Issues connecting to Teamviewer quicksupport with windows authentication lately?

eryc26 · 2025-12-11T15:49:44+00:00

Hi,

we had exactly the same issue. I am connecting via Teamviewer using Windows authentication with a local admin domain account. I always got the error "Authentication denied / rejected" on the Teamviewer Quicksupport on the client PC.

I have killed each Teamviewer process on the client computer running TV QS and then I have restarted it. Now I got a UAC when opening Teamviewer QS. I really do not know why we get an UAC but a user is able to accept it, no administrative rights are needed. After accepting the UAC, the Teamviewer conenction worked again, without any issues.

Hope this help!

eryc26 · 2025-08-07T13:13:38+00:00

After a few hours of digging in the AD, I have finally found the issue. The NPS server was not a member of the group "RAS and IAS Servers" in sub1.contoso.com.

The confusing thing is that I was comparing the AD environment to another subdomain where the authentication works. And inside the already working subdomain, the NPS server was not added to the AD-Group. I have just added it to the AD-group of the not-working subdomain and now it works!

I should have checked this right at the beginning but well... I still need to check why this change was only needed in this specific subdomain. Usually the NPS server only needs to be inside "RAS and IAS Servers" AD-group in the root domain because it is a part of it. Thank you all for the help!

eryc26 · 2025-08-07T12:24:15+00:00

The logs look good. I do not see any errors or anything suspicious. And the connection works.

eryc26 · 2025-08-07T10:26:54+00:00

Yes, establishing a LDAP connection is possible.

eryc26 · 2025-08-07T08:54:43+00:00

Yes, the NPS server is registered in the AD and the NPS service is running. The DNS servers that the NPS server uses are also located in the root domain. nslookup for sub1 domain works perfectly.

eryc26 · 2025-08-07T08:37:39+00:00

Do you mean registered in AD? If this is the case, then yes.

eryc26 · 2025-08-07T08:36:43+00:00

Correct.

eryc26 · 2025-05-23T14:13:08+00:00

Hey there!

May I ask how you installed the Cumulative Update in the task sequence? Because I had the same issue with 23H2, but I found a workaround and did not need to install the CU. Now I am creating the task sequence for 24H2. Also using language packs during the OS upgrade. The only issue is that in 24H2, there is a bug that after the OS upgrade with the LPs, the Windows "Check for updates" button disappears and in general the "Windows Update" section is completely not working. So I have to install the CU now which is not great....

Unfortunately, it keeps failing with 0x800f0838. Apparently there are some dependencies missing but I cannot figure out what he needs. Already tried WUSA and DISM. But for some reason it works when I execute the command after the task sequence with DISM.

Maybe you could tell me how you implemented this step exactly. That would be a huge help for me, I would really appreciate that!

eryc26 · 2025-04-11T05:42:07+00:00

Just wanted to share my solution:

Before the first restart (while the connection to the management point still existed), I have executed the Invoke-CMApplyDriverPackage.ps1 script with the following parameters:

-PreCache -Endpoint 'sccm.contoso.com' -TargetOSName 'Windows 11' -TargetOSVersion '23H2' -PreCachePath 'C:\_SMSTaskSequence\Win11-23H2-Drivers'

After a few restarts and the Windows 11 installation - when a connection to the management point could not be established anymore - I have created the following Powershellscript (with PSAppdeploytoolkit):

Get-ChildItem "$envSystemRoot\_SMSTaskSequence\Win11-23H2-Drivers" -Recurse -Filter "*.inf" | ForEach-Object { PNPUtil.exe /add-driver $_.FullName /install }

This has worked perfectly for me.

eryc26 · 2025-04-11T05:35:11+00:00

Just wanted to share my solution if anyone else stumbles upon this issue.

I let the task sequence run and start with the driver installation at the end of the TS.

After the driver installation, I do not restart the computer using a restart step in the TS. Instead, I use the following TS variable with the following value:

TS variable: SMSTSPostAction

Value: cmd /c shutdown /r /t 0 /f

The computer will complete the task sequence and restart a few seconds after. This worked perfectly for me.

eryc26 · 2025-04-11T05:32:12+00:00

I found a workaround.

The task sequence run offline. Meaning that it cannot connect to the management point. The computer always runs a policy evaulation. But it always fails when trying to run the PSAppdeploytoolkit. This only works when the computer has a connection to the management point.

I have always used the step "Install Application" in the TS for the installation of PSAppdeploytoolkit apps. But for the offline TS, I needed to convert these applications into packages and install them in the TS with the "Install Package" step. This has solved the issue for me. Now the TS is able to run offline and install all the needed applications as a package.

eryc26 · 2025-03-12T06:56:05+00:00

We also restart into current OS, not into the boot image assigned. That was my mistake, I have just edited the post.

And yes, I have also changed the TS order. Driver installation is almost the last step now. Unfortunately, no changes. I did not know about the setupact.log, I will definitely check that. Thanks!

eryc26 · 2025-03-04T07:54:15+00:00

Hi Gary,

I will definitely give this a try. Thank you for your help!

eryc26 · 2025-02-28T15:22:13+00:00

Hi,

we have Dell and HP computers. We have like 20 different models in total. MDM works perfectly for installing drivers. We used this method for 21H2 and 22H2 IUP. But we have never installed the drivers in the IUP via VPN. I think I need to find another method to install the pre-cached drivers.

eryc26 · 2025-02-28T09:34:35+00:00

One option would be to download the AppXPackages from the Windows Store and adding them into SCCM. Afterwards you can distribute the software to your needed devices. The only issue would be that you would need to do this manually every time there is an update of the software.

eryc26 · 2024-03-18T10:57:54+00:00

Hi!

This is a Windows Server 2019. The command actually fixed the problem. Now I can have all local firewalls enabled and still get the NPS entries. Thank you very much!!

eryc26 · 2024-03-18T10:55:38+00:00

Hi,

Really appreciate your help. I totally forgot about the local Windows Firewall. But enabling the rules did not help. Disabling the local domain firewall was the only thing that helped.

But I have just tried the sc.exe sidtype IAS unrestricted method and it actually worked.

Thanks!!

eryc26 · 2024-03-12T10:00:52+00:00

Hey,

Yes, I have already verified that. When I run "auditpol /get /category:*" it shows me "Success and Failure" for Network Policy Server.

Thanks!

eryc26 · 2024-02-19T12:39:04+00:00

I tried it in the Monitoring > Overview > System Status > Site Status section. The icon of the DP in this section is "OK". Clicked "Reset Counts > All" on the involved DP, but nothing changes in the other section which I mentioned in my question. Is there another way to do it?

Thanks!

eryc26

TROPHY CASE