Password less authentication for Remote Desktop

Similar Messages

• Configure Network Level Authentication for Remote Desktop client

  We publish Remote Desktop in our Windows 2008 R2 terminal server.
  However, in Windows 2008R2 , the remote desktop client will a lillte bit slow
  I found out that if I modify the setting in default.rdp
  authentication level:i:0
  enablecredsspsupport:i:0
  it will increase the speed a lot
  however, how can I set all user use remote desktop will disable those feature as well?
  Thanks

  Hi Kenneth, 
  I suggest you to see similar thread "disable
  Network Level Authentication Terminal Server 2008"
  If above thread does not helps, seek help from RDS/TS experts in here.
  Or wait until any of our moderator move this post to respective forum.
  Thank you for understanding.
  Regards, Ravikumar P

• Prompting for passwords even i configured ssh password less authentication

  There are two servers :
  1. Site
  2. Testing
  from site server i want to connect testing server with ssh password less authentication.
  i generated public and private keys with ssh-keygen -t rsa on site server.
  cat id_rsa >> authorized_keys
  cat id_rsa.pub >> authorized_keys
  i appended id_rsa.pub ( public key site server ) to authorized_keys ( testing server ) with below command .
  ssh [email protected] "cat >> ~/.ssh/authorized_keys" < ~/.ssh/id_rsa.pub
  am i missing some point in performing procedure for ssh password less authentication ?
  because it prompts for passwords agaian and again
  Edited by: user13376823 on Oct 9, 2012 9:30 AM

  user13376823 wrote:
  There are two servers :
  1. Site
  2. Testing
  from site server i want to connect testing server with ssh password less authentication.
  i generated public and private keys with ssh-keygen -t rsa on site server.
  cat id_rsa >> authorized_keys
  cat id_rsa.pub >> authorized_keysI don't think you should be doing this. I can't see the point of adding the private key and adding the public key means the "Site" can ssh to itself without needing a password!
  >
  i appended id_rsa.pub ( public key site server ) to authorized_keys ( testing server ) with below command .
  ssh [email protected] "cat >> ~/.ssh/authorized_keys" < ~/.ssh/id_rsa.pub
  I would expect you to add the RSA public key to the "authorized_keys2" file and not the "authorized_keys" file.
  >
  >
  am i missing some point in performing procedure for ssh password less authentication ?
  because it prompts for passwords agaian and again
  Edited by: user13376823 on Oct 9, 2012 9:30 AM

• Group Policy for Remote Desktop Users

  Hi,
  Currently my users use desktops and have user and computer GPOs applied (typical things like logon scripts etc.) at the OU level where they reside e.g. Finance Users, Sales Users etc.
  I am planning a Remote Desktop 2012 environment.
  I have read the following:
  TechNet cc779327
  So, my understanding is that I create a new OU for my Remote Desktop Server only (not users), and create a new security Group for my RD Users and a security group for my RD server.
  Remote Desktop Servers OU
             * RD User GPO (filter on RD User security Group and RD Computer Security Group)
             * RD Computer GPO (filter on RD User security Group and RD Computer Security Group)
  I then apply all computer settings to the RD Computer GPO (loopback processing, Windows installer, hide shortcuts etc.).
  I then apply all user settings to the RD User GPO (app specific, templates etc.)
  Why not consolidate the two GPOs into one?
  If I set computer settings in the computer GPO, and apply it as above to filter to the RD Server group and RD Users Group will this apply to only users un the RD User Group...or ALL users since I added the server to the filter?
  If a user currently gets a setting in their normal OU e.g. Finance logon script, will they still get it on the Remote Desktop? Or do I need to copy that GPO setting to my new RD User GPO also?
  Am I right to add both RD Server and RD User groups to the filter on both RD User and RD Computer GPOs?
  Loopback processing - merge or replace typically for Remote Desktop?

