Configuring RDP with MSA is impossible using the RDP Developer Menu

[trympet]

Windows Build Number

10.0.22621.1848 (latest stable)

Processor Architecture

AMD64

Memory

32GB

Storage Type, free / capacity

C: SSD, 40GB / 120GB

Relevant apps installed

N/A

Traces collected via Feedback Hub

N/A. I'd be happy to provide a trace upon request.

Isssue description

I configured my workstation for RDP using the Developer Menu -- a procedure I have executed many times in the past. The only difference is that this time the workstation was configured to use an MSA with Windows Hello sign-ins.

Whereas the developer menu was the one-stop-shop for RDP with local user accounts, using an MSA complicates matters, thus leaking implementation details about credential caching and the like. Consequently, the machine is rendered unconnectable when configuring RDP using the developer menu, despite it implying that the machine is remotely connectable.

To provide context, I regularly reinstall Windows on my workstation. After having just left the office, I followed the same procedure as usual, but this time, the PC was configured to use an MSA. One plane trip later and I'm left with no access to my data. ☹️

Here's a list of other befuddled customers:

• https://superuser.com/questions/1715525/how-to-login-windows-remote-desktop-rdp-in-windows-11-when-microsoft-account-a
• https://www.reddit.com/r/Windows11/comments/s0q42f/rdp_authentication_failure_using_microsoft_account/
• https://cmdrkeene.com/remote-desktop-with-microsoft-account-sign-in/
• https://superuser.com/a/1719473
• https://answers.microsoft.com/en-us/windows/forum/all/remote-desktop-not-working-with-microsoft-account/71f0c323-688a-4c97-8740-e80eb31ae11d

Steps to reproduce

1. Install OEM Windows 11 Pro with a local user account.
2. Configure the machine to use an MSA a. Open Windows Security > Account Protection b. Sign in to your personal MSA c. Reboot and configure Windows Hello Pin sign-in
3. Change the network adapter profile to Private
4. Reboot and enable RDP in the developer menu
5. Attempt to remote into the terminal server using a machine on the same network.

Expected Behavior

Enabling remote desktop in the Developer menu should provision the machine for remoting. It should exhibit the same behavior regardless of whether an MSA or local user account is used.

Alternatively, the user should be prompted to perform any necessary workarounds to configure remote desktop.

Actual Behavior

Attempting to remote into the system yields an authentication error.

As a result, I have to memorize several procedures to enable RDP, depending on whether the system is configured for an MSA or not. Furthermore, this is not evident to the user when enabling RDP in the OS.

I think the workaround is to disable Windows Hello-enforced sign-ins; I can confirm in about 2 weeks time.

### Tasks

[AdamBraden]

While not relevant for this perf repo, this is a known issue you can upvote in Feedback Hub - see https://aka.ms/AAnjy12