Remote Desktop to a PC not joined to AD domain

By -

 In cases where you are in an Active Directory environment and you need to remote to a desktop that's not joined to that directory, or is a member of an Azure directory, the login prompt usually leads to an error.

Remote machine is AAD joined. IF you are signing in to your work account, try using your work email address:



There are a couple of options: 

  1. Log in via Azure web (will required 2FT if enabled)
  2. Present the login AFTER the RDC connection

Here are the steps:

1. Login via Azure

  1. On Remote Desktop, click Show Options, Advanced tab
  2. Check "Use a web account to sign in to the remote computer"
  3. Click Connect
  4. Your organisation's Azure SSO login screen will appear. 

2. Present the login screen AFTER connecting to RDC

  1. Go to your Documents folder and look for .rdp that you are using
  2. Right-click this file and edit using Notepad
  3. At the bottom of the file, add this line:
    enablecredsspsupport:i:0
    authentication level:i:2
  4. Save the file.
  5. Open Remote Desktop and connect to the computer
  6. After connecting, it will display the computer's login screen

Tip 1: Edit Default.rdp, if you want to use this method on all new connections.
Tip 2: In this option, you cannot save login information (ie, you have to type the password everytime) 
Tip 3: If you are getting this error, remove the 2 lines again. 



Comments

Post a Comment

Popular posts from this blog

Remote Desktop (RDC) in only 2 of 3 monitors

By -
I'm currently using a laptop at home to connect to work. I would normally VPN in and use Remote Desktop Connection to access my office desktop. My laptop is connected to a dock which is then connected to 2 big monitors - so I have 3 monitors in total. However, I only want RDC displayed in the 2 big monitors, leaving my laptop screen for my local apps (meetings, chats, and other communication tools). By default, Microsoft RDC only gives you the option to use a single display (by choosing the resolution), or to "use all my monitors". Here's a simple trick to overcome this. First, identify your monitors using the mstsc /l command. This will give you the list of monitors you currently have. Take note of the monitor index numbers (0, 1 ,2 , etc) Open Remote Desktop Click Show Options Type in your Computer Name Click Save As and save the RDP file/shortcut Look for the RDP file that you saved and open it in Notepad  Look for use multimon:i:0 and change it to u...
Read more

Windows RRAS VPN configuration when server is behind NAT

By -
The following configuration changes have to be done when the Windows VPN server (Remote Access and Routing Service) is behind NAT (ie, server has a private IP). To make PPTP work: Allow tcp/1723 traffic to flow through the firewall to the RRAS server Add inspect pptp on the firewall To make L2TP/IPSec work on Windows clients: On the client device, open Registry Editor Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent Add a DWORD (32-bit) key named AssumeUDPEncapsulationContextOnSendRule   Set the value to 2, and base to Hexadecimal Restart the client PC (this is important). Done!
Read more