Solved

Require Client Certificates for RDS 2012

Posted on 2014-11-12
4
423 Views
Last Modified: 2014-11-12
Is it possible to require RDP clients connecting to RDS 2012 to have a client certificate?  I know the server has one.  But, I would like to add a bit more security than just username/password.  I also know that VPN is possible, but was looking for something a bit less cumbersome.
0
Comment
Question by:brhunt
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 82

Expert Comment

by:David Johnson, CD, MVP
ID: 40437671
The client machine must have a valid certificate requires you setup a certificate authority.  This is a machine certificate and not a user certificate

http://www.alkia.net/index.php/faqs/106-how-to-secure-remote-desktop-connections-using-tls-ssl-based-authentication
0
 

Author Comment

by:brhunt
ID: 40437715
David,

I saw that but besides dealing with an older version of RDS, it is talking about getting the TLS/SSL connection by issuing a certificate to the RDS server and making sure the clients trust the issuing authority.  A third party certificate is on the RDS server.  What I want to know is is it possible to issue certificates to client PCs/devices and require that to connect to RDS?  So, not only do you have to have the proper credentials, but you have to have a device with the proper certificate.  Similar to what you can setup for an IIS website.

Thanks for the reply.
0
 
LVL 57

Accepted Solution

by:
Pete Long earned 500 total points
ID: 40437848
You can use certs to encrypt the session, but I dont think you can deny access to RDP without a cert? (unless you employ 802.1x)
Windows Server 2012 - Secure RDP Access with Certificates

PL
0
 

Author Comment

by:brhunt
ID: 40437861
That's what I figured.  Thanks everyone for the help.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

At the beginning of the year, the IT world was taken hostage by the shareholders of LogMeIn. Their free product, which had been free for ten years, all of the sudden became a "pay" product. Now, I am the first person who will say that software maker…
In this article, I'll explain how to setup a Plex Media Server (https://plex.tv/) on a Redhat (Centos) 7 based NAS with screenshots to help those looking for assistance.  What is Plex? If you aren't familiar with Plex, it’s a DLNA media serv…
In this Micro Tutorial viewers will learn how to restore single file or folder from Bare Metal backup image of their system. Tutorial shows how to restore files and folders from system backup. Often it is not needed to restore entire system when onl…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question