How can I use RDP (MSTSC.EXE) to log on to server as if you are at the console?

How can I use RDP (MSTSC.EXE) to log on to server as if you are at the console? I am looking for a way to modify the .RDP so when I execute the remote desktop to a server, the login page is pulled up so i can type my credentials in or use a digipass (vasco) alternative. I also use HP RGS to get into servers and blades, but the version in my environment is buggy and needs to install a client ... but it does accomplish the type of login behavior I am looking for ... when it works. I know that the .rdp file can be modified with a text editor, but I have not had any luck with the settings I have.
ace350Asked:
Who is Participating?
 
☠ MASQ ☠Connect With a Mentor Commented:
If you want to enable saving credentials you'll need to do this via GPO:


Run gpedit.msc
Local Computer Policy > Computer Configuration > Administrative Templates > System > Credentials Delegation.

Open "Allow Delegating Default Credentials with NTLM-only Server Authentication".
   
Set to “Enabled”.
   
Click "Show" and add the string “TERMSRV/*” to the list. (or add the IP or server hostname)

Repeat  for the following policies:
       
"Allow Delegating Default Credentials"
       
"Allow Delegating Saved Credentials with NTLM-only Server Authentication"
       
"Allow Delegating Saved Credentials"

Restart

You should now be able to save your RDP login credentials

My previous post was about changes on the server not the client
0
 
☠ MASQ ☠Commented:
MSTSC.EXE /ADMIN (formerly MSTSC.EXE /CONSOLE)
0
 
ace350Author Commented:
@☠ MASQ ☠ - Thank you for the quick response. The /ADMIN switch will still give me the pop-up to log into the remote computer before actually getting to the computer console screen. This is what I am trying to avoid. I want to have the selection to log in with admin credentials or select the Digipass login option.
Login.PNG
0
Simple Misconfiguration =Network Vulnerability

In this technical webinar, AlgoSec will present several examples of common misconfigurations; including a basic device change, business application connectivity changes, and data center migrations. Learn best practices to protect your business from attack.

 
☠ MASQ ☠Commented:
You want to pass through your saved credentials?
0
 
ace350Author Commented:
@☠ MASQ ☠:  I do not want to use the pop-up screen that comes up as soon as you click 'Connect'. This extra level of security was not implemented in Windows Server 2003, so when you connected to the 2003 server you were at the server's console login screen. I guess I do not want to pass through my credentials, but rather the inconvenience of encountering the server login screen.
0
 
☠ MASQ ☠Commented:
likely at server end then - can you:

Go to: Administrative Tools > Remote Desktop Services > Remote Desktop Session Host Configuration

Under Connections > Open RDP-Tcp

Under the "Log on Settings" tab choose the  "Use client-provided log on information" option, uncheck "Always prompt for password"

You'll need to restart server for this to take effect.
0
 
ace350Author Commented:
@☠ MASQ ☠ - Thank you again for getting back with me. The options you are referring to do not seem to be available in the latest RDP application. Options do not change with the "Allow me to save credentials" checked or not. Please see attached pic
Capture.PNG
0
 
ace350Author Commented:
@☠ MASQ ☠ - This is the method I am familiar with and it has worked in the past. Unfortunately I am not able to alter the GPO. I am hoping that there is some other clever way to accomplish this, but it seems our security team is better than I thought ;).
Thank you @☠ MASQ ☠ for humoring this ridiculous request. I will mark your answer as the solution as I know it works when you have the access.
0
 
ace350Author Commented:
@☠ MASQ ☠ - This is the method I am familiar with and it has worked in the past. Unfortunately I am not able to alter the GPO. I am hoping that there is some other clever way to accomplish this, but it seems our security team is better than I thought ;).
Thank you @☠ MASQ ☠ for humoring this ridiculous request. I will mark your answer as the solution as I know it works when you have the access.
0
All Courses

From novice to tech pro — start learning today.