Remote Desktop Services (Terminal Services) Team Blog

PingBack from http://blogs.msdn.com/ts/archive/2007/01/22/vista-remote-desktop-connection-authentication-faq.aspx

Unfortunately, we do not know when the required pieces for Windows Server 2003 R2, WinXP, etc. will be available.

Como sabéis al usar el cliente 6.0 de Remote Desktop normalmente pide validación antes de entrar en el

Some places have been suggesting to use 'enablecredsspsupport:i:0' as a way to avoid getting prompted for username and password on RDP connections. The side effect is that it also disables Network Level Authentication support in Vista and Longhorn, whic

I've experienced a delay between the first prompt and when the terminal session window finally comes up. Its not uncommon for that delay to last almost 30 seconds as I just see a box with "Connecting to <servername>" displayed.

Is there anyway to remedy this? The only suggestion that I've found that worked was to disable Netbios over TCP/IP. That's not really feasible for me as it disables too many other features as well.

Why mess with a good thing?  Not one admin I've spoken to since 6.0 has said anything nice about the new RDP client.  In fact, many times over, there have been dismay and expressions of anger.

If anything, the 6.0 client SHOULD have a check box where we can either do it the way it's always been done (i.e, 5.0 way of doing things) or the new Microsoft way.

I HATE having to type credentials in only to find out I can't connect to the box.

I've actually heard colleagues try to find 3rd party RDP clients because of this situation.  JavaRDP comes to mind.

And frankly, this situation could have been avoided if more customers were involved in that strategic direction.

@Jonathan: "Why mess with a good thing?"

It's called improvement.  The new RDP adds additional authentication, which is something that many of us want to see.  There may be some problems in the implementation, although it works for me just fine on the machines I maintain.  I just want to see Microsoft release RDP server for Windows 2003 that includes authentication.

I think a lot of people get caught up in the "change is bad" attitude.  I suggest you find jobs in more slow-changing industries.  If you don't like change, then IT is not for you.

@Patrick, My RDC client in Vista saves all my user name/passwords for all the different machines I connect to, without having to save individual RDP files, as I did in XP.  Is that not working for you?  I think the new system is more convenient, because it stores the credentials without having to save lots of files.

I do, because it is more convenient, and I don't see any disadvantage in doing so.

Today I received an angry call from one of our branch offices, telling me that most terminal clients don’t work anymore. Further inspection revealed that the cause is the new handling of credentials in TSC 6.0: The terminal clients are XP machines with a custom GINA that invokes mstsc.exe (within the guest account context) with a pre-defined tsc.rdp file upon CTRL-ALT-DEL. The RDP file contains the username and domain. Thanks to the new “ignore” feature, this doesn’t work anymore and users complain why they have to provide the username and why they have to do this twice (wrong domain name). I just hope that the “store password” feature is disabled under guest account context; otherwise I can kiss security good-bye. Well, I guess its my fault for trusting Microsoft and enabling auto-approval at WSUS. Because removal isn’t possible, I’m now honored of having the privilege to set-up new clients from scratch. But believe me, this time it’s going to be a Linux solution using rdesktop or something alike.

@Zardosht:

First of all, thanks for your answer. Allow me to elaborate the problem to further extend.

“If your users enter the username with the correct domain the first time around, they should not have to enter the username twice.”

The problem is that most users don’t know what a domain is. Seriously. Up to now, the domain name was stored within the RDP file and was preset, no user knowledge or interaction required. Now they have to retype the domain name every time they log on after somebody else, since a terminal client is used by many users connecting to the same server, or carefully select the previous username with the mouse up to the backslash and change the text, which might even take longer. So not only do they have to know what their domain is, they also have to keep in mind how to combine it with their username correctly.

However, that’s not the real problem. The real problem is the “save credentials” option, which is enabled by default. I know that it can be disabled by calling mstsc.exe with /public but guess how surprised I was to find out that now one terminal client user could actually open his/her account to everyone else!

So either change the custom GINA to call mstsc.exe with /public or set enablecredsspsupport:i:0. Well, I choose the second option. Now the only thing users have to do is to select their domain from a list of three (well actually four), which is tolerable. I just don’t get it why you chose to ignore the username/domain settings in RDP files even if enablecredsspsupport is disabled.

Otherwise, the new Remote Desktop seems to be awesome. Spanning, seamless apps,... Thumbs up on those new features.

Bryan: The behavior you see is the intended behavior for the credentials dialog throughout Windows Vista.

Bryan, thank you for your feedback. However, this is not a Remote Desktop issue. The credentials dialog is a property of Vista, not Remote Desktop. You will also see the same dialog when you try to join your machine to a domain.

I will forward your feedback to the appropriate people.

As usual Microsoft throws caution to the wind, ignores the whole concept of backwards compatibility, and decides to take something that half worked, and screw it over completely.

The Authentication implementation is a joke, it seems to drop the connection, takes ages to connect to any server... Surely people who implemented it were using it everyday to check whether it is indeed usable.

Just like VS 2005 SP1, it fixes somethings, but breaks others, and the thought of having to compile a .Net 1.1 application in 2005? Gasp, horror and God no.

Thank goodness I can take it off via an update rollback and the old one seems to work okay.

Progress and change are good, as long as their beneficial and don't implore some fundamental problems.

need help here...just upgraded my vaio from XP Professional to Vista Ultimate...here I am away on business and now I cant connect to my office...really bad news...costing me hndreds of thousands of dollars...I am eliminating vista for good, how do i remove vista and roll back to xp???? help me quick

@ Stan

Its called backup your data and reinstall XP, there is no rollback

I upgraded my XP Professional to Vista Ultimate, so why is it that I can NOT connect to  my office computer using Remote Desktop? It did work perfectly on the XP and very quickly....Is there something I need to do? It asks for my screen name and passwrd, but will not accept it.... Please help...and advise

Thanks

Stan , Miami FL

Rosalie, You can get it from Windows update.

@ Patrick

You miss the point, its not offering a new protocol/client and creating updates for the old OS's out there...

its making the client have the SIMPLIFIED ability to run as its predecessors.

ie. you click on the options button and change the Default Security behavior from that of RDP6, to be that of RDP5... that way the client can act like RDP 5 did and won't require pre-filling out the user and password.

Now let me also expand on THAT part.. have you ever fat fingered an IP or host name?

So then how secure is it, if you have a user fat fingering IP's or Hosts, putting in their user credentials, and then sending them off to some unknown IP somewhere?

The point of the credentials first wasn't security on the client side, and wasn't really security at all from what I've gathered.. but rather to make a DoS attack less easy to the server, by making the authentication happen *before* the server creates a user login space, and uses those resources.  Thus no denial from opening 100 connections to the server, it attempting to create 100 sessions with only 512 megs of ram, or any other resource the server doesn't have ample supply of..

