[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 561
  • Last Modified:

Require Client Certificates for RDS 2012

Is it possible to require RDP clients connecting to RDS 2012 to have a client certificate?  I know the server has one.  But, I would like to add a bit more security than just username/password.  I also know that VPN is possible, but was looking for something a bit less cumbersome.
0
brhunt
Asked:
brhunt
  • 2
1 Solution
 
David Johnson, CD, MVPOwnerCommented:
The client machine must have a valid certificate requires you setup a certificate authority.  This is a machine certificate and not a user certificate

http://www.alkia.net/index.php/faqs/106-how-to-secure-remote-desktop-connections-using-tls-ssl-based-authentication
0
 
brhuntAuthor Commented:
David,

I saw that but besides dealing with an older version of RDS, it is talking about getting the TLS/SSL connection by issuing a certificate to the RDS server and making sure the clients trust the issuing authority.  A third party certificate is on the RDS server.  What I want to know is is it possible to issue certificates to client PCs/devices and require that to connect to RDS?  So, not only do you have to have the proper credentials, but you have to have a device with the proper certificate.  Similar to what you can setup for an IIS website.

Thanks for the reply.
0
 
Pete LongTechnical ConsultantCommented:
You can use certs to encrypt the session, but I dont think you can deny access to RDP without a cert? (unless you employ 802.1x)
Windows Server 2012 - Secure RDP Access with Certificates

PL
0
 
brhuntAuthor Commented:
That's what I figured.  Thanks everyone for the help.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now