After updating to Windows 11 H2 2022 we found that the computers were no longer able to connect to a remote app hosted externally by the application owner. The error message wasn’t exactly an error, it would just never finish connecting and display the message “configuring destination”.
The solution to this problem has been around for a few years but this is the first time we’ve run into it. This problem occurred at two clients, completely un-related and accessing different applications remotely that are hosted by different vendors. This issue did not occur until the PC was updated to Windows 11 H2 2022.
Make a registry change
The solution to the problem is a simple to deploy registry edit. Follow the instructions below. Of course, we aware that messing with the registry can be dangerous. Be sure to have a backup before attempting the following change.
1. Click on the start button and type REGEDIT. When it pops up in the menu, select RUN AS ADMINISTRATOR.
2. Because registry changes can cause big problems with the computer, it is important to first backup the registry before making any changes. To do this, in REGISTRY EDITOR, right-click on COMPUTER and select EXPORT, then browse to the location that you want to save the file.
3. Once the backup completes we are ready to add the required registry value. On the left, expand out the following path: HKEY_CURRENT_USER > SOFTWARE > MICROSOFT > TERMINAL SERVER CLIENT
**If the key “TERMINAL SERVER CLIENT” does not exist, you will need to create it. To do this, right-click on the MICROSOFT key, select NEW, then select KEY. Type the name with the proper capitalization: Terminal Server Client
4. Once you select the TERMINAL SERVER CLIENT key, in the right hand pane, right-click, and choose NEW > DWORD (32-bit value). Name the new value “RDGClientTransport” without the quotes.
5. You’ll notice that the key has a value of 0. You now need to right-click on the DWORD you created and change its value to 1.
That’s it! Simply close the registry editor, no reboot is required.
Why does this work?
Well, what it is doing is forcing the computer to use RDP over RPC, rather than RDP over HTTPS. Some computers might happily roll back to the less secure method and others might not. We have not investigated but have seen that reported.
The problem is occurring on the application hosting end. They are only accepting the less secure method of making an RDP connection. So, if you want to continue to use their app you have to make this change to your computer so that it will default to the RPC connection type.
Keep in mind that doing this means that you won’t be able to use RDP over HTTPS. When the hosting application vendor is ready to deploy RDP over HTTPS then you have to undo this registry edit.
All we do is support IT professionals. Microsoft 365 technical assistance, Super Secret News, Security community, MSP Legislation community, EndPoint, Defender and Lighthouse community, Peer groups, Kits, papers, Business consulting and more. https://www.thirdtier.net