RDP connection to Remote Desktop server running Windows Server 2008 R2 may fail with message 'The Local Security Authority cannot be contacted'.

狀況:
When attempting to establish a remote desktop connection using RD client (mstsc.exe) to a Remote Desktop server which is running Windows Server 2008 R2, you may encounter any of these messages:

The connection cannot be completed because the remote computer that was reached is not the one you specified. This could be caused by an outdated entry in the DNS cache. Try using the IP address of the computer instead of the name.

Or

An authentication error has occurred.
The Local Security Authority cannot be contacted

解決方法:
Remote Desktop in Windows Server 2008 R2 offers three types of secure connections:

Negotiate: This security method uses TLS 1.0 to authenticate the server if TLS is supported. If TLS is not supported, the server is not authenticated.
RDP Security Layer: This security method uses Remote Desktop Protocol encryption to help secure communications between the client computer and the server. If you select this setting, the server is not authenticated.
SSL: This security method requires TLS 1.0 to authenticate the server. If TLS is not supported, you cannot establish a connection to the server. This method is only available if you select a valid certificate.

To resolve the issue, change the remote desktop security on the RD server to RDP Security Layer to allow a secure connection using Remote Desktop Protocol encryption. Below are the steps:

1. Navigate to Start > Administrative Tools > Remote Desktop Services > Remote Desktop Session Host Configuration.
2. With RD Session Host Configuration selected view under Connections.
3. Right click RDP Listener with connection type Microsoft RDP 6.1 and choose Properties.
4. In general tab of properties dialog box under Security, select RDP Security Layer as the Security Layer.
5. Click OK.

Note: This setting does not need a restart of the Server or Remote Desktop Service.

參考文件:RDP connection to Remote Desktop server running Windows Server 2008 R2 may fail with message 'The Local Security Authority cannot be contacted'.

EMC Initialization Failed

After installing the two Client/Hub/Mailbox servers I can not get into the EMC and get the following error:

Initialization failed

The following error occurred when getting user information for 'DOMAIN\administrator':
The operation couldn't be performed because object 'S-1-5-21-502790489-3747709401-3226269444-500' couldn't ge found on 'Servername.domain.com'. It was running command 'Get-LogonUser'.

上述問題為 SID 衝突造成 EMC 無法正常用作而啟動錯誤

解決方法:
1. 先將 EXchange 2010 退出網域
2. 退出網域後,重新開機登入
3. 開機登入後,執行 Sysprep
4. 執行 Sysprep 後,重新開機登入
5. 開機登入後,再將 Exchange 2010 加入網域
6. 加入網域後重新開機
7. 開機登入後,開啟 EMC 錯誤訊息不在發生,上述問題已解決