And that part is actually even more simple... that is handled by having VPNs!  Client double clicks the icon, it starts the local VPN to office connection, and then starts RDP to the server of their choice..

It just seems microsoft didn't get that people actually have to work with their softare, and that people wouldn't be so annoyed by some BS stance on security.  Well.. they were wrong again..

just like forcing people to use UNC style naming for domain\usr ... there is NO need for the user to understand UNC if they have three boxes (user / pass / computer or domain)

OK, I'm not a Terminal Services expert and I don't understand half of this nonsense, I merely have a 2000 Terminal Server with access restricted to a single App through the RDP client. This is all internal.

So my boss gets "Automatic Updates" and installs this stupid RDP client (to take issue with Patrick this update was installed by our German IT manager and he wouldn't have known it would cause all these problems even if he'd read the update notes. It is so trivial I don't blame him, it is down to MS to decide what are "appropriate" updates and suprise suprise they pick one which causes me a couple of hours work and sends us all gaily skipping down the path to Vista upgrade through exhaustion).

OK, so I've got around the dual login issue no problem.

As far as I can see you haven't answered the domain problem. It is this. In the old RDP client you could input a server name and a domain to log onto, then the client would log into the particular server, but the login screen would be populated with the domain name.

As it is there doesn't seem to be a way to get the client to do this any more, therefore the dialogue defaults to logging onto the server, however I want them to default to logging onto the domain, they don't have a server account.

End result they have to change the server name to the domain name every time.

You've mentioned this but you don't seem to understand the problem, and everyone else appears to have given up on it.

So, How to I get back to where I can store credentials?  My RDP either has only the Delete option for credentials (on RDP files I previously had stored), or for a new RDP file, only says Credentials will be prompted for when you connect.

I need to change a password and cannot find out how to get to the edit option, and for new connections, really want to save credentials.

Saved credencials my be a good thik, if I could get it to work.  Otherwise, it's a pain to enter that info in twice.  I agree that we should have a choice.  And who idea was it to remove Hyper Terminal?  I found the download and reinstalled and it works just fine.

RSC

www.schmooseme.net/vista

Some places have been suggesting to use 'enablecredsspsupport:i:0' as a way to avoid getting prompted for username and password on RDP connections. The side effect is that it also disables Network Level Authentication support in Vista and Longhorn, whic

RDP6 is very annoying.

It doesn't save my password when I connect to a Windows 2000 server.

As a domain policy, we have to change our password every month or so. Everytime I change my password, my TSC saved credital needs to be updated again and I could not remember which one I've updated, which one not!

Plase fix it!

I have no problems connecting.. My problem is that it is SOOOO SLOOOWWWW.. Its virtually painting the screen on one block at a time.. Connectin via WinXP is perfect, Vista is so slow i have no idea.. I have stripped it down to basics...  i can not get it to work right at all.

Is it not possible for mstsc.exe to automatically present the currently logged on user's credentials to the server?

I need to RDP to about 250 servers, finding the right .rdp file will take me longer than typing my domain\password.  Not to mention that my password changes every 60 days, rendering my .rdp file pointless.

I've also got a problem involving smartcard.  For servers in a different domain, I authenticate my RDP session with smartcard and PIN.  This never works, throws errors on both my Vista x64 desktop and the Windows Server 2003 R2 machine in the other domain.  I know my smartcard is working though, because I can log on to Vista with it, and I can RDP with smartcard credentials to servers in the other domain from Vista x86 or XP desktops.

Please advise - with all versions of vista OS the connection to our 2003 terminal server is so slow! I will hit connect and the login screen starts painting itself one section at a time and never finishes and then finally just goes away. Any solutions to this?

Hello all,

   I finally found the answer to why I have been having connection problems using my Vista workstation with Remote Desktop trying to connect our 2003 terminal server.

  After first connecting to the terminal server and logging in successfully to the session, the login screen moves really slow, painting the display one pixel at a time and finally just locking up all together.

   Because of Vistas low initial setting on it's Auto Tuning feature I had to create a new shortcut on the desktop.  Enter the command "cmd" as the shortcut command.

Right-click on the shortcut and select "Run as Administrator".[You will be put in a DOS box]

Type "netsh interface tcp set global autotuninglevel=disabled"

[You should see a successful message]

I had to create the shortcut and use the run as command even though my user was an administator equivalent. Not sure why, but it worked.

How can i get updated Remote Desktop Client for Windows XP that support Network Level Authentication?

When I put in MYDOMAIN\Administrator in the credentials for a W2000 server connection, it connects OK but saves Administrator@MYDOMAIN in the registry, and displays this next time I connect.  BUT W2000 only displays Administrator@MYDOMA (ie 15 characters), so you have to change this every time!  It passes the correct string to a 2003 server.  Why can't it either keep the MYDOMAIN\username in the registry (as I initially entered) which works on 2000, or drop what's after the @ sign and use it to select the domain on the 2000 login screen?

is it no longer possible to save more than one username/pwd pair for a particular terminal server? I rely on the security of my workstation, and thus trus that my .rdp files and saved username/pwd combinations are safe. What possible security beneffit could be derived from no longer being able to store more than one username/pwd pair for a particular terminal server?!?!?

In the "How to remove invalid pre-populated domain names", I want to know the details why this was done for various reasons in Vista.

Even if they are too complicated the users should still have the right to know.

I have recently upgraded the remote desktop client on my windows xp box and one of my win2003 servers. I can no longer connect to the win2003 server anymore from the xp workstation. I keep getting the error

The client could not connect to the console of this computer. A new console session cannot be established.

Tried connecting to the console session with /console. Tried rebooting both boxes as well - no avail.

I can connect to another (non upgraded) server OK and from that connect to the actual server I want, but this is not a satisfactory solution.  Do you know what I need to do.

Akhtar

So if I use the new client on an XP box to connect to another XP box, and the destination XP box has the Novell Client installed, will I always have to be prompted for credentials twice?  I'm assuming yes, and that's really annoying.

I've searched around but can't find any information on how to set it so that when anybody connects to a Vista RDP session, they have to manually type in the username/password, versus having the popup screen with the available accounts displayed.

We've already tried setting "Do not Enable Ctrl-Alt-Del" and set it to Disabled.

That works for the interactive desktop, but not remote desktop sessions.

Any thoughts or pointers in the right direction?

--John

No matter how hard you guys try to explain this, it remains a frigging nightmare for a system administrator. Easy solution: detect remote server, if Vista or Longhorn use new way, if anything else use old method.

This is costing me so much freaking time it's not even funny, way to release beta crap to the public. Gimme back my old RDP client.