  Hi,
  Thank you for posting in Windows Server Forum.
  Create OU for RDS Server in Active Directory. Create security group for users who will use Remote Desktop Host (i.e. RDS Users). Create GPO (i.e. RDS Server Lock Down). In Security Filtering delete Authenticated Users, add RDS Server Account, and the security
  group created in previous step.
  Please check beneath article might useful for better understanding.
  Lock Down Remote Desktop Services Server 2012
  How to secure your remote desktop server with GPO
  Hope it helps!
  Thanks,
  Dharmesh

• Updates for Remote Desktop via App Store Software Update

  Hello, and Happy Thanksgiving. On a computer running Mavericks, I installed Apple Remote Desktop 3.5 from the disk (not from the App Store.) On it's first startup, I was greeted with the message "The Remote Desktop Administrator software must be upgraded on this computer." I downloaded and installed the 3.7 update manually from http://support.apple.com/kb/dl1565. However, I view this as a "Band-Aid", and not a fix. How would I recieve future updates for Remote Desktop from Software Update within the Mac App Store?

  Hi ya.. just to let everyone know Apple UK Senior Tech support are aware of this error message that we are all getting as from today and are on the case....

• I have a time capsule connected directly to fiber connection. I have connected a windows server directly to TC and configured it for remote desktop connection. From my interanet I can access srvr but not from my home. What config I need on TC?

  I have a time capsule directly connected to fibre optic point out. All pcs and macs are connected wirelessly to the internet. I have connected a windows server pc to TC. When configured for Remote desktop connection, I can access windows server from within interanet but don't know how to access it from internet. I guess I need to change some settings in TC to get some ip adress for the remote desktop connection from my home. Anyone who can help me out? Appreciate it.
  Narmin

  I am a little lost now.. I have read again your title and your first post.. and they seem inconsistent.
  In the title you state.
  From my interanet I can access srvr but not from my home.
  Interanet is not a word I know.. I assumed intranet...are you talking about internet or intranet? And just to be clear say WAN or LAN.. !! Is your home part of the interanet??
  In the first post you state,
  I can access windows server from within interanet but don't know how to access it from internet.
  Now this is more normal.. the issue is not in the home at all, it is accessible from there but fails from internet. If this is correct, then you can do a few obvious things to determine where the problem is.
  But first I need to know are you actually testing from a different internet connection to your home lan.. you are not just trying the public IP from inside the LAN as that will fail due to the TC not doing NAT Loopback.
  I am also assuming the TC is the only router in the network, and has the public IP on the WAN interface.
  And I am also assuming you have turned on the ping responder and you can actually ping your public ip from the internet and get a response. This helps no end in figuring out where there are issues. Strange but I have no idea if there is a ping responder in the TC WAN so you might need to forward that as well. Also if you have a dynamic public ip address are you using dyndns or no-ip or some other service to connect.
  1. Test bypassing the TC.. plug the internet connection straight into the windows server,, and test if you have access. If yes, the TC is the problem.. if not, your setup on the windows server is wrong.. look at firewall in particular.
  2. Assuming from test 1 the TC is the problem, Post the screen shots of the port forwarding setup for us to look at.. that is by far the easiest way to check it out.
  There are lots of references to port forwarding in the TC.. eg
  http://must-know-mac.blogspot.com/2008/07/how-to-port-forward-time-capsule.html
  The things that generally go wrong are firewall on the computer that is accepting the port.
  The ISP doesn't allow connections on a particular port. (not likely in your case)
  The router is behind another router.. double NAT will kill any port forward.
  Upnp has already allocated a port.. not an issue as TC doesn't use upnp although a reboot of everything after you set port forwards is well worth it.. amazing how things don't stick properly without a reboot.
  IP on the receiving device is not static and so changes.
  Not enough or right type of ports are opened. This is always messier than it looks as one port is often not enough for two way communications.

