Q:

So the release of Windows Server 2012 has removed a lot of the old Remote Desktop related configuration utilities. In particular, there is no more Remote Desktop Session Host Configuration utility that gave you access to the RDP-Tcp properties dialog that let you configure a custom certificate for the RDSH to use. In its place is a nice new consolidated GUI that is part of the overall "edit deployment properties" workflow in the new Server Manager. The catch is that you only get access to that workflow if you have the Remote Desktop Services role installed (as far as I can tell).

This seems like a bit of an oversight on Microsoft's part. How can we configure a custom SSL certificate for RDP on Windows Server 2012 when it's running in the default Remote Administration mode without needlessly installing the Remote Desktop Services role?

Important: you need open a CMD by "Run as administrator" then perform the wmic command.

A:

38 down vote accepted

It turns out that much of the configuration data for RDSH is stored in the Win32_TSGeneralSetting class in WMI in the root\cimv2\TerminalServices namespace. The configured certificate for a given connection is referenced by the Thumbprint value of that certificate on a property called SSLCertificateSHA1Hash.

In order to get the thumbprint value

  1. Open the properties dialog for your certificate and select the Details tab
  2. Scroll down to the Thumbprint field and copy the space delimited hex string into something like Notepad
  3. Remove all the spaces from the string. You'll also want to watch out for and remove a non-ascii character that sometimes gets copied just before the first character in the string. It's not visible in Notepad.
  4. This is the value you need to set in WMI. It should look something like this: 1ea1fd5b25b8c327be2c4e4852263efdb4d16af4.

Now that you have the thumbprint value, here's a one-liner you can use to set the value using wmic:

wmic /namespace:\\root\cimv2\TerminalServices PATH Win32_TSGeneralSetting Set SSLCertificateSHA1Hash="THUMBPRINT"

Or if PowerShell is your thing, you can use this instead:

$path = (Get-WmiObject -class "Win32_TSGeneralSetting" -Namespace root\cimv2\terminalservices -Filter "TerminalName='RDP-tcp'").__path

Set-WmiInstance -Path $path -argument @{SSLCertificateSHA1Hash="THUMBPRINT"}

It occurs to me that this solution would probably work on Windows 8 systems as well. I haven't played with it much myself yet though.

Note: the certificate must be in the 'Personal' Certificate Store for the Computer account.

Configure custom SSL certificate for RDP on Windows Server 2012 in Remote Administration mode的更多相关文章

  1. Mac上远程桌面连接Windows Server 2012 R2

    在将一台服务器的操作系统由Windows Server 2012升级为Windows Server 2012 R2之后,在Mac电脑上用微软的远程桌面软件怎么也连不上服务器,错误信息如下: Remot ...

  2. 怎么取消 Windows Server 2012 r2 RDP 限制每个用户只能进行一个会话(转)

    在 Windows Server 2008 / 2008 R2 上,如果希望多个远程用户使用同一个账号同时访问服务器的 Remote Desktop(RDP),只需通过管理工具-远程桌面下的“远程桌面 ...

  3. 怎么取消 Windows Server 2012 RDP 限制每个用户只能进行一个会话

    在 Windows Server 2008 / 2008 R2 上,如果希望多个远程用户使用同一个账号同时访问服务器的 Remote Desktop(RDP),只需通过管理工具-远程桌面下的“远程桌面 ...

  4. Installing IIS 8.5 on Windows Server 2012 R2

    原文 Installing IIS 8.5 on Windows Server 2012 R2 Introduction This document describes how to install ...

  5. [转]Installing SharePoint 2013 on Windows Server 2012 R2

    转自:http://www.avivroth.com/2013/07/09/installing-sharepoint-2013-on-windows-server-2012-r2-preview/ ...

  6. Windows Server 2012重复数据删除技术体验

    在企业环境中,对磁盘空间的需求是惊人的.数据备份.文件服务器.软件镜像.虚拟磁盘等都需要占据大量的空间.对此,微软在Windows Server 2012中引入了重复数据删除技术.重复数据删除技术通过 ...

  7. Windows Server 2012 R2 IIS8.5+PHP(FastCGI)+MySQL环境搭建教程

    原文地址:http://www.osyunwei.com/archives/7378.html 搬运是为了自己找资料方便. 准备篇 一.环境说明: 操作系统:Windows Server 2012 R ...

  8. Windows Server 2012 R2 IIS8.5+PHP(FastCGI)+MySQL环境搭建教程

    准备篇 一.环境说明: 操作系统:Windows Server 2012 R2 PHP版本:php 5.5.8 MySQL版本:MySQL5.6.15 二.相关软件下载: 1.PHP下载地址: htt ...

  9. Windows Server 2012 R2 设置 smtp 服务器

    Windows Server 2012/2012 R2:安装和配置 SMTP 服务器 安装 SMTP 服务器 以下是安装 SMTP 服务器功能的步骤: 打开“服务器管理器”:单击键盘上的 Window ...

随机推荐

  1. codeforce The Art of Dealing with ATM

    题目大意 ATM取款机有n种不同的钱币kind[i],每次取款允许吐出不超过k张钱币,且钱币的种类数不能超过2(一开始没理解2的意思),现在有q次取款,钱数为ques,问ATM能否凑出这样的钱,若能的 ...

  2. 学习iOS笔记第一天的C语言学习记录

    c语言基础学习 int num1 = 15; int num2 = 5; int temp = 0; //先把num1放到temp里 temp = num1; //先把num2放到num1里 num1 ...

  3. Mysql Too Many Connections问题解决

    MySQL的max_connections参数用来设置最大连接(用户)数.每个连接MySQL的用户均算作一个连接,max_connections的默认值为100.本文将讲解此参数的详细作用与性能影响. ...

  4. ZOJ 1029 Moving Tables

    原题链接 题目大意:走廊两边排列了400个房间,要在两个房间之间搬桌子.搬桌子的时候会占用一部分走廊,有冲突的话要回避.求最快搬完的时间. 解法:开辟一个数组,每占用一段走廊,就把相应的房间号的元素加 ...

  5. UVa 1592 数据库(c++pair)

    Input Input contains several datasets. The first line of each dataset contains two integer numbersn  ...

  6. java多线程之:SynchronousQueue队列

    SynchronousQueue是这样一种阻塞队列,其中每个 put 必须等待一个 take,反之亦然.同步队列没有任何内部容量,甚至连一个队列的容量都没有.      不能在同步队列上进行 peek ...

  7. SPI相位跟极性介绍

    [详解]SPI中的极性CPOL和相位CPHA是什么以及如何设置   2012-03-0214:34:10|  分类:单片机 |  标签: |字号大中小 订阅 版本:2011-08-15 作者:crif ...

  8. weblogic管理2 - 创建并启动一个managed server

    创建一个managed server. 1.  进入网页console管理页面,如:http://10.100.25.14:7001/console     , 先点击->服务器 (红色标记框) ...

  9. js调用百度地图API创建地图,搜索位置

    实现代码: <!DOCTYPE html> <html> <head> <meta charset="UTF-8"> <met ...

  10. SQLServer中临时表与表变量的区别分析

    临时表 临时表与永久表相似,只是它的创建是在Tempdb中,它只有在一个数据库连接结束后或者由SQL命令DROP掉,才会消失,否则就会一直存在.临时表在创建的时候都会产生SQL Server的系统日志 ...