All Questions
Tagged with rdp active-directory
60
questions
0
votes
1
answer
58
views
RDP Hostname gets NLA error, RDP to IP address works
I have a local Domain Controller (DC02) with a relatively simple AD setup that has been there for quite a few years now - maybe 6-10 years. I've moved a few of the VMs from one hypervisor to another (...
- 103
1
vote
1
answer
83
views
How RD Gateway passes credentials to target RDP
How are credentials passed CredSSP in remote desktop gateway to the destination RDP machines?
Is the TLS tunnel created just like regular RDP sessions?
Is HTTPS used?
I was thinking something like:
...
0
votes
1
answer
237
views
Windows Server 2022 unable to logon due to no Remote Desktop License Servers available
Summary
I need to allow Windows Server 2022 to allow unique users to RDP to the server at the same time. I believe this was the default behavior that was working for about a month, before the error ...
- 126
1
vote
1
answer
106
views
Unable to log into RDP session on remote site servers using domain creds
The Setup
I have a single on-prem Active Directory domain. The domain is configured with 3 AD sites, each with a global catalog domain controller. Site A is the main hub, and Site B and Site C are the ...
- 111
0
votes
0
answers
30
views
Allowing users to Utilize Remote Desktop Connection on their PC
Hi everybody i need help with this issue. So currently all users cannot connect in via RDP unless they are an administrator on their PC.I want to enable RDP access to all users , but Windows cannot ...
- 1
0
votes
2
answers
161
views
With multiple RDP certificates, do all get checked?
If a Windows host has multiple RDP certificates. Do all get checked while connecting or only the first found?
I have a RDP certificates deployed from an Root CA with now invalid OCSP location in the ...
- 83
0
votes
0
answers
427
views
RDP login by hostname does't work
Hi since last 2 month and after new Domain controller were added to our infraestructure (Widnows server 2019), RDP login by hostname does'nt work or is intermitent. DNS resolution its working fine, ...
0
votes
1
answer
2k
views
Unable to login via RDP into a VM from a domain joined Windows client to a VM that is joined to another domain
The setup is the following:
Windows VM (Domain Joined to Domain A (Internal) - AD is under my control) [Windows Server 2022]
Windows Client (Domain Joined to Domain B (External) - AD is not under my ...
- 101
3
votes
0
answers
308
views
Active Directory: how to get rid of NTLM when we have remote users (road warriors)?
I want to disable NTLM completely. I don't want password hash to be stored in memory because of pass-the-hash attack (people don't have SeDebugPrivilege but anyway NTLM is not good)
But people connect ...
- 211
0
votes
2
answers
1k
views
Nested AD Groups RDP permission not applying to new Windows Server 2019 VM
Similar Issue with no responses: Nested AD groups working in local computer groups, but certain servers fail to allow RDP?
I am only new to this environment and the person I took this over from also ...
- 1
0
votes
0
answers
218
views
Can I use AD CS to Authenticate Domain Users Instead of a Password?
I have a number of Active Directory Domain User Accounts, which function essentially as service accounts. I'd like to avoid having to rotate the passwords for all of those domain user accounts, and ...
0
votes
1
answer
1k
views
RDP and GPO setting Server Authentication certificate template (Microsoft Windows Server 2016)
We want to force Remote Desktop to use a certificate based on a particular named template rather than using a self-signed certificate. This works in forests with a Certificate Authority server, but ...
0
votes
2
answers
144
views
Win 10 PRO users don't get access to RDP
On the user PC (in domain) in settings they can see that RDP is turned off but the possibility to turn it on is disabled with the message:
"Some settings are managed by your organization".
...
- 139
-1
votes
2
answers
79
views
Remote work with windows rdp
We have 20 Windows XP pc in a Windows 2003 domain controler/ActiveDirecory. In the same domain we have a Windows 2016 "large" physical server (most of the time not in use). Because we have ...
0
votes
0
answers
387
views
Nested AD groups working in local computer groups, but certain servers fail to allow RDP?
I have 100+ servers, I have added a Universal AD group to the local servers Adminstrators Group based on the server's name. Within this AD group I have nested various AD groups as is appropriate for ...
- 1
1
vote
0
answers
331
views
After Update, All Active Directory Clients / Server have Black Screen
I have the following problem. The latest updates have been installed since yesterday (28.06.2020). I have the problem with 2 systems that I can no longer connect to them.
This affects RDP, as well as ...
- 11
1
vote
1
answer
1k
views
Create custom Group Policy to control RDP access to VMs
When I add a new user to our on premise Active Directory, I want to assign that account to specific security group such as “Prod Group”, “Developer Group” or “Support Group”.
