Start a new topic

RDP Saved Credentials

I love using Royal TSX on Mac!  On the Windows servers I regularly RDP to, I was able to use a saved credential and launch the server from a double-click on the shortcut.


However, now that I am trying Royal TS on PC with the same servers, I get a popup specifying "The server's authentication policy does not allow connection requests using saved credentials" and I have to enter the credential again.  This happens with Windows RDP and any other RDP managers I have tried on PC.


I am wondering how Royal TSX on Mac was able to get around this, and if there is some way I could make it work on PC.  Anyone have any ideas?  I was planning on purchasing a full license of Royal TS if I could get the trial to work like Royal worked on my Mac.


Thanks!


Hi Eddie,


I think the behavior is different because Royal TSX on the Mac is using FreeRDP, which is an open source RDP client. Windows is using Microsoft's RDP ActiveX control which ships with Windows (as many other RDP managers do). It seems that the FreeRDP implementation does not honor the Group Policy setting. As far as I know, the only way to make this work on Windows is to disable the policy which prevents using credentials upfront.


Regards,
Stefan

Thanks Stefan!  This is exactly what I needed to know.  I will continue using Royal TSX when on Mac, but I found another client to use on PC that uses FreeRDP and lets me bypass this annoyance.

You're welcome. Out of curiosity, which client on Windows are you using?

I found Remote Desktop Manager by Devolutions.  I like it pretty well so far!

Sorry to dig up an old thread, but if this is built into a Microsoft-provided RDP component that RoyalTS uses, then what are the chances of RoyalTS adopting an alternative RDP client, like it does for SSH (Rebex & PuTTY)? ;-)

This "security" measure is really driving me up the wall. And of course, the security people are deaf to usability complaints. It ticks a box on some auditor's form, so it must be good. ;-)

It also does not achieve the (presumed) real goal - the password is still saved client-side, it just doesn't work. :-|

Hi Christian,


we can try to implement FreeRDP in the same way we do with PuTTY (embedding an external application - with all the "drawbacks" this approach brings to the table). Before we do that, can you try using the standalone FreeRDP client and see if this actually resolves the problem on your side (assuming it is related to the authentication level checks)?


Regards,
Stefan

Hi Stefan,


yes, this seems to work without getting the prompt:

wfreerdp.exe /v:hostname /u:username /p:password

I assume that would be enough to trigger that prompt, considering I didn't enter the credentials "interactively".

Good to know. I will investigate and see if I can integrate freeRDP like PuTTY. In the meantime you could use the External Application connection type to integrate it now:

https://docs.royalapps.com/r2021/royalts/reference/connections/external-app.html


If this works, it will probably also be possible to integrate it into Royal TS like PuTTY...


Regards,
Stefan

Hi,  If there is any update on this i would be most grateful to hear it.  I am a long time mac user, being pushed use windows here - this issue is driving me and my colleagues bananas.  


Like Christian, those deciding policy refuse to accept how flakey these client-based 'security' measures are and so refuse to change group policy.

Login or Signup to post a comment