[THIN] Re: restricted RDP connections

• From: "James Scanlon" <James.Scanlon@xxxxxxxxxxxxxxxx>
• To: <thin@xxxxxxxxxxxxx>
• Date: Tue, 28 Jun 2011 10:02:17 +0100

has the RDP client changed or been updated?
Can you disable the NLA in an RDP file and then try the connection?
 
http://sogeeky.blogspot.com/2007/04/how-to-disable-credentials-prompt-of
.html
edit the rdp file and add - enablecredsspsupport:i:0
 
I guess then you know its definitely disabled both ends then... ?
 
________________________________

From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Steve Snyder
Sent: 28 June 2011 09:29
To: thin@xxxxxxxxxxxxx
Subject: [THIN] restricted RDP connections


I'm baffled by this one

two W2K8 TSE servers, both have local policies set to allow 2
connections and also *not* require NLA. One day both servers start
prompting for credentials before establishing the connection and I can
only make 1 connection to a server; I don't even get the preconnect auth
prompt just an immediate "can't connect" error.

However, run a RSOP on both boxes and NLA is still disabled and
connections are still limited to 2. Searched the registry for
UserAuthentication and every value is set to 0, content of LSA\Security
Packages is kerberos msv1_0 schannel wdigest tspkg


Ideas?




______________________________________

C. Hoare & Co. is authorised and regulated by the Financial Services Authority 
with registration no. 122093.  The FSA’s address is 25, The North Colonnade, 
Canary Wharf, London E14 5HS.
Registered in England no. 240822.  Registered office 37 Fleet St, London, EC4P 
4DQ

Confidentiality Disclaimer:
This message and attachments are confidential and may be privileged, and are 
sent for the personal attention of the addressee(s).  If you are not the 
intended addressee, any use, disclosure or copying of this document is 
unauthorised. Information transmitted by email may be intercepted, lost, 
destroyed, corrupted or delayed and as a result, C. Hoare & Co. do not accept 
responsibility for any errors or omissions in the contents of this message. If 
you would like to confirm the contents of this email, please request a hard 
copy version.

If the contents of this message are of a personal nature, the email will have 
been sent in a personal capacity and not on behalf of C. Hoare & Co.

Monitoring/Viruses:
C. Hoare & Co. may monitor all incoming and outgoing emails in line with 
current legislation. Although emails are screened for viruses, C. Hoare & Co. 
cannot guarantee that any transmissions will be virus free.
________________________________________

• Follow-Ups:
  • [THIN] Re: restricted RDP connections
    • From: Steve Snyder

• References:
  • [THIN] restricted RDP connections
    • From: Steve Snyder

Other related posts:

• » [THIN] restricted RDP connections- Steve Snyder
• » [THIN] Re: restricted RDP connections - James Scanlon
• » [THIN] Re: restricted RDP connections- Steve Snyder

1. Home
2. thin
3. Archive
4. 06-2011

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---