Symptoms
Your desktop flow unattended runs fail with the SessionCreationUserPromptedForCredentialsAfterConnection error code as shown in the screenshot below.
Cause
The machine requires fresh credentials after the RDP connection is established. However Power Automate for desktop only includes credentials in the connection settings and does not expect to get asked for them after the connection is established.
Resolution
The resolution instructions depend on the machine's setup. Open a command prompt and run the following command: "dsregcmd /status". In the first section of the output "Device State", look at the value of AzureAdJoined and DomainJoined.
-
If AzureAdJoined : YES and DomainJoined : NO
-
Open the registry to the following path: Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services
-
If the Terminal Services key has a value fPromptForPassword set to 1, you need to reach out to your IT department to ask them to disable the policy "Always prompt for password upon connection" then force the policy update on the machine.
-
If the Terminal Services key does not have a subkey fPromptForPassword, you can switch to the path: Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp and look for the DWORD fPromptForPassword and set it to 0; if that DWORD does not exist you can create it.
-
-
In the remaining cases:
-
Open the registry in following Path: Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services
-
If the Terminal Services key has the three values: fPromptForPassword set to 1, SecurityLayer set to 0 and UserAuthentication set to 0, then you need to reach out to your IT department to update one of these three subkeys (fPromptForPassword to 0, SecurityLayer to 1 or 2, or UserAuthentication to 1)
-
If the previous point is not applicable (Terminal Services is missing at least one of the values listed above) then pick one of the values that is not present (if multiple values aren't present, choose at least one of them that corresponds to your needs). Go to the path Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp and update (or create if not present) the value you picked based on which one you chose: set fPromptForPassword to 0, or SecurityLayer to 1 or 2, or UserAuthentication to 1.
-