I can only say that at EVERY SINGLE SYSTEM I sit down that where the 6.0 client is installed I install the 5.2 R2 client even on Vista machines (I carry it on a USB key it’s that annoying to me).  The 6.0 client is just flat out horrible.  It's dog slow, dangerous (saving the username gives someone 1/2 of what they need to get into a remote system and offering to save a pwd EVERY SINGLE time is just flat out ridiculously dangerous with all the laptops that get stolen each year), and VERY time consuming.  What, ‘how is it time consuming’ you ask, ponder this...  A customer domain and username that's 20+ characters long with a pwd that's equally as long, it's 2AM and I get a page saying something on their LAN is flaky so I get out of bed and try to connect only to find out their TS is not online either.  I’ve spent the time entering the domain\username and pwd only to find out their TS isn’t available.  This is the flat out dumbest thing I've ever heard.  

Yes, I can use the hack to stop it from prompting me but I have 200+ .rdp files, how do you suggest I make this global change?

Under an SRX we opened with this we had many other concerns about the 6.0 client that just make the 6.0 client unusable for an admin (or support desk tech) who connects to dozens if not hundreds of remote systems.  First, the PR about how you authenticate before you connect is almost laughable (exactly how many production Terminal Servers support this today?).  I’m sorry but a connection is a connection, period unless you’re going to start issuing some sort of cert to each and every user but even then you’re sending info that cannot be authenticated because you offer to save usernames & pwds.  If I pass a username and pwd either in the background or in the foreground it's still passing.  Second, you claim you're saving resources on the remote server by doing it this way, sorry MS but last I checked WE paid for the hardware NOT you so if we want to be prompted for a username & pwd and that wastes OUR resources that's our right.

Anyway, for those of you who dislike the 6.0 client, find a 2003 Server and install the 5.2 client over the 6.0 client and restore logic to your daily tasks.  The 5.2 client works equally well in Vista as it does on 2k SP4.

Note to MS, please stop breaking things.  Perhaps in Longhorn's later betas you'll listen update this to 6.1 and remove or allow us to disable some of the stuff in the 6.0 client.  If you’re going to break things we’ve used for almost 10 years, please add options to allow admins capabilities to easily turn it off like HKCU (or HKLM)\Software\Microsoft\Terminal Server Client\SecurityLevel=0 that turns of drive warnings for every connection.  Would it be that hard to have the client look to the registry to disable the prompting for and saving of usernames/pwds?  Should take about 10 minutes to add that code.

When I try to connect using remote desktop in Windows Vista, it suddenly stops working.  McAfee firewall has been disabled and it doesnt work in safe mode with networking.  Any ideas>

I am one of the IT People in the field, and have been for 10+ years, not a MSFT Employee.  My contention is that developers that MSFT add features and make changes at the behest of customers, and people that bash them as if they're working 60 hours a week to intentionally annoy you with new features is a bit childish.  Points are received better if you merely make your case why a new feature is difficult to use, causes business interuption, loss of productivity or poses a security risk.  Calling people names and screaming like a 3 year old (not everyone in this blog) is pointless and non-productive.

The bottom line is that one can choose to use Vista or not, use RDP 6.0 or not, roll back to RDP 5.1.x or 5.2.x or not, manage their clients or not, make tactful comments or not.  

We've provided MSFT with your comments and concerns (along with our own) so you have been hear loud and clear.  

P.S. When the next version is released, it would be prudent to test it before allowing it to be deployed on all of your systems.  I realize that no one has complete control over every piece of software installed on every system they support, but subscribing to "it was in Windows Update, therefor I installed it" is a system that will eventually bite you.  Any software deployed to a corporate environment should undergo some kind of testing.  Applying updates and hoping for the best is not a way to keep your end users happy and productive.  Supporting what gets installed on end user's home PCs is more challenging, but not impossible.  It's better to provide remote access via TSWeb (AKA Remote Desktop Web Connection - RDWC) or 3rd party software that you can control.  With RDWC you can control user's RDP Client configuration.

If you have comments and suggestions (that haven't already been voiced in this blog) on how to improve the RDP Client, by all means provide as much detail about the problem/concern as you can, but please keep it civil.  

Another place to ask questions about Terminal Services or RDP Client Functionality is:

Windows Terminal Services Newsgroup:

http://www.microsoft.com/technet/community/newsgroups/dgbrowser/en-us/default.mspx?dg=microsoft.public.windows.terminal_services

Longhorn Server (LHS) Terminal Services Forum:

http://forums.microsoft.com/TechNet/ShowForum.aspx?ForumID=580&SiteID=17

Patrick C. Rouse

Microsoft MVP - Terminal Server

Provision Networks VIP

Citrix Technology Professional

President - Session Computing Solutions, LLC

http://www.sessioncomputing.com

Steve Lavaysse's post above fixed my problem.   Dell on call couldn't figure it out, my computer administrator at work couldn't figure it out and I paid $50 to a consultant to figure it out. Thank you so much STEVE!!!

Susan Schniepp

When will an updated version of the 6.0 client be released that addresses the numerous bugs in the first release?  There are other MS forums that indicate that a bug release will be forthcoming but those posts are months old.  One is at:

http://forums.microsoft.com/TechNet/ShowPost.aspx?PostID=988640&SiteID=17

The excuses that MS has posed here and in other places about how the new RDP client works just isn't cutting it.  Simple Google search return numerous complaints and that MS provided no good ways to disable all the junk they added (how many of you are running Gold copies of Longhorn servers in production environments as of March 2007, exactly zero would be the answer) so the forcing of all the new junk on us is unacceptable, especially when there's no easy way to globally turn them off.  I personally carry the 5.2 client on a USB key and install it on every system, including Vista RTM boxes, to restore functionality.  I'd sure like the speed and dual monitor support of RDP 6 but the other bugs make it unusable.

I have to also protest at the painful update the version 6 client is.  As I support many machines over 50 sites, I find using this client absolutely painful for pretty much all of the reasons given by your other readers (I wont go into boring details)

Every one of my collegues I speak to in the industry agree.

As a diagnostic tool the client is so painful to use I now telnet to port 3389 as it is quicker than launching the client, typing a username/password (oops, thats username\password because in a domain structure *everyone* wants to connect to the local user account of a server!) then getting security warnings, then wait 10 seconds while it authenticates, then comes back with an error saying it couldnt connect! Oh hang on, telnet isnt enabled by default in Vista. PAINFUL!

You get the idea, give me back my version 5 clinet, it was a dream compared to 6.