• Remote Desktop Service Manager - configure permissions for Remote Desktop Users to Send Message, Disconnect, Logoff

  Hello, dear colleagues.
  We are using Windows Server 2012 R2 as Remote Desktop Server. Also use Windows Server 2008 R2 with Remote Desktop Service Manager to control RDS user sessions (Send Message, Disconnect, Logoff, Query Info). 
  Send Message, Disconnect, Logoff options works only for users in Administrators group.
  I can't to configure permissions for Remote Desktop Users, specific user or AD group. 
  To set permissions I'm running RDS Host Configuration on Windows Server 2008 R2 and connect to Windows Server 2012 R2. Then double-click
  RDP-Tcp, Security tab, add specific user account , AD group or configure
  advanced permissions
  for Remote Desktop Users.  
  But, as I sad above, these options works only for users in Administrators group. How to make it work for Remote Desktop Users or specific user, AD group?
  Thanks.
  P.S. If move specific user from Remote Desktop Users group to Administrators group on
  Windows Server 2012 R2 - it works. 

  Hi,
  You can prevent administrators from changing the permissions for a connection by applying the
  Do not allow local administrators to customize permissions Group Policy setting. 
  This Group Policy setting is located in Computer Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Security
  Apart there is one command with which you can set the permission for that check the related
  article. Additionally checkthis
  thread for more detail.
  Hope it helps!
  Thanks.
  Dharmesh Solanki
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Error when uninstalling App-V RDS client: Product: Microsoft Application Virtualization (App-V) Client for Remote Desktop Services 5.0 Service Pack 2 x64 -- Error 1324. The folder path 'C:' contains an invalid character

  Issue:  experienced when attempting to uninstall the App-V 5.0 SP2 RDS client. 
  Event Log:  Product: Microsoft Application Virtualization (App-V) Client for Remote Desktop Services 5.0 Service Pack 2 x64 -- Error 1324. The folder
  path 'C:' contains an invalid character
  Symptoms (when in this current state): 
  Unable to uninstall the SP2 client
  You can upgrade the client (via hotfix) and uninstall the hotfix, but you will not be able to remove the SP2 client
  AppvVfs filter driver will not create an instance, therefore applications will not be able to read into existing streamed VFS content, or trigger sparse files to stream content.  (you can still stream the content via other means, like the UI or powershell)
  Because of the AppvVfs filter driver not instantiating, applications that depend on licences that exist in VFS will not be able to be read causing certain applications to react as if the license does not exist or is an incorrect format

  Resolution:
  Check for the existence of a hidden folder named %appdata% in the C:\Program Files\Microsoft Application Virtualization\Client folder.  (You will need to un-check the folder options box in windows explorer for "Hide
  protected operating system files" to see it)
  If the hidden %appdata% folder exists, delete it.
  Proceed to uninstall the App-V client
  After a clean uninstall and removal of remnants of the client, reinstall the client again and apply the latest hotfix available (Hotfix 2 for SP2 at a minimum).

• Web Access for Remote Desktop on Windows Server 2012

  Hello,
  i've a Windows Server 2012 without a domain. So i installed the remote desktop session host, the remote desktop license server and the remote desktop gateway as a server role only. All is working fine. Without a domain, no management tools for remote
  desktop are available. So i configure the remote desktop via the registry. I define (via registry) some remoteapps, too. All values are copied from a running Windows Server 2008 R2. So the remoteapps are runing.
  Now i want to use the new Microsoft Remote Desktop client for Android. To use a remoteapp i must define a remote resource. To define a remote resource i need a url to the web access for remote desktop. So i installed the web access. But if i login to the
  web access, i don't see any remoteapp. What's wrong? I've set the ShowInTSWA to 1. What must i do to access an existing remoteapp via web access?
  Martin

  Hi Martin,
  Server 2012 RD Web Access is designed to retrieve published RemoteApps and Desktops from a Server 2012 RD Connection Broker and/or a Server 2008 R2 RD Session Host server.  From your description it doesn't appear that you are using either of the above.
  I know it is a more complicated set up, but you should consider having a domain, creating a RDS deployment, etc., so that you can use the full featureset as it was intended.  You can do it all on a single server if needed.  For Server 2012
  there is a hotfix that needs to be applied to permit RD Connection Broker to work on the same server instance as active directory.
  -TP

• Maximum number of monitors used for remote desktop not working correctly

  My goal is to connect from my home to my work machine but limit the number of monitors used to 2.
  At work, I have a machine running Windows 7 Enterprise SP1 with dual monitors. My home machine is Windows 8.1 Pro and it has 3 monitors (on two video cards).
  I followed the instructions of the MSDN blog post about using multiple monitors for remote desktop but cannot get it to work right.
  Here's what I see when I modify the group policy setting "Limit maximum number of monitors" on the target (work) machine:
  Setting - Result:
  1 - 1
  2 - 1 (???)
  3 - 3
  It looks like I can't limit the number of monitors used to 2, I get either one or all. Am I missing something or is this by design?
  Max

  Hi Max,
  Support for multiple monitors is available when connecting from any Windows 7/8.1 computer, however, there are restrictions when connecting to a computer using multi-monitor mode. When connecting to Windows 7 computers, only computers that are running Windows
  7 Enterprise or Ultimate can be connected to in multi-monitor mode. When connecting to Windows 8.1, only computers that are running Windows 8.1 Professional or Enterprise can be connected to in multi-monitor mode.
  Karen Hu
  TechNet Community Support

• Can we implement site catalyst for Remote desktop app like MS dynamics NAV?

  Can we implement site catalyst for Remote desktop app like MS dynamics NAV?
  please throw some insight

  Hi,
  Thank you for posting in Windows Server Forum.
  Does this happens for this particular application?
  For a test you can publish Notepad\WordPad as RemoteApp and check whether facing same issue. Please check the result and let us know. If it’s working normally then might seems there is some configuration issue with MS Dynamics App. 
  Does this happens for all user or specific users?
  Which version of RDP Client you are using for client system?
  Try to install RDP 8.1 for better feature.
  Update for RemoteApp and Desktop Connections feature is available for Windows
  http://support.microsoft.com/kb/2830477
  Hope it helps!
  Thanks.
  Dharmesh Solanki
  TechNet Community Support

• App Store keeps asking me to download update for "Remote Desktop Client Update 3.8.2 v1.1 but I have never purchased Remote Desktop Client

  Hi, the App Store keeps asking me to download the update Remote Desktop Client Update 3.8.2 v1.1 but I have never purchased Remote Desktop Client so I am unsure why it is asking me to and worry that someone is trying to spy on me!  Does anyone know why this is?  Thanks in advance!

  I find it interesting that since Screen Sharing is available, and works "just fine" that a Remote Desktop Client would be needed to be installed.
  I installed it, but I'm not sure why.
  I found the updated application in /System/Library/Core Services/RemoteManagement/ARDAgent
  Which is also where the screen sharing and vnc bundles live.  I clicked on it to see what would happen -- nothing.
  I found these ports in another discussion
  TCP and UDP port 3283
  TCP and UDP port 5900.  (Also used for Screen Sharing in OSX 10.5 and later)
  port 22
  This page confirms their use along with the use of other ports:
  TCP and UDP ports used by Apple software products - Apple Support
  Additionally TCP port 5432 is used by ARD
  Having recently noticed (through "network utility" that my computers have had a "ton" of open connections.
  This severely hurt system performance.
  I note that neither my Airport Express nor my Mac can set up a firewall on these ports.
  While I haven't noticed the ARD ports being used, I cannot help but wonder if this is set up for a CIA/NSA backdoor into my computers.
  On a less paranoid level, perhaps Apple is planning on adding on-line help to debug our problems in "real-time".  ;-)

• New to server, need VPN for remote desktop and file share...

