We have determined that when SurePassID is installed and tracing is enabled, if the user has not browsed into the c:\windows\temp folder and navigated past the UAC prompt allowing access, then the RDP (mstsc) call to the login provider can fail with an error code (0x800706be).
This may or may not be related to NLA being enabled on the target system. This does not seem to be a problem for local administrators. Ongoing testing is occurring.
To avoid this issue, we recommend the following:
- Turn of Trace except in cases whereby it is needed.
- When needed, open c:\windows\temp with the explorer and grant the needed access to the folder by responding to the UAC prompt with "yes".
- If a user is experiencing the issue and tracing is needed then have the user do the same, open the c:\windows\temp folder and answer yes to the UAC prompt.
It appears that once the current user has gotten access to the temp folder via the UAC prompt then they will not experience any issues with the tracing and the operation of the RDP functions.