1/ Validate Safeguard can access the RDP port on the target:
Safeguard Client -> Settings > Networking > Diagnostics > Telnet > Select X1. Enter the IP or DNS address being used and click Connect. If successful the output will show "Connection Succeeded."
2/ Validate the user has permissions to RDP to the target - check the permissions under "Asset Session Access" here
3/ Perform a "Check Password" on the Account on the Asset. (If the account is a directory account, this will be done within Directories) The results should show "Success" and "Task completed successfully"
4/ Ensure that only local users are created directly against a Windows asset - AD domain users won't work (If you are trying to use a domain user you need to set the account up against a directory) Refer to KB 238873 for for more information
5/ If using an AD account.
- Ensure that if "Log On To" is set to "The following computers" on the users account, that both the client and target computers are listed
- Ensure that the "Logon Hours" on the users account if set are correct
- Ensure the account is not disabled
- Ensure that "User must change password at next logon" is not ticked on the users account.
6/ Review the Event Security Logons.
7/Check if the Client and Server sides have the patches for handling CVE-2018-0886 are installed. Reference KB 321865.
8/ Validate the same user can RDP into the system outside of Safeguard.
For further troubleshooting please supply:
- Support bundle, information on generating available here
- Date, time and timezone of failed connection
- Username which failed
- Target operating system, name and IP
- Export of Security Event Logs from the target system
- OS of client and target
- Version of mstsc / rdp client