Re: RDP with SSL/TLS in XP?

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

I was able to get a Vista box in our test network and verify that Vista
solicits certificates from my PKI and it does RDP/TLS/SSL.

It was nice to find that you don't need to configure the RDP protocol to use
SSL like with Windows Server 2003! So you don't need tscc.msc.

Rich

"Gaurav Daga [MSFT]" <gauravd@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:uh8wDmXdHHA.208@xxxxxxxxxxxxxxxxxxxxxxx
Yes - there is mutual authentication in RDP in Vista which provides both
user and server authentication.

"Rich Raffenetti" <rich@xxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:%23ob5DeXdHHA.2068@xxxxxxxxxxxxxxxxxxxxxxx
Disappointing! Does Vista have support?

"Gaurav Daga [MSFT]" <gauravd@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:ux1upYWdHHA.4616@xxxxxxxxxxxxxxxxxxxxxxx
You can host the web control on a webpage protected by https which
requires user authentication. This will not provide user authentication
to the TS (as that is another connection), but it ups the bar a bit.

"Rich Raffenetti" <rich@xxxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:esvlxZ5cHHA.2332@xxxxxxxxxxxxxxxxxxxxxxx
Service Pack 1 for Windows Server 2003 added the ability to use RDP
over an SSL/TLS session.

To enable it on a server you run Terminal Services Configuration and
alter the protocol on the General tab. I found several links which
describe the setting details by searching the keywords RDP and TLS.

Since I use RDP to get to XP desktop machines I want to use SSL/TLS
with XP to have better security. And I want to make this capability
generally available across my organization. Distributing the required
SSL certificates to XP desktops in our domain is not an issue since we
have a PKI.

Yet there is no Terminal Services Configuration tool in the
Administrative Tools on XP nor can one add the tscc.msc snap in to an
MMC. Tscc.msc is not present on XP Pro. I found no discussion of RDP
over SSL/TLS in XP.

When you run the MMC on a server and configure SSL, it tells the
operator that changes were made to the registry. If equivalent changes
are made to the registry on XP, will RDP run over SSL/TSL?
Alternatively, can you copy tscc.msc to an XP system?







.

Relevant Pages

  • Re: RDP with SSL/TLS in XP?
    ... "Rich Raffenetti" wrote in message ... It was nice to find that you don't need to configure the RDP protocol to use SSL like with Windows Server 2003! ... Distributing the required SSL certificates to XP desktops in our domain is not an issue since we have a PKI. ...
    (microsoft.public.windows.terminal_services)
  • RE: Windows Remote Desktop
    ... between the server and client in addition to RDP encryption. ... On the topic of securing RDP i was wondering if anyone can help.... ... connection is difficult. ... >We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion ...
    (Security-Basics)
  • RE: Windows Remote Desktop
    ... clients and match your server configuration to match the target server ... Https would not be subject to a MiM attack using the method I described. ... Citrix can be more secure then RDP. ... >We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion ...
    (Security-Basics)
  • RE: Windows Remote Desktop
    ... This step confirms that the server is ... Subject: Windows Remote Desktop ... Citrix can be more secure then RDP. ... >We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion ...
    (Security-Basics)
  • RE: Windows Remote Desktop
    ... On the topic of securing RDP i was wondering if anyone can help.... ... If you get a hold of the certificate the server presents to the ... SSL/HTTPS then use the Citrix ICA encryption on top of that, ... >We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion ...
    (Security-Basics)