-
Notifications
You must be signed in to change notification settings - Fork 166
Troubleshooting
📝 This Wiki page has moved. For the latest content, see Troubleshoot common issues on the IAP Desktop documentation page. |
---|
On Windows Server, the DisableUserInstalls policy disables per-user installations by default. To install IAP Desktop on Windows Server, use one of the following options: Install as elevated user: You can sidestep the DisableUserInstalls policy by launching the installer as an elevated user:
Change the DisableUserInstalls policy: You can permanently change the DisableUserInstalls policy by editing the local group policy on the server:
Performing an administrative installation: If you don't have administrative privileges, you can perform an administrative install, which extracts the files of the MSI package to a local folder:
The administrative install won't create an entry in the Start menu. To launch IAP Desktop, run |
Symptom: You've configured valid credentials, but each time you try to connect to a VM, the Your credentials did not work dialog appears. After re-entering the same credentials again, the connection succeeds. This issue can be caused by the Always prompt for password upon connection group policy setting. This policy is configured by default on CIS hardened images. IAP Desktop cannot distinguish between genuine authentication failures and prompts triggered by this policy. |
Symptom: You've configured valid credentials, but each time you try to connect to a VM, the Your credentials did not work dialog appears. Re-entering the credentials does not solve the issue. This behavior can occur if the LAN Manager authentication level of your local workstation and the VM are incompatible. Because of the way IAP Desktop tunnels RDP connections, it always uses NTLM for authentication and can't use Kerberos. Depending on the LAN Manager authentication level configured on both machines, authentication will either use NTLM or NTLMv2. If you've configured the VM to demand NTLMv2 (authentication level To solve this issue, make sure that the LAN Manager authentication level on both machines is compatible. |
Symptom: Your local Desktop firewall shows a warning every time you connect to a VM instance by using IAP Desktop. For each VM instance you connect to via Cloud IAP, IAP Desktop opens a TCP
socket that listens on |
If you are seeting other error messages, try manually establishing a Cloud IAP TCP forwarding tunnel:
If establishing the tunnel does not work, check if a local firewall is blocking |
IAP Desktop is an open-source project and not an officially supported Google product.