Thank you

Steve Lavaysse's post has nothing to do with the RDP client is' the foolish "autotuning" MS put into Vista that causes many more problems than it fixes.  For the most part the problem also isn't Vista it's hardware that doesn't support autotuning.  I know of $5,000 Cisco routers that don't support it.  The problem with autotuning is it isn't smart enough to see when it's casuing problems and AUTOmatically turn itself off.  

Note to MS: AUTO means both ends of the spectrum.  Automatic cars downshift as well as upshift.  Autotuning needs to be able to disable itself when it's breaking more than it fixes.

Now, let's get the rest of the RDP 6 "features" rolled back or otherwise fixed.

Those 100 people are just going to start clicking the save password box on the dumb RDP6 client and then they'll start buying you lunch because you cannot stop them now since MS, in their continued wisdom, has given us no Group Policy management tools to prevent this and no way like with the CMAK for VPNs to deploy a complied RDP client to prevent security breaches like this.  What will fix this is the first high-level developer or VP at Microsoft who gets a laptop stolen that had a bunch of RDP sessions with saved pwds in it and the next day there'll be an update to RDP 6 that allows us to turn it off (unless MS isn't using the public version on their desktops, which could be possible too).

I'm having an impossible time getting Vista to connect to Win 2003 Server using Remote Desktop.  Was working fine until I upgraded to Vista Business on my laptop.  Now, I can never connect, not once has it worked, get a nonspecific error message "This computer can't connect to the remote computer..."

I'm able to connect from XP Pro just fine  (it's on the same network as the Vista laptop) to the Win2003 server but not from the Vista laptop.

Server 2003 is running RDP 5.2.

Vista machine: Firewall is turned off, Server authentication set to "always connect...", TS Gateway set to "Do not use TS Gateway", confirmed login settings are correct.  I don't use a domain at the remote computer.

Any help greatly appreciated.

Having an issue with an XP Client running RDP6 connecting into a Vista Ultimate machine.  I receive "An authentication error has occurred (Code: 0x80090330)."  Under the options on the RDP6 client, I have it set to "Always connect, even if authentication fails."

If I enable the “enablecredsspsupport:i:0” option by adding it to the RDP file, the RDP6 client connects without a problem.

This problem started after I experienced a problem with a network card driver, and upon having difficulties removing it via Device Manager, Registry, etc..., I did a System Restore.  Everything works fine since, except for this Remote Desktop Error.  Any help would be appreciated.  Thanks.

Eric

Hello, i'm connecting to a windows server 2003 using RDP from a windows xp machine to run  a vfp application..no problem.

I buy a brand new pc with windows vista and run RDC..logon ok...but when i run my application it do not refresh the windows...i have to minimize an maximize the aplication to make it happen.

Can I install old windows XP RDP client on my vista??

thanks

I'm using a Putty (SSH Client) to create a SSL Tunnel to my linux firewall from the outside. Normally, it will enumulate the local port and forward to destination ip (That configure in the Putty client).

So, I try to make a connection to localhost:3390 because I configure a Putty client to forward any connection from localhost:3390 to 192.168.0.1:3389 which is behind my firewall and accept for RDP connection. But the Vista RDP client report the error message "The client could not connect. You are already connected to the console of this computer. A new console session cannot be established.". What's up why I cannot do this. It's used to worked before in Windows XP environment?

Does anybody can tell me why?

Pinai:

Try forwarding from port 3391.  Port 3390 is used for Media Center Extender support, so RDP thinks you are trying to connect to your own machine and fails since you're already logged on.  Using a port other than 3389 and 3390 should fix this.

Does this solve your problem?

Thanks Eric, my problem with error code - 0x80090330 is a mystery, in other words I'm clueless what caused it since the computers are in Lab learning environment and cannot document the countless changes everyday.  

- But it started after a Cisco VPN ipsec isakmp tunnel lab I used for weeks the Vista as a VPN client, RDP was working fine during this time until I removed the VPN configurations on all the PCs, suddenly Vista was not accepting RDP.

- Don't have time to figure out the logic of your miraculous solution [enablecredsspsupport:i:0] but it works and thank you very much

Michael Rossell

San Francisco, CA Cisco Nerd Central

For the individual with this issue:

“The authentication certificate received from the remote computer has expired or it not valid.”

I had the same issue and couldn't find anything, but when you go to the remote computer that you are trying to connect to and delete the certificate (add Certificates via MMC) it should work, but first you should fix your time/date if that is the issue.  In my case, I changed the time back a year to get my VMWare Workstation 6 Trial to start back up so I could change some settings before upgrading.  After changing the time I noticed that I couldn't RDP from any of the other Vista boxes at my house, so I changed the time back and noticed that it still didn't work.  I found that the RDP certificate was generated and with the old Date and the box that I was connecting from was at the current date.  The current box saw that the certificate expired and refused the connection.  I just deleted the old certificate and then tried to re-connect from my other Vista box and a new certificate was issued and I was then able to connect.

Cheers,

Eric

Is there a Registy Value (not just a switch for saved RDP shortcuts) that we can use to globally disable the username/password pre-connection prompt?  We have always used biometrics through the session with 5.x and this is limiting the use of biometrics in our organization.

“The authentication certificate received from the remote computer has expired or it not valid.”

Thanks for the tip to check the computer time. For some reason or another, after a shutdown, Vista decided to set my system date to August 24, 2008 (it is June 4, 2007 currently).

I agree with the person who posted about how one should try to make their points without a lot of crying. Definitely true. I guess where a lot of that is coming from is the frustration that people are seeing with Vista. It seems like with every turn, there is something else that doesn't work. In my 6 months or so using Vista I've seen:

- my date get set into the future

- the display on my laptop get scrambled (had to re-install Vista)

- Office 2007 stop working (never quite figured out if this is a Vista or Office issue)

- Camtasia not work with Vista

- my HP printer not have networking drivers for Vista

- my laptop not being able to hibernate and blue screen

I understand that all of this isn't Microsoft's fault. I guess my complaint - and the complaints of many others I think - is that it just feels like 1992 all over again. Back then, it was a struggle to get your operating system running with all of your hardware and software. Maybe it is because I was younger then, but I didn't mind jumping through all the hoops to get things to work (i.e. asking friends, reading bulletin boards, calling various support desks, etc). Now, some 15 years later, I find myself doing the exact same thing with Vista. Shouldn't things have matured now? Maybe I'm spoiled but I just want things to work nowadays. I know it's a huge thing to ask, but as a consumer, I just expect Vista to work; just like I expect my car to start every time, my phone to work and my TV to turn on every time. The sad realization is that maybe Microsoft just can't do this. As a company, it has taken the industry very, very, very far in a relatively short period of time. But could it be that Microsoft simply can't take it any further? As I walk around coffee shops in my neighborhood, I see more and more people using Apple. I think it's sad since I've invested a lot of time with Microsoft, but maybe it is inevitable.

