Fix for Remote Desktop Gateway authentication error from clients

Friday, November 6, 2009
If you use Remote Desktop Gateway Manager (formerly, Terminal Services Gateway) in Windows Server 2008 R2, you may find that Windows clients are unable to authenticate to the RD Gateway server.

This happens because the default configuration in Windows Server 2008 R2 Remote Desktop Gateway is to request that clients send a statement of health before the connection can be made. If this option is selected and you do not have a Remote Desktop connection authorization policy (RD CAP) for Network Access Protection (NAP) configured, clients will be unable to connect to the RD Gateway. They will repeatedly be prompted for Gateway Server Credentials as shown below:

To fix this issue, ensure that you have a valid statement of health configured in NAP. Alternatively, as in the case of clients that cannot or do not provide a statement of health (I'm looking at you, Windows XP), you can disable requesting statements of healthy entirely. Here's how to do that:
  • Logon to the Remote Desktop Gateway computer and open the RD Gateway Manager (Start > Administrative Tools> Remote Desktop Services > Remote Desktop Gateway Manager)
  • Right-click the RDG server and select Properties
  • Click the RD CAP Store tab and clear the checkbox for "Request clients to send a statement of health", as shown below and click OK.

It may take a moment for the change to go into effect. Occacionally, I've had to restart the Remote Desktop Services service.


  1. hi,
    I want to allow the administrators group to connect to any user using Remote Desktop, but I faced a problem to enable the remote desktop in all users computers by a rule or a policy or anyway possible.
    ( I know how to do it from the user pc )
    ( I know how to enable it from regedit )
    but I want to do it from my Active Directory
    So please -anyone knows how to do it- help me

  2. What about XP SP3? NAP should work on that. Is still a problem on XP SP3?


Thank you for your comment! It is my hope that you find the information here useful. Let others know if this post helped you out, or if you have a comment or further information.