  I've set up server and have the VPN working, I think, I need to have several outside systems join the servers VPN permanently to allow for file sharing and remote desktop. I don't want the "normal" internet browsing to go through the VPN (huge slow down) I have read that a "split DNS" or "split tunnel" is what I need, then to disable "send all traffic over VPN connection" option on each remote system. I was a little confused after reading on how to do this on Leopard server (the only instructions I found) but have absolutely no idea on how to do this on Snow Leopard server (the server I set up is 10.6) any assistance would be great, thanks in advance.

  Server Admin, VPN, Settings, Client Information, Network Routing Definition.
  Here add a private network record type that matches your LAN/VPN ip.
  For example
  IP Address: 192.168.0.0
  Mask: 255.255.255.0
  Type: Private
  You can find more informations about this feature in Snow Leopard Server documentation:
  http://images.apple.com/server/macosx/docs/NetworkServices_Adminv10.6.pdf
  search for "Configuring VPN Network Routing Definitions"

• High availability SQL Server requirements for Remote Desktop Services in Windows Server 2012

  Good night,
  Thanks for reading this question, I do not write much English.
  I am implementing Remote Desktop Services in Windows Server 2012, I need to know the size of the database to create and feature on the .mdf and .ldf, I searched in different microsoft link but I have not received a response.
  Kindly appreciate your cooperation and attention.

  Hi Alejandro,
  I am implementing Remote Desktop Services in Windows Server 2012, I need to know the size of the database to create and feature on the .mdf and .ldf
  If you want to know the size requirements of .mdf abd .ldf files, since they are parts of SQL database, I suggest you refer to SQL forums below to get more professional support:
  https://social.technet.microsoft.com/Forums/sqlserver/en-US/home?forum=sqlgetstarted
  https://social.technet.microsoft.com/Forums/sqlserver/en-US/home
  In addition, here are some articles regarding RDS deployment for you:
  Remote Desktop Services Deployment Guide
  https://technet.microsoft.com/en-us/library/ff710446(v=ws.10).aspx
  Remote Desktop Services (RDS) Quick Start Deployment for RemoteApp, Windows Server 2012 Style
  http://blogs.technet.com/b/yungchou/archive/2013/02/07/remote-desktop-services-rds-quick-start-deployment-for-remoteapp-windows-server-2012-style.aspx
  Best Regards,
  Amy
  Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

• AAA Radius Authentication for Remote VPN With ACS Server Across L2L VPN

  Hi,
  I have an ASA running fine on the network which provide L2L tunnel to remote site and provide Remote VPN for remote access users.
  Currently, there is a need for the users to authenticate against an ACS server that located across the L2L VPN tunnel.
  The topology is just simple with 2 interfaces on the ASA, inside and outside, and a default route pointing to the ISP IP Address.
  I can ping the IP address of the ACS Server (which located at the remote site, IP addr: 10.10.10.56) from the ASA:
  ping inside 10.10.10.56
  However when I configure the ASA for the AAA group with commands:
  aaa-server ACSAuth protocol radius
  aaa-server ACSAuth host (inside) 10.10.10.56 key AcsSecret123
  Then when I do the show run, here is the result:
  aaa-server ACSAuth protocol radius
  aaa-server host 10.10.10.56
  key AcsSecret123
  From what I thought is, with this running config, traffic is not directed to the L2L VPN tunnel
  (seems to be directed to the default gateway due to the default route information) which cause failure to do the AAA authentication.
  Does anybody ever implement such this thing and whether is it possible? And if yes, how should be the config?
  Your help will be really appreciated!
  Thanks.
  Best Regards,
  Jo

  AAA is designed to enable you to dynamically configure the type of authentication and authorization you want on a per-line (per-user) or per-service (for example, IP, IPX, or VPDN) basis. You define the type of authentication and authorization you want by creating method lists, then applying those method lists to specific services or interfaces.
  http://www.cisco.com/en/US/docs/ios/12_4/secure/configuration/guide/schaaa.html