Anyways, thanks for the information on this blog; after 3 hours or so, I can remotely log into my computer.

So Microsoft, can we get an update on when a new version of the 6 client will be released?  As others have stated, there are posts out there from other MS employees stating there will be a new one but as the months roll by and our frustration grows ever more day by day it becomes more and more obvious to us that MS just doesn't care or is so overburdened with Vista problems that it cannot fix the RDP problems.  I'm not sure there can be any other possibility here.  Either you think the RDP 6 client is perfect and are not going to update it to fix the problems we're reporting -or- you have no time to update it due to other issues.  Either retract the previous posts or update us, don't leave us hanging...

I am cannot remote desktop from windows server 2003 to windows Vista.

Please, help me.

Thanks.

Patrick -

Thanks for your reasoned responses. I'd like to share a few points that make the new RDP client very difficult for the consultant.

- First of all, there is _no_way_ that I am going to store the login / password combination in my RDP files. I have over 100 RDP files on my laptop to connect to our many customers. If my laptop were stolen and my customers networks compromised, I would have to have every one of our customers change their admin passwords. As sensitive as security issues are these days, I imagine that we would lose a large number of clients. Beyond that, I would feel morally responsible for the action and also be possibly be held legally liable for irresponsibly enabling it to occur.

- Even saving just a userid without a password means that someone with my laptop now has 1/2 of the credentials necessary to access our clients systems.

- That leaves me with having to enter domain credentials each time. Do you remember the exact syntax/ spelling of the domain for each of your clients?

- At this point, the best I've come up with is to enter a random character in the userid when i connect - which then fails, but at least presents me with the old login from the server to which I'm connecting, within the TS window where I am able to enter the userid and select the domain from the drop-down.

Any suggestions?

Thanks - Rob

When trying to log-in to RDP to out Windows 2003 Server Standard, from one of out Vista Business PC we receive an error corresponding to Terminal server licences.

We have several free CALS and this is only with the one PC!

Changed PC name,

Joined and Removed from domain

Is there a fix? As tried reinstalling RDP Client

Thanks

Ben Marshall

subscriptions@b-marshall.co.uk

I do remote network administration and used to keep an rdp file with the computer name and password for each computer on the network so it was easy to get around to the various terminals on the network.  Now whenever I attempt to access any rdp file, it "remembers" the last terminal accessed and I have to change it every time.  Is there any way around this?

Microsoft really blew it with RDP 6.0. What a joke. I used to be able to connect to my PC at work after establishing an IPSEC VPN tunnel, but now with the new RDP version, it just freezes on me everytime.  Vista and the new RDP SUCK!

Is there any way to debug a connection failure? I don't see anything in Event Viewer...

I have two desktop machines sitting next to each other in my office, XP-Pro and Vista Enterprise 64bit. I do most of my work on the XP machine, but I like to have a Remote Desktop Connection to the Vista machine maximized on my second monitor so I can get to the other machine by just moving the mouse.

Connecting to the Vista machine is REALLY flakey after I reboot it. When trying to connect I get "This computer can't connect to the remote computer." after a variable amount of time, this happens every time I try to connect until all of a sudden I can connect (sometimes it takes just a little while 5-10 min, other times I just give up and when I try a couple hours later it works), from then on there is no trouble, it's really frustrating.

I have a problem connecting to our server which is a Win2k3 server. and before(when I had win XP)I could save my user credentials(only access to the accounting app running) in one .rdp file and my administrator credrntials(full access in case a client froze up and tha happens about twice a day)in another. Is there some way to disable the "credentials manager" in the RDC 6.0 client?

I Solved My Problem! If 2003 Logon screen comes up with wrong domain, you need to 1) Delete Credential (Edit icon on Local Desktop), Connect, and, at the Credential menu, choose Use Another Account and correctly enter domain/username. I now have no problems with RDP 6.0

RDP 6 does not even give me theoption to save my credentials, i dont have a GPO to disable this and the option went away when my domain was upgraded with V6. How can i get this back?

dcompton@usc.edu

Cannot RDP

Any advice on the below Problem would be greatly appreciated.

Problem signature:

 Problem Event Name: BEX

 Application Name: mstsc.exe

 Application Version: 6.0.6000.16386

 Application Timestamp: 4549b425

 Fault Module Name: sdrdp5.dll

 Fault Module Version: 3.1.6.4

 Fault Module Timestamp: 40a0e111

 Exception Offset: 00005a00

 Exception Code: c0000005

 Exception Data: 00000008

 OS Version: 6.0.6000.2.0.0.256.6

 Locale ID: 1033

 Additional Information 1: 8d13

 Additional Information 2: cdca9b1d21d12b77d84f02df48e34311

 Additional Information 3: 8d13

 Additional Information 4: cdca9b1d21d12b77d84f02df48e34311

Steve Lavaysse's 'fix' worked for me.  I searched hi and low for several days (in my spare time) before running across this.  

Thanks Steve for the info.

The same problem with Acer Travelmate 6292

Start regedit.exe.

Navigate to "HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\UsernameHint".

Delete registry values you don't need.

Thx,

Sergey.

"I just got a new Acer Travelmate 6292.

Tried loggin on to my WinXP machine via RDC and got stuck at "Enter your credentials".. it shows "looking for credential tiles' but hangs searching for it.

I can close the window but then RDC hangs as well. I can only End Task from Task Manager.. anybody has the same problem or is able to give me a clue??"

HERE IS THE FIX ( I also have a 6292 and had this error) You should create a credential.

1. type control userpasswords2 into the Start menu search box and hit enter

2.On the resulting User Accounts screen, click on the Advanced tab and then click the Manage Passwords button.

3. On the Stored User Names and Passwords window, click Add button.

4. On the Log on to: (type the IP of your server or the Server name)

Type the user name and password

5. Choose "A Windows Logon Credential" click OK.

Close the Window and connect your RDC. It should work now. It is interesting that only Acer 6292 have this problem, all the Dell notebooks we have does not require this mumbo jumbo windows vista magic. I hope this helps anybody out there. Good Luck!

how do u download remote desktop for vista home premium

It is quite easy to steal your password if it's stored in .rdp file.

It is also not compatible with secure prompt mode, when applications are not allowed to get access to user credentials in clear text.

By the way: RDP clients 6.0 and 6.1 still pick up password from an old .rdp file if it is there. They just don't save it in .rdp anymore.

Is there a way to change the 30 seconds waiting period before allowing a remote user to connect to the target machine using RDC? For example, a user can actually remotely connect to another user's machine using RDC and he merely have to wait for 30 seconds before he gains access to the other user's machine. This could lead to privacy issues and also illegal access. Therefore, is there a way to have a longer waiting period i.e. 2 hours? Would it also be possible to prohibit the remote user from gaining access to the target machine until access is granted explicitly? Thanks.

