Error "Could Not Start Executor. RDP Connection Failed: Message: An Authentication Failure Aborted The Connection"

News Knowledge Base
,
1

Why does the job fail with the error "Could not start executor. RDP connection failed: Message: An authentication failure aborted the connection."?

Issue Description: When trying to launch an Unattended Robot from Orchestrator, the job fails with the following error "Could not start executor. RDP connection failed: Message: An authentication failure aborted the connection."

Resolution:

  1. Enable the Low-level Logs on the Robot machine (Instructions present in Enabling Robot Diagnostic Logs )
  2. Check in Event Viewer, under Application logs, the time interval when the above error message occurred
  3. Next, check the Security logs in Event Viewer at the same time interval and identify what other error is received
  4. Notice in Event Viewer, under the Security logs, in the same time interval as for Application logs, the occurrence of error message: "The NetLogon parameter is not active."

  1. For this particular error, make sure the service Netlogon is started in services.msc. If not, start it manually,



Note: If the necessary rights are not present to start the service, contact the internal IT administrator for help.

In-Addition:
RemoteException wrapping System.Exception: Could not start executor. Rdp connection failed: Message: An authentication failure aborted the connection. Last error: 131081
Occurred in 2021.4 Orchestrator

  1. Enabled the below local group policy to set "Require use of specific security layer for remote (RDP) connections" to RDP and tried the job execution.
    • Computer Configuration > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Security - Require use of specific security layer for remote (RDP) connections - Set this policy to Enabled and the Value RDP
  2. Upgraded the robot version to 2022.4.9 and added system environment variable "UIPATH_DNS_MACHINENAME" to true. Based on this setting robot will use FQDN to create RDP session. In older version it uses localhost to create RDP session. when using localhost and enforcing Kerberos authentication for the RDP protocol, there is no SPN record matching localhost in AD and hence it fails in authentication.
Below is the UiPath documentation of bug, found in the past for Kerberos authentication.
1 Like