I came across an annoying little issue today. Whether it be down to the default settings of Windows Server 2012, or one of the hardening settings of our corporate build, I don’t know, but it’s annoying either way.
My corporate provided laptop operating system is mandated at Windows XP. I regularly (90+% of every day) use it to remote control servers, and this is normally through RDP (I prefer RDP over vSphere client for Virtual Machines too).
It seems that by default, the Windows XP Remote Desktop Client does not support Network Level Authentication (NLA), which is what our 2012 servers demand.
Fortunately, there is a quick fix to the problem. All you need to do is add a couple of registry entries, restart your computer, and you’re away. The entries are as follows :
In regedit.exe, select the following key :
Within this key, there is a REG_SZ value called “SecurityProviders”, which contains multiple comma separated values. At the end of this string, add a comma and “credssp.dll” :
Click OK, then select the following registry key :
Within this key, there is a REG_MULTI_SZ value called “Security Packages”, which contains a list. At the end of this list, add “tspkg” :
Click OK, close regedit and restart your computer.
You should now be able to RDP to Windows Server 2012 without the pain!
P.S. Just to prove this is not turning into a purely technical blog, here’s a picture of Coco the dog, enjoying the snow a couple of weeks ago :