Is there any decent workaround for the domain:s: parameter no longer working?

The usernamehint key would be ok if you could code a variable into the registry to pass DOMAIN\username, but as it stands it not very functional.

We are a multi-domain, multi-terminal server environment with trusts - we heavily rely on being able to 'hardcode' the domain name into the RDP connections.

Today I've found a software that add a credetial icon into "prompt for credetial" dialog box of RDP 6.0 in Vista.

http://www.rohos.com/welcome-screen/rohos_credential_provider.htm

The idea is take a credential from a USb drive key.

Next version of TS Client (6.1) will honor username in RDP file. It will also provide means for saving and ediding user names in RDP files.

I wish Vista's development team put more thoughts into the design of the OS.  I am spending more time in trying to figuring out where things are and their new names than actually accomplishing anything with the operating system. The migration from windows 98 to windows NT 4.0 was smooth.

Anyway, I installed windows 2003 x32 R2 and windows 2003 SP2 on our brand new server.  I can TS to it without a problem using my windows XP SP2.  But if it's a Vista machine, the logon process takes longer and mouse clicks are really really slow. For example, if you click on the start button, the menu opens but can't select anything for four seconds.  Then clicking on a program shortcut takes another five seconds, so on.  This is really costing us money and time.  Is there anyway I can rollback the RDP client on Vista?

Thanks

I am running Vista's RDP 6.0 on a Windows XP workstation for the dual monitor support. When I RDP to another Windows XP workstation and try to run an application published via Citrix, I get very slow screen refreshed from the Citrix app. I have found other threads that may indicate that my problem could be related to "Receive Window Auto-Tuning" To test if this is your problem you are to type the following command at the command prompt of a dos window as an administrator:

netsh interface tcp set global autotuninglevel=disabled

and

netsh interface tcp set global autotuninglevel=normal

to re-enable it.

When I do so I receive "The following command was not found: interface tcp set global autotuninglevel=disabled."

It seems that the "tcp" parameter is not supported for the netsh interface command under windows XP.

My question is, does anyone know the XP command to turn off Receive Window Auto-Tuning for the Vista RDP client?

Thank you in advanced for you comments

You can use Account Lockout Policy.

It works the same way as for local logons.

http://technet2.microsoft.com/windowsserver/en/library/d7cacdcb-5362-4cb4-9c18-aa89f728b9361033.mspx?mfr=true

Situation with Vista machine to a Windows 2000 Server would not save username/password information.

Turns out using Stored User Names and Passwords tool (by running "control keymgr.dll") and saving the information as "A Web site or program Credential" fixed this up.

Thanks to Gary from this post;

http://www.technologyquestions.com/windows-vista/117827-password-saving-rdp-setups.html

to the previous post...  That is NOT going to work for me.

Patrick

Hi, How can enabled multisessions of Guests accounts for remote desktop in Vista?

RDP client 6.0 and higher stores user credentials in the user's credential set instead of RDP file. They no longer support storing credentials in RDP files. The problem with RDP file is that any code running in the user's session can read user's password from there and convert it into clear text.

User's credential set is more secure because it makes credentials accessible to system components only. Unfortunately, it does not allow saving more tha one credential per target server.

You should still be able to use your old RDP files with new clients, though.

RDP client 6.0 picks up user name and password only if both of them exist in RDP file. RDP client 6.1 will pick up user name from the RDP file even if it does not have password.

Why is it that each time something doesn't work the way customers want it to, MS states it's the intended way it should operate??? What kind of ridiculous excuse is that?!? Or is it only the established (dictatorial) policy of doing things at MS (and only there)?

If you mess up a product by changing the way it used to operate (and satisfied customers), you cannot hide behind the fact that the mess you caused is what you intended to happen. I'm sorry but it just won't cut it. Then again, MS is very good at imposing stuff on their customers...

As an internal policy, we are not migrating ANY workstation to Vista. So we couldn't care less about what a new version of the TS client could do to people using Vista. This OS will never see our network because it is utter garbage. We will patiently wait for MS to come up with a real OS (anytime guys)... and we don't want Vista to be imposed on us by wreaking our TS setup on XP stations.

We also did not want to have to fix user connections settings because users were suddenly faced with login prompts they'd never seen or heard of before.

And the latest thing is an machine on wich the user manually updated the RDP client... and the spooler service keeps trying to use 100% of the CPU time ever since.

Way to go guys!

Remember what your grandpa used to say? If it ain't broke...

If I go on a customer server or network, change the way they do things, and they don't like it and say I have to get it back the way things were before, I can assure you I have to do it! But then again, I don't keep my customers hostage... they are free to go to someone else. But isn't that the basis of a healthy business relationship?

Guys,

I have really enjoyed reading this thread. What a range from a fury to the complete helplessness!

Anyway, I want to share solution for the following scenario:

A person used to have RDP 5.X and have got upgraded to 6.0 by WSUS.

He has tons of computers to manage and almost always need to connect to them using different credentials (2, 3, 4 or more). So for each computer he has a several .rdp files - one per each login/pwd.

Furthermore a corporate policy requires changing password every two month…

If you still reading you probably got it - his life was a complete madness!

Apparently M$ have heard his moaning and come to rescue with RDC 6.0 :-)

And now this guy has only one .rdp file per a computer!

Then he uses runas command to run… no not windows explorer (he hates it!)

He runs “FAR (http://www.farmanager.com/)” (a freeware Norton commander alike program for managing files and archives in Windows operating systems)

You can run pretty much any other file manager, it has to be compatible with runas command.

Let’s assume he logs on to his desktop as SKuzin and then use runas to run FAR as VPutin (domain admin)

Now if he runs .rdp from “desktop” it’ll use login/pwd stored in SKuzin registry branch.

If he runs the same file from FAR, login/pwd stored in VPutin branch will be used.

If he needs third, forth, etc. set of credentials – different accounts have to be used.

Piece of cake, right?

Do you still remember about that two month password expatriation corporate policy?

He can deal with it easily - there is a command cmdkey.exe (included in W2K3 and works on XP as well. He is a lucky guy - he doesn’t have Vista… yet)

He uses it to update all saved credential is one shot!

Isn’t that a relief comparing with RTC 5.X? :-)

He used to have a way to batch update passwords in all those .rdp files at once before, but… well that was rather a hack than a legitimate command.

To distinguish between FARs running under different accounts you can use distinctive background and/or font.

BTW: I’m not trying to explain how to deal with various connectivity issues, instead trying to point out ways to deal with storing multiple credentials for a single computer and updating passwords.