My goal is to control ...
- 143
1
vote
1
answer
136
views
can't find DFS with other user in RDP session
I connect with RDP to Windows 10 with a user than not have privileges over te DFS. For this reason, Windows request other credentials. I put the credentials of a user with privileges but Windows don't ...
- 33
0
votes
1
answer
156
views
Does the destination computer of a Remote Desktop Connection count as a Remote Desktop Session Host? (in terms of GPO configuration)
For example - If you open a Remote Desktop Connection to Dets-PC likes this:
"Normal" Remote Desktop Connection Note: Dest-PC is just a normal Out-of-the-box Windows Server with no additional ...
0
votes
1
answer
3k
views
user login from another domain (Transitive Trust Established)
I have setup a two way transitive forest trust between two domains (Domain A & Domain B) successfully. Now when I try to RDP as a user in domain A ([email protected]) into domain B it is ...
- 113
4
votes
0
answers
378
views
Microsoft RemoteApp via TS Gateway initial connection load very long (over 2 minutes)
The Enviroment
We do have a RemoteApp Terminalserver, based on a Windows Server 2016. Latest Updates are installed. We have provisioned multiple apps through this server. There is one Session ...
- 39
0
votes
1
answer
67
views
RDP from Win7 to Win10 doesnt work - from Win10 to Win7 works - GPO?
We are planning to switch our company's machines from Win7 to Win10 in the near future. We have 2 available domains, lets call them domain1 and domain2. We use domain2 for our current enviroment and ...
- 21
1
vote
1
answer
190
views
Deny RDP access to specific server from a particular user via GPO
I have a security issue.
How can I deny RDP access to a specific server(critical server) for a particular Active Directory user using a Group Policy Object (GPO) ?
- 11
1
vote
1
answer
214
views
How to distribute RDP certificates from ADCS to non-domain members?
I have a few hundred systems that are not AD-joined, for which I'd like to issue RDP certificates from an internal hierarchy (built with ADCS).
I can do it manually, by generating CSRs, then signing ...
- 890
1
vote
1
answer
51
views
Active Directory Domain name(s)
I've successfully created a test AD domain and joined several machines to it, for the purposes of this post I'll call the domain "TEST.COM". Everything seems to be working perfectly, except for one ...
- 143
1
vote
1
answer
71
views
Initialize RDP user, only via FTP
I have a rather unique issue, and was wondering if there's a simple solution to this that I am failing to find.
I have a Windows Server 2012 instance running remotely, that I have no physical access ...
- 11
1
vote
0
answers
182
views
Should servers at the datacenter be in the same or different Active Directory to our office?
We have 4 servers in a managed datacenter (including 2 local Domain Controllers) to host our web applications.
Our 20 person office uses Azure AD.
Engineers/DevOps access our servers via RDP (using ...
- 400
3
votes
3
answers
15k
views
RDP presents Self-Signed certificate instead of Certificate Authority's one
Few days ago I witnessed a strange problem within my domain:
During RDP connection I see warnings about certificate being not trusted (and I see self-signed certificate, not issued by domain CA)
I ...
- 191
1
vote
2
answers
440
views
RDP - Access a domain user
I have :
An Active Directory with the domain name : domain.com on a machine A
An admin domain user named controller
A machine B running Windows 2008R2 joined to the AD
I want to connect to B ...
- 113
1
vote
1
answer
1k
views
RDP access to domain controllers ("Allow Logon through Terminal Services" GPO)
I have a problem. I set GPO on the "Domain Controllers" OU with "Allow Logon through Terminal Services", where I set one user group. I wanted to assign RDP access to group of technicians. But after ...
- 145
2
votes
2
answers
10k
views
Windows Server 2016 how to give shadow rights to a user who is not a administrator?
We're using Active Directory and currently, only our Administrators who log in to Domain Controller can shadow RDP sessions. From there they're shadowing RDP sessions on another Windows Server 2016.
...
- 123
0
votes
1
answer
1k
views
Cannot RDP from Ubuntu to WS 2016 with Domain User
Im trying to use Remmina to RDP from Ubuntu to Windows Server 2016. I think it's not a Remmina issue since i can RDP with Administrator but i cannot do it from domain users.
RDP CALs are installed ok,...
3
votes
1
answer
2k
views
Windows Server 2003 - applied WCRY patch - restarted then RDP Failed (the workstation driver is not installed)
Installed the WCRY patch found here http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598
After restarting, the server started having issues with the network interface.
RDP does not work, ...
- 81
0
votes
0
answers
1k
views
Best Practice for creating a Vendor account on AD for RDP into a single server?
I have been tasked with creating an account on our Domain for an outside vendor to RDP into a single server with Admin access and have access to nothing else.
I've spent a whole day spinning my ...
2
votes
1
answer
2k
views
Connect to X Windows with username with spaces
I have an Ubuntu server 16.04.01 LTS, which I want to use as desktop for remote users connecting from thin clients and via RDP from Windows machines.
For Ubuntu-local users, this works, I can connect ...
- 533
0
votes
1
answer
4k
views
Windows Server 2012 R2 will sometimes fail to authenticate logins with domain (RDP, SQL Server)
We have the following setup currently:
Active Directory Domain Controller server that is running Windows Server 2012 R2
Database Server with SQL Server 2014 that is running Windows Server 2012 R2 (...
- 31
-1
votes
1
answer
3k
views
Remote Desktop to 80% of my servers do no longer work ("User account restriction") from just one of my PCs
I came into work last week, checked my first ticket (easy to fix one), RDP'd into the server needed for this and the login did not work. After clicking 'connect' I got the "Unable to Log You on ...
- 4,847
0
votes
1
answer
156
views
When using RDP to log into a remote domain do my local domain logon scripts apply?
I've been asked to set up a user on our network with RDP access to a RDS server on a remote domain. We have set up the VPN just fine and the remote RDS server is reachable. The issue thus far is that ...
- 518
1
vote
2
answers
328
views
Allow remote desktop service to dc from specified computers
I'm planning an architecture of secure terminals only to access DC's.
So i have 2 computers which are secure and if i want to connect to the dc's i will have to log into those computers
So what i ...
0
votes
2
answers
247
views
Windows 2008 r2 RDP issues
I have machines on another network, I am finding some strange behavior. I can RDP onto some machines, other machines I receive this error.
Logon: "You must be granted the Allow log on through the ...
- 3
1
vote
1
answer
2k
views
How to secure AD administration with MFA
I'm evaluating an MFA solution such as Duo or Okta (any one have an opinion on that?). Adding MFA to web logins is straight forward but I want to add another layer of security to our Active Directory ...
- 63
0
votes
1
answer
8k
views
List all servers a user is connected to using remote desktop
Is there a way to list all servers, that a given user is logged into in the entire active directory?
Something like...:
QueryRdpConnections -user BobAdmin
Result...:
Server
---------------...
- 1,069
0
votes
1
answer
88
views
Unwanted server access
I have blocked the RDP to be only posssible via a specific IP address . For that purpose i have done it through the security groups of Aamazon EC2.
However i noticied that someone is still trying to ...
- 553
0
votes
1
answer
96
views
Why can't I give RDP access to AD users without RDS installed?
I have a Windows Server 2012 with three users. I want them to be able to access the server over RDP, however I don't need licensing for my purposes and therefore RDS seems a bit overkill to me. (I am ...
- 266
0
votes
2
answers
863
views
Starting application on RDS connection
I have the following servers:
Server 1 - Windows 2003: The original Domain Controller for AD, DNS Server
server 2 - WIndows 2012: The latest server, upgraded to a domain controller too
Now when I ...
- 11
1
vote
0
answers
4k
views
Cross Forest Authentication - RDP - Have to Manually Specify Domain
We are having an issue when a user in forestB is connecting via RDP to an XP system in forestA. We are in a transitional state where some users have migrated to our new forest (forestB) but still need ...
- 11
0
votes
2
answers
6k
views
Can't RDP to domain member as a domain user
I've added a new domain user - who is a member of the "Remote Desktop Users" group, but they are unable to log in to a domain member.
The error in event viewer is
Account For Which Logon Failed:
...
- 221
6
votes
3
answers
62k
views
How can I check what machines I'm logged into within a domain?
I often find myself RDP into multiple machines and have the connection time out, keeping me logged in. I then forget where I've been and my account stays logged in, blocking other users from accessing ...
- 165
4
votes
1
answer
2k
views
Create a Lockout policy for RDP
In my city there was a recent incident that some hackers login to a server by using brute force attack on RDP. I have got a server and I want to enable some security policy to lockout the account if ...
- 151
1
vote
1
answer
451
views
Use vmconnect from another AD domain
I try to connect remotly to the KVM (console) of an Hyper-V Virtual Machine using vmconnect.exe but I'm dealing with some kind of a problem :
When I connect from a computer within the same AD of my ...
- 218