Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 517
  • Last Modified:

Require Client Certificates for RDS 2012

Is it possible to require RDP clients connecting to RDS 2012 to have a client certificate?  I know the server has one.  But, I would like to add a bit more security than just username/password.  I also know that VPN is possible, but was looking for something a bit less cumbersome.
0
brhunt
Asked:
brhunt
  • 2
1 Solution
 
David Johnson, CD, MVPOwnerCommented:
The client machine must have a valid certificate requires you setup a certificate authority.  This is a machine certificate and not a user certificate

http://www.alkia.net/index.php/faqs/106-how-to-secure-remote-desktop-connections-using-tls-ssl-based-authentication
0
 
brhuntAuthor Commented:
David,

I saw that but besides dealing with an older version of RDS, it is talking about getting the TLS/SSL connection by issuing a certificate to the RDS server and making sure the clients trust the issuing authority.  A third party certificate is on the RDS server.  What I want to know is is it possible to issue certificates to client PCs/devices and require that to connect to RDS?  So, not only do you have to have the proper credentials, but you have to have a device with the proper certificate.  Similar to what you can setup for an IIS website.

Thanks for the reply.
0
 
Pete LongConsultantCommented:
You can use certs to encrypt the session, but I dont think you can deny access to RDP without a cert? (unless you employ 802.1x)
Windows Server 2012 - Secure RDP Access with Certificates

PL
0
 
brhuntAuthor Commented:
That's what I figured.  Thanks everyone for the help.
0

Featured Post

Ask an Anonymous Question!

Don't feel intimidated by what you don't know. Ask your question anonymously. It's easy! Learn more and upgrade.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now