Access Denied When Using Encrypted TCP/IP Connection
Posted by Wesley Weir on 25 September 2019 04:13 PM
1 Overview / Work Notes
When creating a desktop connection to a vault using TCP/IP as the protocol M-Files will try to automatically establish an encrypted connection using RPC Encryption and if unable to will establish a normal unencrypted connection. You have the option to 'Enforce encrypted connection' which will restrict M-Files to establish an encrypted connection and if it fails it will throw an error and deny the connection.
The failed connection might throw an 'Access Denied' error which can have multiple causes.
2 Solution / Workaround
First if this is connection passes through any firewalls they often block RPC over TCP by default and so you want to enable port 2266 for traffic as documented here:
If you are on Windows 10 you may be running into a known issue with the Windows 10 Fall Creators Update which is documented with workaround here:
You also need to make sure that both the source computer and destination computer are both on your domain as when establishing a connection it will try to authenticate both the user and the computer to the server. As such non domain computers will fail with an access denied error.
If you need to use an encrypted connection for external connections or computers not on the domain we recommend you utilize RPC over HTTPS connections. You can see how to configure those connections with our documentation here:
If you wish to know more about M-Files and encrypted connection our documentation can be accessed here: