Archive for the ‘NLA’ Tag

Windows XP RDP connection Windows 2008R2 NLA   3 comments

As you may know windows 2008R2 Is using a more secure connection But by default the RDP connection is turned off. You can use a less secure connection to support XP but the better way is use Network Level Authentication ( NLA ) But Where to set this option?

Go to the server manager and check the computer Choose Configure Remote Desktop.

Network Level Authentication (NLA) is disabled Network Level Authentication (NLA) is disabled  Network Level Authentication (NLA) is disabled

Yeb nice but now I can’t connect with my Windows ( eXtra Prehistoric) version with SP3. I put in the Beta RDP 7.1 that came with Windows 2008R2/Windows 7 Sp1 but still I can’t connect.  ( Windows XP users should download RDP 7.0 )

Yeb that is By design In Windows ( eXtra Prehistoric) Network Level Authentication ( NLA ) is turned off by default. You should use windows 7 or follow the steps below.

1. Click Start, click Run, type regedit, and then press ENTER.
2. In the navigation pane, locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
3. In the details pane, right-click Security Packages, and then click Modify.
4. In the Value data box, type tspkg. Leave any data that is specific to other SSPs, and then click OK.
5. In the navigation pane, locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders
6. In the details pane, right-click SecurityProviders, and then click Modify.
7. In the Value data box, type credssp.dll. Leave any data that is specific to other SSPs, and then click OK.
8. Exit Registry Editor.
9. Restart the computer.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]

"Security Packages"=hex(7):6b,00,65,00,72,00,62,00,65,00,72,00,6f,00,73,00,00,\
  00,6d,00,73,00,76,00,31,00,5f,00,30,00,00,00,73,00,63,00,68,00,61,00,6e,00,\
  6e,00,65,00,6c,00,00,00,77,00,64,00,69,00,67,00,65,00,73,00,74,00,00,00,74,\
  00,73,00,70,00,6b,00,67,00,00,00,00,00

By default, CredSSP is turned off in Windows XP SP3 , To turn it on here is the key.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,credssp.dll"

More info about this :

Description of the Remote Desktop Connection 7.0 client update for Remote Desktop Services (RDS) for Windows XP SP3, Windows Vista SP1, and Windows Vista SP2

Credential Security Support Provider (CredSSP) in Windows XP Service Pack 3 (SP3).

WordPress Tags: connection,Network,Level,Authentication,Where,option,server,manager,computer,Choose,Configure,Remote,Desktop,Prehistoric,version,Beta,steps,Click,Start,ENTER,navigation,pane,HKEY_LOCAL_MACHINE,SYSTEM,CurrentControlSet,Control,Packages,Modify,Value,data,Leave,SSPs,SecurityProviders,Exit,Registry,Editor,Restart,CredSSP,info,Description,client,Services,Vista,Credential,Support,Provider,Service,Pack,users,subkey

Posted January 31, 2011 by Robert Smit [MVP] in Network Level Authentication (NLA) is disabled

Tagged with

  • Twitter

  • %d bloggers like this: