 errors on the W11 'client' computer.

There are no cached credentials on the client computer.

I used Test-NetConnection -ComputerName $target -Port 3389 -InformationLevel Detailed

RemoteAddress           : 192.168.0.33
RemotePort              : 3389
NameResolutionResults   : 192.168.0.33
MatchingIPsecRules      :
NetworkIsolationContext : Private Network
InterfaceAlias          : Ethernet
SourceAddress           : 192.168.0.10
NetRoute (NextHop)      : 0.0.0.0
TcpTestSucceeded        : True

 

I would appreciate suggestions on how to troubleshoot the authentication issue.

Thank you

VW

configuration
security

3 Replies

  • Walid_91's avatar
    Walid_91
    Copper Contributor
    Oct 02, 2025

    Hi, 

    You might need to consider checking the following: 

    1- You may need to explicitly allow credential delegation via Group Policy  as might be a missing delegation or missconfigured :

    • Navigate to:
      Computer Configuration > Administrative Templates > System > Credentials Delegation
    • Enable:
      • Allow delegating saved credentials with NTLM-only server authentication
      • Add TERMSRV/* to the list of allowed serve

    2- Ensure using the the correct format that include the correct domain example: Domain\username or mailto:username@domain.local. 

    3-Check the local security Policy permissions and confirm that the user is allowed to logon via RDP: 

    • Run secpol.msc as admin
    • Go to : Local policies > user rights assignement > Check allow log on through remote desktop services then add the user. 

    4-Might be a DNS resolution issue, try via the IP Address or via the hostname. 

    5-Try adding manually the credentials into the credential manager : Control Panel > Crendentials Manager > Windows Credentials > Add: TERMSRV/Hostname or TERMSRV/IP with correct domain credentials. 

                  cmdkey /generic:TERMSRV/192.168.0.33 /user:DOMAIN\username /pass:yourpassword

    Hopefully my troubleshooting steps helps you resolved the issue. 

    Good luck.

    Walid

     

  • VeeDub1's avatar
    VeeDub1
    Copper Contributor
    Oct 02, 2025

    Hello,

    I subsequently realised that I needed to check the destination Security Event Log, rather than the client.

    There are 4625 events in the Security Log. They're unusual.

    - Status/Sub Status: 0xC000006D (Generic Failure)

    - Account Name / Account Domain: Blank/Empty/NULL

    That is, the username and password are not being transmitted.

    I've tested from a 2nd computer and the behaviour is the same.

    • PhilU115's avatar
      PhilU115
      Copper Contributor
      Oct 03, 2025

      May be obvious, but worth checking that your W11 'client' has all the relevant services running (should be three of them listed in Services manager - ensure all are running.) Also check the Firewall is allowing it through.

Resources