Issue: NTLMv2 Authentication not working for Remote Control

Version 3



    Some customers want to use local Windows Authentication to authenticate their remote control sessions via LANDesk. This might also be the case if the to be remote controlled device is not a member of a domain (standalone) or not part of any trusted domain (untrusted) to the domain within the administrator and/or the LDMS core resits.


    The usual configuration within the LANDesk Agent configuration would look like similar to this


    On the device to be remote controlled some local account has been added to the “Remote Control Operators” group (here LDAdmin and the local administrator).


    But every time the customer wants to connect to the client, the "Credentials Required” window keeps popping up. And no successful remote control session can be established.


    The issuser.log (in the LDClient directory) does show entries which imply that the user has established a successful remote control session.

    These entries might look similar to this one:



    Start Remote Control  Initiated from W2K3-CITRIX-EN by user \, Security Type: Windows NT




    The cause of this was that the local machine was set to only accept network connection authenticated by NTLMv2 within the local group policy for “Network security: LAN Manager authentication level Properties”.




    The solution is to set the authentication level to “Send LM & NTLM – use NTLMv2 session security if negotiated”