How to secure remote desktop connections using TLS/SSL based authentication

Requirement

When you enable remote desktop on a Windows Server for administrative purposes, security issues may arise depending on how you have configured your server

Steps in windows server end

Prerequisites

  1. Ensure your terminal server is running Windows Server 2003 including SP1
  2. You also need a TLS/SSL based certificate that should be installed with the following specifications:
    1. The certificate should be computer based
    2. The certificate's purpose should be server authentication
    3. The certificate¡¯s private key should be available
    4. Since it is a computer based certificate, it should be stored in the computer account certificate store on the terminal server

1-Request a certificate

We will Request a certificate in Internet Explore, About how to Request a certificate, Please access
How To Request a certificate from Certificate Authority server in Internet Explore?

2-Issue the certificate

After you requested certificate, You can login Certificate Authority server to issue the certificate. Please access
How to Issue A certificate in Certificate Authority server?

3-Install certificate in Certificate Authority server

After you issued the certificate, You can install the certificate in Certificate Authority server. Please access
How to Install A certificate in Certificate Authority server?

4-Export certificate in Certificate Authority server

After you installed certificate in step3, You will can get the
certificate information in Internet Options tool. You can export it from
here, Please access
How to Export A certificate in Certificate Authority server?

5-Export root certificate in Certificate Authority server

MS SQL Server and all clients have to import Root Certificate, You can
export root certificate in Certificate Authority server
How to Export root certificate in Certificate Authority server?

6-Import certificate and Trusted Root Certification Authority in server

About how to import certificate, Please access
How To Import Personal Certificate With MMC?

7-Configure the Terminal Services

About how to Configure the Terminal Services, Please access
How To Configure the Terminal Services?

Steps in client computer end

Prerequisites

  1. The client computer must be running Microsoft Windows 2000, Windows XP, Windows Server 2003 or Windows Vista
  2. For Windows 2000, XP and Windows Server 2003, the remote desktop client version 5.2 or newer should be used.
  3. Only authorized clients should be able to trust the root
    Certification Authority (CA) that has issued the computer based
    certificate residing on the terminal server. This will ensure that a
    TLS/SSL connection can be established from a trusted client.

1- Install Trusted Root Certification Authority

Note: You should install Trusted Root Certification Authority in your client computer.
About how to import Trusted Root Certification Authority, Please access
How To Install Trusted Root Certification Authority With MMC?

Connect to remote using TLS/SSL based authentication

Start the Remote Desktop client

start the Remote Desktop client and select the Security tab which is
a new tab that is included with the updated remote desktop client

You can now connect and logon to the terminal server

How to secure remote desktop connections using TLS/SSL的更多相关文章

  1. Connect to a Windows PC from Ubuntu via Remote Desktop Connection

    http://www.7tutorials.com/connecting-windows-remote-desktop-ubuntu A useful feature of Windows is be ...

  2. 使用ubuntu远程连接windows, Connect to a Windows PC from Ubuntu via Remote Desktop Connection

    from: https://www.digitalcitizen.life/connecting-windows-remote-desktop-ubuntu NOTE: This tutorial w ...

  3. Configure Security Settings for Remote Desktop(RDP) Services Connections

    catalogue . Configure Server Authentication and Encryption Levels . Configure Network Level Authenti ...

  4. remote desktop connect btw Mac, Windows, Linux(Ubuntu) Mac,Windows,Linux之间的远程桌面连接

    目录 I. 预备 II. Mac连接Windows III. Windows连接Mac IV. Windows连接Ubuntu V. Mac连接Ubuntu VI. Ubuntu连接Mac VII, ...

  5. Running a Remote Desktop on a Windows Azure Linux VM (远程桌面到Windows Azure Linux )-摘自网络(试了,没成功 - -!)

                              A complete click-by-click, step-by-step video of this article is available ...

  6. 开启Remote Desktop的PowerShell

    1) Enable Remote Desktop set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Ser ...

  7. Microsoft Remote Desktop 通过 .rdp 文件登录

    最近在淘宝上买了「市场洞察」子账号,说是子账号,其实是需要登录到他们的 Windows 服务器上才能用的.并且子账号也是 5-6 个人共用的,且不说远程服务器很老又有延迟,经常是我想添加一个监控店铺或 ...

  8. Remote Desktop Connection Manager

    通过Remote Desktop Connection Manager(RDCMan),当前最新版本是 v2.7. 通过这款软件,我们便可以轻松的管理和访问数个RDP.左边的列表中我们可以创建总的分区 ...

  9. Windows组件:打开MSDTC,恢复Windows TaskBar,查看windows日志,打开Remote Desktop,打开Services,资源监控

    一,Win10 打开 MSDTC 1,Win+R 打开运行窗口,输入 dcomcnfg,打开组件服务窗口 2,在组件服务 catalog下找到 Distributed Transaction Coor ...

随机推荐

  1. pywinauto 的使用

    要用python实现Windows窗口程序的自动化操作,可以用ctypes调用windowsapi来实现,还可以用pywin32+pywinauto来实现,后者是别人造的轮子. pywinauto首页 ...

  2. stark组件(7):增加分页功能

    效果图: 分页部分代码: # 1.分页处理 all_count = self.model_class.objects.all().count() query_params = request.GET. ...

  3. C语言指针篇(二)多级指针

        多级指针         多级指针常常使用于数组.这里仅仅介绍一下它长什么样,后文会再次详细对比使用.         多级指针呢,常见的有二级指针.见图.             二级指针的 ...

  4. POJ 3254 状压DP(基础题)

    Corn Fields Time Limit: 2000MS   Memory Limit: 65536K Total Submissions: 17749   Accepted: 9342 Desc ...

  5. [USACO12JAN]视频游戏的连击Video Game Combos(AC自动机+DP)

    Description 贝西正在打格斗游戏.游戏里只有三个按键,分别是“A”.“B”和“C”.游戏中有 N 种连击 模式,第 i 种连击模式以字符串 Si 表示,只要贝西的按键中出现了这个字符串,就算 ...

  6. 14 Django的用户认证组件

    用户认证 auth模块 from django.contrib import auth django.contrib.auth中提供了许多方法,这里主要介绍其中的三个: 1.1 .authentica ...

  7. ST表学习

    啊谈不上学习了.复习一下原理留一下板子. $f\left[i,j \right]$表示以$i$为起点,区间长度为${2}^{j}$的区间最值.以最小值为例,即 $min\left(a\left [ k ...

  8. CNN:

    (1)卷积:对图像元素的矩阵变换,是提取图像特征的方法,多种卷积核可以提取多种特征.一个卷积核覆盖的原始图像的范围叫做感受野(权值共享).一次卷积运算提取的特征往往是局部的,难以提取出比较全局的特征, ...

  9. 《Cracking the Coding Interview》——第12章:测试——题目4

    2014-04-25 00:35 题目:没有专门的测试工具,你要如何对一个网页进行压力测试? 解法:拼手速,拼电脑数量呗.快捷键+复制粘贴网址,狂搞一番.话说回来,有脚本语言的情况下,直接写个脚本来模 ...

  10. 《数据结构》C++代码 Splay

    Splay,伸展树.之所以先写这个课内并不怎么常用的数据结构,是因为本人非常喜欢Splay,我觉得这是非常有美感且灵活的一种平衡树.在此先声明,我的伸展树写法来源于CLJ大牛,基础好的同学可以去他的博 ...