Windows Events for Remote Desktop logon failure

windows-server-2008 remote-desktop remote-desktop-services windows-event-log logging

Solution 1:

You will get this logon type 3 when you are using NLA (Network Layer Authentication) as the authentication type since it will try and pre-authenticate you prior to giving you RDP access.

You can test this by changing the security layer to RDP Security Layer. Instructions and detailed information on how to do so are found here: Configure Server Authentication and Encryption Levels -- You should then find when typing an invalid username/password combination that it now logs it as logon type 10.

Related

Map one AWS ELB load balancer port to balance to multiple instance ports?
Is there an equivalent to SSLLabs' SSL test for SSL/TLS that is not HTTPS? [closed]
Interpreting mcelog output for bad DIMM
Postfix: error: open database /etc/postfix/generic.db: No such file or directory
Generate subdomain certificate from valid wildcard certificate
systemd ignores return code while starting service
KVM / QEMU: connect to VM without GUI [closed]
Getting SHA1 Digest of SSH Public Key
get AD group path in the domain/tree
PuTTY slow connecting to Linux SSH server [duplicate]
What does the ring parameter in ethtool -g output signify?
What does the command "ip route" show