BrokeBerry

Attack Computer Wiz

A Security & Technology Weblog

Windows 2008 server adds an extra layer of security when connecting via Remote Desktop. When enabled, legacy RDP Clients will not be able to connect to W2K8 Servers. If you are using Windows 2008 or Windows Vista as your client, everything is in place and you should be ok out of the box (just follow the first 4 steps and stop). But if you are running Windows XP you will need to make some minor registry tweaks to get this working.

First of all you need to turn on Network Level Authentication on your Windows 2008 Server. To do this simply follow the below steps:


1. Right click on the ‘My Computer’ icon and choose ‘Properties’.
2. Click on ‘Remote Settings” on the left side of your screen.
3. Now select the third radio button to set “Allow connections only from computers…”
4. Click Apply, OK, and exit your RDP session.

In order to configure your Windows XP client you must complete the below steps in to enable the Credential Security Service Provider (CredSSP):


1. Confirm you are running, Windows XP With Service Pack 3
2. Confirm you are running, RDP Client Version 6.0.6001 or better (Open RDP, right click the title bar, choose about)
3. Enable Network Level Authentication support:

1) Click Start, click Run, type regedit, and then press ENTER.
2) In the navigation pane, locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
3) In the details pane, right-click Security Packages, and then click Modify.
4) In the Value data box, type tspkg. Leave any other data and put the tspkg at the very bottom on its own line, and then click OK.
5) In the navigation pane, locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders
6) In the details pane, right-click SecurityProviders, and then click Modify.
7) In the Value data box, type credssp.dll. Leave any other data and put the credssp.dll at the end separated by a comma, and then click OK.
8) Exit Registry Editor.
9) Restart the computer.
10) Open Remote Desktop.
11) Right click in the title bar, choose about, and confirm the line near the bottom reads “ Network Level Authentication supported”
12) Click OK.

4. Finally you MUST connect to the W2K8 servers using the machine name, not the IP address.

That is all there is to it. You should now be able to connect your Windows XP Sp3 desktops to the NLA enabled Windows 2008 Server.

user Posted by John "Mike" Wright

| More

0 comments

Post a Comment