Event Id | 1050 |
Source | Microsoft-Windows-TerminalServices-RemoteConnectionManager |
Description | The Terminal Server listener %1 is configured with inconsistent authentication and encryption settings. The Encryption Level is currently set to %2 and Security Layer is set to %3. These settings were automatically corrected to allow connections to proceed. Please change the Security Layer and Encryption Level settings in Group Policy or by using the Terminal Services Configuration tool in the Administrative Tools folder. |
Event Information | According to Microsoft : Cause : This event is logged when the Terminal Server listener configured with inconsistent authentication and encryption settings. Resolution : Review and modify authentication and encryption TLS 1.0 (SSL) settings on the terminal server To resolve this issue, check the encryption and authentication settings on the terminal server to ensure that they are compatible, and that they are appropriate for your security requirements and the level of security that your client computers can support. Note : To determine the maximum encryption strength supported by the version of Remote Desktop Connection running on the computer, start Remote Desktop Connection, click the icon in the upper-left corner of the Remote Desktop Connection dialog box, and then click About. Look for the phrase "Maximum encryption strength" in the About Remote Desktop Connection dialog box. Remote Desktop Connection 5.2 and later supports 128 bits of encryption. To perform these procedures, you must have membership in the local Administrators group, or you must have been delegated the appropriate authority. Configure server authentication and encryption settings for a connection by using Terminal Services Configuration Keep in mind that certain authentication and encryption settings are not compatible. To configure server authentication and encryption settings for a connection by using Terminal Services Configuration:
You can also configure server authentication and encryption settings by applying the following Group Policy settings:
Can configure the terminal server to use the FIPS-compliant encryption level by applying the System cryptography: Use FIPS compliant algorithms for encryption, hashing and signing Group Policy setting. This Group Policy setting is located in Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options and can be configured by using either the Local Group Policy Editor or the Group Policy Management Console (GPMC). Note that this Group Policy setting will take precedence over the setting configured in Terminal Services Configuration and takes precedence over the Set client connection encryption level Group Policy setting. Verify : When Transport Layer Security (TLS) 1.0 is functioning as expected for server authentication and encryption of terminal server communications, clients can make connections to terminal servers by using TLS 1.0 (SSL). To verify that the TLS 1.0 (SSL) settings are correctly configured and working properly on the terminal server to provide server authentication and encryption for connections, use Remote Desktop Connection from a client computer to connect to the terminal server. If you can connect to the terminal server and there is a lock symbol in the upper-left corner of the connection bar at the top of the window, TLS 1.0 (SSL) is being used for the connection. Note : To ensure that the connection bar is displayed when you use Remote Desktop Connection to connect from a client computer, select full-screen mode when configuring Remote Desktop Connection settings. To select full-screen mode in Remote Desktop Connection:
|
Reference Links | Event ID 1050 from Source Microsoft-Windows-TerminalServices-RemoteConnectionManager |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.