BTW2: I’m not that guy! I’m completely different one. I don’t use his tricks, because IMO he completely misunderstands M$ intentions with RDC 6.X! ;-)

Sincerely,

OK

I have Vista Ultimate, we do not use several accounts but all family uses the "standard" account.

When my wife wants to connect to her pc at the offive through Remote Desktop, an error appears, because she is not authorize to a connection to Terminal sersvice. Issue is not present in XP

I think this is very annoying and hope there is a workaround withoutbeen forced to create several accounts

regards

AAHHHHHH i lost track of my main security servers, those who update antires-updates firewalls and

Just because of RDP client update

Next thing to do remove with unix

I hate this suprices !!!!!!

Stop vista I got MAD !!!!!

And I am verry angry no more Microsoft for me and thats for sure tomorow those servers they're out of the window. i'll be going to do this with linux

When do you people going to realize that we dont want toys like vista but want things who keep working thats much more important to us admins you loos friends this way

Remote Desktop Client remembers the user name used in the last successful connection to each server. If next time you use a different name and connection succeeds, the previous name will be overwritten.

Just in case you need to replace the name manually, it is located in the registry under "HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\UsernameHint" key if you are using RDC version 6.0, or under "HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\Servers\<your server name>" key, if you are using RDC v. 6.1.

If you want to delete a previously saved credential:

1. Start RDC

2. Enter server name

3. Click on "Options >>" button.

4. Click on "delete" link.

Hello, Is it possible to connect to a computer of the domain (with an admin account) without login/password in MSTSC, how to tell mstsc to use the session credential ?

Yannick LANCHEC

KoXo Developpement

Thank you for this,  but this solution only works with vista/longhorn computers.

Is it possible to connect with RDP with windows authentification to a win 2000 or win xp station ?

Best Regards

Yannick LANCHEC

KoXo Developpement

BTW, HKCU\Software\Microsoft\Terminal Server Client\SecurityLevel=0 was supposed to disable all the security warnings in Vista and it did as it was supposed to in RTM but not in SP1.

That's becuase the 6.x client isn't very smart and changing anything is cumbersome at best.  You'd think MS would understand their own active directory structure and how it works but alas they obviously do not.

Please disregard my last comment.  I posted it to the wrong blog.

Good article. I have a problem with RDP6 (using XP). I have several .rdp files setup to connect to different servers. Some of these connections do what I want, while others simply will not follow the same behavious as my "good" connections. What I WANT is to connect to a remote machine, and have my username saved and sent through to the windows login box on the remote machine (I cannot save passwords, it is company policy, and I am fine with that). Some connections do this fine. I double click the file, it connects right away, leaving with the correct DOMAIN\Username filled in in the Username part, I just have to type my password, and everything is fine. If I connect manually (just start mstsc instead of clicking the .rdp file), the information about the saved credentials is there (as per picture 6, above), and I can edit the username it is sending through. However, there are other .rdp files on the SAME COMPUTER where this does not happen. If I double click these files, I get prompted for my username/password first (as in picture 1, above), and then again at the windows login on the remote machine. It's this extra pre-prompt for credentials that is annoying the hell out of me. Even if I fill out the correct username, and click "Save Password" it has NO effect. Furthermore, when I start mstsc manually, and type the IP address I want to connect to, it simply displays "User name: none" with NO way of editing it (as in picture 6, above). WHY will rdp save the correct DOMAIN\Username for SOME of my connections, but refuse to save for others on the same machine ? I have compared the 2 .rdp files in notepad, and they are exactly the same, except for the IP address in the servername part. I haven't found anywhere yet that will explain how to fix this problem. Any help appreciated.

I need help!  My remote desktop connection client running on my vista home machine keeps losing its connection when I connect remotely to the Windows 2003 server at work.  I've tried disabling the autotuninglevel using (running as administrator from cmd.exe):

"netsh interface tcp global set autotuninglevel=disabled"

This still doesn't work?  Any ideas!

All my firewalls are off.

im using vistga entraprises version so i cant logging to my server becouse of the lisen protocal is expire

help mr

I can no longer connect to my virtual machines because of your brain dead design decisions. Windows XP SP3 forces version 6 of the RDP client upon me. Now I cannot enter a password before attempting to connect, the password box is no longer present just a text stating I will be prompted for a password. IT DOES NOT WORK!!!! I am not prompted for a password and so cannot connect. This one issue is forcing me to roll back to SP2.

Screaming users!  I guess that was the intention of MS when it forced the ridiculous TS client on XP SP3 users.  Well, I have news for MS, for one major customer of ours, they have banned XP SP3 for this reason ONLY.  We found ways to remove it in Vista but so far have not in XP SP3.  You remove the SP3 files, replace them with 2003 R2 SP2 files, and some update cache is replacing them.  We've yet to find them, but rest assured until we do SP3 will not be deployed at any new customer and it's been removed from all existing ones who use it.

Hi,

I run a small server room of about 15 2003 servers and about 4 Windows 2000 servers.  I administer using a folder full of RDP connections on my XP Pro SP2 machine.  RDP is just the job for administration and I'm really happy with it.

But!  Installed SP3 on XP to test before rolling out to the rest of the company.  Well, I can still do what I need with the RDP connections I had saved, but how do I "sign" the damn things to get rid of the bright yellow warning please?  You know, "The publisher of this remote connection cannot be identified.  Do you want to connect anyway?".  Call me Mr Thicky if you like, but I just can't find how to do it.

As an experiment, I'll be installing the older client from 2003 to see if it improves things, but I'd still like to know the answer to the Publisher question!

Many thanks,

John

This is one of those things that should just work out of the box.

yes, having to store separate files is monkey business.  Why on earth would you make so many improvements to the remote desktop client and then make one of the simplest things such a PITA?

I had the remember password working for multiple hosts for about a day.  When I rebooted, it was back to the old ways.  Sooooooooooooooo annnnnnnnnooooooooooyyyyyyyyyyyyiiiiiiiiiingggggggggggggggg!!!!!!!!!!! AAAAAAAAAAAAAAAAAAAAAHHHHHHHHHHHH@@@@@@@@@@@!!!!!!!!!!!!!!!!!

So, I was going to rant a bit here, but everything's been covered about 10 times, just dissapointed that none of these user suggestions have been implemented in the 1+ year that this thread has been open.  Also, I'd check the "Remember Me?" box, but I'm almost certain I'd get prompted for my name twice the next time I tried to post.

It is possible to manually specify the domain name.

HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\UsernameHint

Create a new string value name using the name / IP of the server you are trying to connect to. The in the Value Data of the string enter YOURDOMAIN\

Now when you open up the rdp client you will be prompted for username / password and the domain provided will be the one you have specified above.

