By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

RDP asking for NLA a month after Active Directory FSx setup

0

I am having an issue that seems to be stemming from some incorrect network or directory configuration that I cannot seem to pin down.

My server setup is as follows:
multiple Windows server 2016 EC2s (created off an image I set up roughly a week ago)
AWS managed Microsoft Active Directory (bare bones, just used for FSx)
FSx filesystem

I set this all up a month ago and everything was smooth sailing (attached the Directory following the AWS doc here: https://docs.aws.amazon.com/directoryservice/latest/admin-guide/join_windows_instance.html). However, last night (exactly one month after I hooked up the AD and FSx) I could no longer RDP into my server (I had successfully RPDed in the night before). I received an error message that stated “The remote computer that you are trying to connect to requires network level authentication (NLA), but your windows domain controller cannot be contacted to perform NLA...”. I thought maybe the server was just wonky so I spun up a new server off my image. Not only could I not RDP into the new server, but it did not appear to be able to access files from my FSx filesystem (couldn’t RDP in to see exactly why or if I could manually map it to a drive). The existing servers that I still could not RDP into were serving files from FSx just fine at that point (they later failed at 1 pm PST without any outside intervention). I tried creating servers off of old images to see whether the problem was just my recent image, but any image that I had created after I initially hooked up my Directory would present me with the same error when I tried to RDP in. I ended up having to go back to an image I created before and manually hook that up to the Directory and File System again which fixed the issue, but I suspect I am going to run into this again in a month.

The fact that it was a month on the nose between setting everything up and the error, I suspect it was caused by some session expiring. Am I right in my thinking that this was the cause of the issue or am I totally off base? If I am right, is there anything I can do to extend the session or make it unlimited in some way?

I’m new to using active directories (in the past I’ve just used a windows server mapped to a domain in my host file to serve files), so I’m sure there’s something I’m missing.

Thanks!

Topics
Storage
Tags
Amazon FSx
Language
English
JacobM
asked 4 years ago609 views
1 Answer
0

Sounds similar to this post. I'm guessing you forgot to run SysPrep before making the image.
https://forums.aws.amazon.com/thread.jspa?threadID=328709

Here are instructions on how to SysPrep EC2 instances.
https://aws.amazon.com/premiumsupport/knowledge-center/sysprep-create-install-ec2-windows-amis/

profile pictureAWS
JoeD_AWS
answered 3 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content