1 Reply Latest reply on May 11, 2018 3:03 AM by rubensk

    Remote Control only as Administrator of target Win10 machines after Windows Security Baseline Active





      we've enabled Microsoft's Security Baseline via GPO to our Windows 10 computers. If we now like to use dameware 12 to  remote control a computer the authentication is not working through.

      No matter which protocol from the dropdown list (Windows NT Challange / Response, Encrypted Windows Logon, ...)  is used it all fails.


      Somebody meet this situation and knows what to do? Is there a configuration in dameware that can be changed to work with the basline or did u change a setting on the baselines?


      Windows Security Baselines | Microsoft Docs


      I have checked the application log of the remote machine and found these events:


      Event Id
      Event TypeEvent SourceEvent Message


      DameWare Mini Remote Control

      System Error: 0

      System Error: 0

      System Message: The operation completed successfully.

      Authentication failed: Socket API recv Failed. (AcceptSecurityContext).

      (srv 64 bit)



      DameWare Mini Remote Control

      System Error: 5

      System Error: 5

      System Message: Access is denied.

      Authentication failed.

      (srv 64 bit)


      Error: Authentication Failed Using Windows NT Challenge/Response.




      Date: Mon, 7 May 2018 9:41:38

      Computer Name: C0110320

      User ID: JackP

      Logon As ID:


      Desktop User ID: Domain\Admin_Jack

      Desktop Name:

      Connect via Proxy: No

      Desktop State: User is logged on

      Permission Required: Yes

      Access Approved By: N/A

      Access Declined By: N/A

      Access Request Timeout: N/A

      Access Request Disconnected: N/A

      OS Product ID: 00378-20000-00003-AA087

      OS Registered Owner: ABC

      OS Registered Organization: ABC Inc

      Host Name from Peer: C0110320

      IP Address(es) from Peer:

      Peer Host Name:

      Peer IP Address:

      Protocol Version - DWRCC.EXE: 13.000000-0.000000

      Protocol Version - DWRCS.EXE: 13.000000-0.000000

      Product Version - DWRCS.EXE:

      Product Version - DWRCC.EXE:

      Authentication Type: NT Challenge/Response

      Last Error Code: 5

      Last Error Code (WSA): 0

      Host Port Number: 6129

      Host IP Address:

      Host Name: C0110310

      Absolute timeout setting: 0 minutes

      Connect/Logon timeout setting: 90000 milliseconds

      Access Check:

      Registered: Yes

      WTS Session: No

      Used Diffie-Hellman Key Exchange.

      Used Shared Secret: No

      Registration: 82A9-E2CC-5300-4CAC-8B18-B0AB-168E-6314

      (srv 64 bit)


      I know that NTLM version 1 is deactivated via Security Basline, but I assume Damware is using Version 2?


      Thanks in advance