Monday, April 09, 2007

How To Disable Credentials Prompt of RDP 6.0

Remote Desktop Connection client 6.0 introduces new authentication features to improve security for Windows Vista and Windows Longhorn Server, which makes it mandatory for the user to enter logon credentials before RDP client can establish connection to the remote server (" Enter your credentials for <server>. These credentials will be used when you connect to the remote computer" ). But if the remote machine is configured to show logon warning message or if the remote system happens to be Windows 2000 or XP, you’ll need to enter the credentials again at remote machine’s logon screen.

There is however a workaround to skip the credentials screen that RDP 6.0 client shows by choosing “Do not attempt authentication” under Authentication options on the Advanced tab, but this option is not set permanently. To permanently skip the additional credential screen of RDP 6.0 client, edit the Default.RDP file in notepad to include enablecredsspsupport:i:0 . The Default.RDP is located in each user’s My Documents folder. Including enablecredsspsupport:i:0 disables the Credentials Security Service Provider for the connection. If you use separate .RDP files for different server, modify each of those .RDP files. Below is the content section of the default.rdp file with enablecredsspsupport:i:0 option included.

redirectposdevices:i:0
authentication level:i:0
enablecredsspsupport:i:0

prompt for credentials:i:0
negotiate security layer:i:1

Note that this workaround is suggested only if you connect Windows 2000/2003/XP systems because according to Terminal Services Team blog post“This option does disable the new credential prompting behavior, but it also disables support for Network Level Authentication for Vista (and Longhorn Server) RDP connections; Network Level Authentication requires credentials to be provided by the client before a session is created on the server side.” So if you do connect to Vista/Longhorn over RDP, you’ll not be able to use this option.

References: http://blogs.msdn.com/ts/archive/2007/01/22/vista-remote-desktop-connection-authentication-faq.aspx

14 comments:

Bob said...

you are a saviour and a saint. I cannot believe that i would have to suffer getting "localservername\username" in the username box in rdp every single damn time i used the program, regardless how i previously connected.

Well done microsoft - another "improvement". Idiots....

pitpawten said...

Excellent post. Did you get this from some set of tech-docs.

I wonder what other non-default settings there are to regain the functionality of the previous client.

Thanks again.

pitpawten said...

Nevermind, actually followed the link this time :)

Anonymous said...

Thank you!

Venkat said...

Hi Raj,

I use Vista Business Version and in my case the TS keeps asking for domain level authentication inspite of me providing the correct password. I connected from a windows xp box and it is connecting using the same credentials. I set the registry entry AuthenticationLevelOverride to zero and still I have the same problem. The server is running Windows 2003/2000. Any suggestions?

Venkat

Venkat said...

Hi Raj,

This is Venkat again. I figured out what was the problem. Thanks.

Venkat

Anonymous said...

Legend - Recently Deployed new Citrix Farm with 50 custom rdp connections. This Saved alot of hassle and is a great workaround.

Thank you

John C

buy wow gold said...

When the Wow Gold wolf finally found the wow gold cheap hole in the chimney he crawled cheap wow gold down and KERSPLASH right into that kettle of water and that was cheapest wow gold the end of his troubles with the big bad wolf.
game4power.
The next day the Buy Wow Goldlittle pig invited hisbuy gold wow mother over . She said "You see it is just as mttgamingI told you. The way to get along in the world is to do world of warcraft gold things as well as you can." Fortunately for that little pig, he buy cheap wow gold learned that lesson. And he just agamegold lived happily ever after!.

Balaji said...

Hi,

I followed the same, but still i am able to view the login screen. I downloaded the RDP client 6.0 from microsoft site, but i cant find the Advanced tab. Also, i edited my custom rdp file settings. but it doesnt work

AlPo said...

Thanks a lot !!!!!!!

windows password recovery said...

Some days ago, i just got a windows password recovery tool http://www.anypasswordrecovery.com/ which can bypass windows password easily,and it can be burnt onto a cd as recovery disk.If you need,then get it.

osx remote desktop said...

I had a great time reading around your post as I read it extensively. Excellent writing! I am looking forward to hearing more from you.

Satheesh said...

Perfect that worked for me ...... thanks for the tip....

Anonymous said...

Thanks a lot!

This works for RDP 7.1 Client too