Regards,

Andy

I have tried every solution up here. I am guessing it is some kind of domain problem, or maybe Vista doesn't think the TS gateway is safe. I cannot connect from Vista Ultimate threw a TS gateway to a server 2008 machine. I get "The log in attempt failed" every time. Oh, Linux connects without issue, and XP connected with administrator credentials only. Just give me more control please! --- just ranting.. this is a testing setup - i will not be recommending it

try to remote the name of the server not the IP

its work succesfully

If your like to use RDP over internet using microsoft windows teredo service(peer to peer connectivity) you can check this soft http://www.lanoninternet.com

Now RDP can work behind NAT/firewall

running 2 laptops on a LAN with the same workgroup names.

1 laptop is xp 32 sp3, whilst the other is vista 32 sp1.

unable to connect either from xp laptop -> vista laptop or vista laptop -> xp laptop over RDC.

this is very frustrating. and ridiculous. can ping either machine from the other one. any ideas?

You could either use "edit" option instead of "delete" and change your password, or, when prompted for new credentials, you could use "remember my credentials" checkbox to save new credentials.

The problems with tiles mentioned on the acer computers is related to the Acer Bio Protection, fingerprint solution.

If you open the settings for this program, you might notice it has created a profile for your RDC connection. (it had for me).

I encourage all users with this problem to contact acer with this information.

The fix posted in this thread seems to work great. A million thanks to the poster.

Hmm, it looks like its because I used the IP instead of the sever's name. Briliant folks!

So is this a brain fart for rdp or ad?

Vista sp1 will not connect to Vista sp1 using NLA. It quit working a few days ago. I have not made any changes that I no of. I can connect using NLA from computer A to computer B but not from Computer B to A.  Whats the deal?

I have a VISTA machine that cannot connect to a 2008 server with RDP when using Active Directory credentials.

When I use the same machine connecting to the same 2008 box, but use NT domain credentials I can connect.

Can anyone tell me why that is?

If I use RDP 5.2 I can connect with either sets of credentials - AD or NT.

The VISTA and 2008 Server are both in the same AD domain. I have a trust between NT 4.0 and AD because of some badly coded legacy apps requiring NT.

HI I am getting an error when I click connect in the RDP from Vista Ultimate to Windows server 2003? as follows:-

"to log onto this remote computer your must be granted the allow log on through terminal services right, by default members of the remote desktop users group have this right.  If you are not a member of the remote deskop users group or another group that has this right, or if the remote desktop users group does not have this right, you must be granted this right manually"

Is this something I am doing or does the server admin need to add me to something?  FYI I am a member of the rdc group as well?

Please help

Hi! I want to come back to the Bryan Question on January 2007, I don´t know what happened at last. I´m trying to connect to a W2K3 Server with the latest RDP Client en Windows XP and I noticed that I can´t use a password manager to connect to my servers because the RDP Client does not let me paste the previously copied password. I don´t have Windows Vista and I noticed the same behavior as Bryan. Is there any posiibility to override this? Thanks a lot!

How can anyone ever say anything bad about X windows after reading this blog?

When connecting to Vista Bussiness from an older client in wich you are not asked for credentials, you are presented to the "Interactive Logon Screen" that displays the last user that made a log in (even when it is disabled in the local directive).

Anyboady knows how to force the connecting user to type the username and password?

We have a complex environment. Need your suggestion.

Desktop clients are Windows XP SP2

Most of the desktops are covered to thin client. Nothing but MSTSC run in the shell rather than explorer. Most of the users connect to 2003 TS servers. Now we plan to deploy new version of SAP GUI Client. We build a seperate windows 2008 farm (seperate farm to given dedicated good performance to SAP GUI application). We want to place a .RDP icon for the users to access windows TS 2008 published SAP application.  We are facing the same authentication issue described above.

1. We have multiple domains. We cant teach users which domain they belong to.

2. We want to disable initial authentication box

3. Or we can OK if the initial authentication box, give the option to select various domains.

4. asking the user to type domain name\user name is simply very difficult. Service desk will send their whole day to explain forward slash and backward slash. :)

Kindly suggest a solution.

Thanks for posting, I've been getting the "cannot verify" error messages on my home computer and really needed to do something about it.

At work I use proxy network's <a href="http://www.proxynetworks.com">remote desktop software</a> and their tech support just runs me through what I need to do. If you're a casual user, it might make sense to go through all this and do it yourself. There's so many factors though that if you use your rdp software a lot, I think it really makes sense just to take the plunge and buy a program... though I love to figure out problems on my own, sometimes there's just too much time to be saved.

To Annoyed MGR.

I think, your problem can be solved. Recent RDP client versions (6.1 and higher) do not save passwords in RDP files anymore, but they can still read them.

You can add these 2 parameters to your RDP file:

username:s:<put your user name here in "domain\name" format>

password 51:b:<put your DPAPI encrypted password here>

Below is a simple console application that given your password as a command line parameter will output it in the format needed by RDP files:

#include <stdio.h>

#include <tchar.h>

#include <windows.h>

#include <strsafe.h>

#include <wincrypt.h>

int _tmain(int argc, _TCHAR* argv[])

{

   HRESULT hr;

   size_t cbDataIn = 0;

   DATA_BLOB DataIn = {0,NULL};

   DATA_BLOB DataOut = {0,NULL};

   if ( argc < 2 )

   {

       printf( "Too few params\n" );

       return 0;

   }

   hr = StringCbLength( argv[1], STRSAFE_MAX_CCH * sizeof(TCHAR), &cbDataIn );

   if ( FAILED(hr) )

   {

       printf( "StringCbLength failed: 0x%X\n", hr );

       return 0;

   }

   cbDataIn += sizeof(TCHAR);

   DataIn.cbData = DWORD(cbDataIn);

   DataIn.pbData = PBYTE(argv[1]);

   if ( !CryptProtectData(

           &DataIn,

           NULL,

           NULL,

           NULL,

           NULL,

           0,

           &DataOut ) )

   {

       printf( "CryptProtectData failed: %d\n", GetLastError() );

       return 0;

   }

   for( DWORD i = 0; i < DataOut.cbData; i++ )

   {

       printf( "%02X", DataOut.pbData[i] );

   }

   LocalFree( DataOut.pbData );

return 0;

}

Thx,

Sergey.

I find the RDP on Vista quite anoying. I can no longer save an RDP setup for the same IP (or DYNDNS address) with all credentials. It only remebers the last User. Totally stupid. It must have been a moron designing or requesting this. Furthermore, using Vista to RDP to Server 2008 is worse than ever. It sits on "Looking for credential tiles..." forever hanging!!! Before I asked Vista to save the credentials it worked, though not as smooth as to a Server 2003.