RDP Relay Error: "This computer can't connect to the remote computer."

  • 7017886
  • 26-Jul-2016
  • 12-Jun-2019

Environment

NetIQ Privileged Account Manager

Situation

User receives the following error when attempting to launch RDP Relay from the User Console:
This computer can't connect to the remote computer.

OR When Launching RDP Relay, the server responds with the following:
The user name or password is incorrect. Try again.

Resolution

There may be several causes found in these particular scenarios. Please verify the following:

  1. The Domain Name of the Resource in the Credential Vault is configured to be the AD NetBIOSName:

    Powershell> Get-ADDDomain
    ...
    OR Get-ADDomain | findstr NetBIOSName
    NetBIOSName: ADDomain

  2. The cmdctrl rule is properly configured with the appropriate Domain credential details, for example:

    Account Domain: NetBIOSName (Domain)
    Credentials: Domain\Administrator
    Run User: Domain\Administrator


  3. (conditional) If Run Host has been configured with DNS Name, then this must be resolvable from the RDP Relay server's perspective. Please verify this name resolved to the proper ip address, from a terminal on the RDP Relay server:

    nslookup <Run Host>

  4. RDP Port is accessible from RDP Relay server to Run Host. Please verify from a terminal on the RDP Relay server:

    telnet <Run Host> 3389


    Note: default 3389 unless otherwise specified in the cmdctrl rule.

Additional Information

How to install telnet on Windows Server with PowerShell:
Import-Module servermanager
Add-WindowsFeature telnet-client