These are recommendations for Small Office/Home Office (SoHo) users connecting to a standalone Windows Vista host computer with the Remote Desktop 6.0 client software only. Users connecting to remote computers in a corporate or domain environment should check with their network administrators for configuration guidance. Users are encouraged to use a strong password when logging onto a remote PC with Remote Desktop.
Allow someone to access to your computer using Remote Desktop
Customize the Vista Remote Desktop 6.0 client including enabling Network Level Authentication
Enable Windows
XP SP3 Network Level
Authentication client support
Enhance Windows Vista Remote Desktop client to host communication security by enabling Network Level Authentication
Optional Vista Remote Desktop host group policy configuration
Vista Remote Desktop 6.0 Client Connection Authentication FAQ
How to access to multiple Remote Desktop sessions that are behind a firewall, NAT or router
How to change the Remote Desktop listening port on the host computer
Open Remote Desktop then select Options.
Enter the name or address of the remote Computer then select Display. Select the appropriate Remote desktop size.
Select Printers and/or Clipboard redirection as desired. Click on More and configure additional local device redirection as needed.
Configure Performance characteristics depending on the connection to the remote PC.
When connecting to a Vista Remote Desktop host that requires Network Level Authentication select Do not connect if authentication fails from the Authentication options drop down menu. Click on Settings. Check the Do not use a TS Gateway server check box. Click on OK. (Note the following two screen shots are from a Vista Ultimate SP1 computer)
Select Save or Save As.
By default, Network Level Authentication is disabled in Windows XP Service Pack 3. To enable Network Level Authentication, you have to turn on the Credential Security Service Provider (CredSSP). For more information about how to turn on CredSSP read this Microsoft Knowledge Base article. After rebooting the XP SP3 client computer see the online Vista help pages for details on how to check if a client computer supports Network Level Authentication.
For enhanced Windows Vista or XP SP3 client to Vista host Remote Desktop communication security enable Vista Remote Desktop host Network Level Authentication by selecting the Allow connections only from computers running Remote Desktop with Network Level Authentication (more secure) radio button.
WARNING: Mandating the use of Network Level Authentication may preclude Remote Desktop clients running on versions of Windows that do not support Network Level Authentication from connecting to the Vista Remote Desktop host computer. See the online Vista help pages for details on how to check if a client computer supports Network Level Authentication.
As a system administrator go to Start | Run and type gpedit.msc in the command window. Navigate to Local Computer Policy | Computer Configuration | Administrative Templates | Windows Components | Terminal Services | Terminal Server | Security. Highlight the Set client connection encryption level group policy then right click to configure the encryption level to High and Enabled. Enable the Always prompt client for password upon connection group policy.
Users can speed up the rendering of the remote PC desktop display, particularly over slow data links, by disabling the display of the remote PC desktop wallpaper on the client PC's. Navigate to the Local Computer Policy | Computer Configuration | Administrative Templates | Windows Components | Terminal Services | Terminal Server | Remote Session Environment policies. Double click on the Enforce Removal of Remote Desktop Wallpaper policy and select Enable. Click OK to save the new configuration. Click on File | Exit to exit the Group Policy Editor.
For various reasons users may want to change the default Remote Desktop Listening Port from the default TCP Port 3389 to something else. The following details the procedure used to both change the port and how to address the Remote Desktop PC using the new listening port.
IMPORTANT: This procedure contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs.
To change the Remote Desktop Listening Port reference the Microsoft Knowledge Base Article Q306759 . Note the Remote Desktop host computer that the listening port was changed on MUST BE REBOOTED in order for the registry change to take effect.
Read Microsoft Knowledge Base Article Q304304 for instructions on how to configure the Remote Desktop Client to call using an alternate port.
| Last reviewed: 17 June 2008...awj Copyright © 2008 - Alan W. Jarvi - All rights reserved The Microsoft MVP Program |
 |