• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 644
  • Last Modified:

Remote Desktop Client - Can you make it default to always ask for credentials using Group Policy Settings?

I am using Windows 2003.

Can you set it so that the Remote Desktop Clients are set on the options tab to "Always ask for credentials".

I am looking at the GPO on my server and cannot see many options to configure the Remote Desktop Client.

I know there are lots of settings on the Terminal Server side, but I want to enforce this setting on all my PC's in the network!
1 Solution
You can control it via Default Domain Policy:  Computer Configuration, click Administrative Templates, click Windows Components, and then click Terminal Services.
You will find "Do not allow passwords to be saved" setting there.

Supported on:
At least Microsoft Windows XP Professional with SP2 or Windows Server 2003 family with SP1

Controls whether passwords can be saved on this computer from Terminal Services clients.
If you enable this setting the password saving checkbox in Terminal Services clients will be disabled and users will no longer be able to save passwords. When a user opens an RDP file using the Terminal Services client and saves his settings, any password that previously existed in the RDP file will be deleted.
If you disable this setting or leave it not configured, the user will be able to save passwords using the Terminal Services client.

MawallaceAuthor Commented:
So I can make so they CANNOt save the password. But I want users to be forced to save the password!
Cláudio RodriguesFounder and CEOCommented:
Not sure what you are trying to achieve.
If you run TSCC.MSC on the TS itself and go to RDP-tcp, in one of the tabs you will see 'Always ask for password'. If that is checked, no matter what the user does, he will ALWAYS have to enter a password. Is this what you want to do?

Cláudio Rodrigues
Citrix CTP
MawallaceAuthor Commented:
No.. I want to make it so that on the RDP client the box "Save my creditatinals" is always ticked.
Alex AppletonBusiness Technology AnalystCommented:
I'm not sure of any way to do that, however if you are running Vista+ client side you can do delegation of credentials for your terminal servers which will use the client side logged on credentials.  You can deploy this via GPO with the setting here:

Computer Configuration, Administrative Templates, System, and then click Credentials Delegation

You want to add your terminal server in the list as TERMSRV/<fqdn>  Wildcards work here to so you can add TERMSRV/*.<domain>
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now