How to stop prompt for Credentials?

  • Thread starter Thread starter Simon White
  • Start date Start date
S

Simon White

Guest
I have secure website used by clients to connect to terminal servers. When
they click a link a dynamically created RDP file is returned launching their
Remote Desktop Connection. However, they are now prompted for a password
despite the fact that it was supplied in the RDP file. The terminal servers
all use SSL and I have turned off the prompt for credentials item in the RDP
file.

If they login and save their password then it appears to work fine on
subsequent connections however the problem is that they usually do not know
the password having not needed it in the past. I would actually prefer not
to give it to them so that I can change them on a regular basis without
having to tell them.

So is my problem related to a "User name hint" bug I read about or is there
no way now to automate connection to a terminal server without user
intervention?

The clients are using RDC v6 connecting to Window 2003 servers.
 
Re: How to stop prompt for Credentials?

Storing the password in the file only works for the same user on
the same workstation as where the file was created (that's why it
works on the second connection). So you can't copy a standard file
to all clients.

Check here as well:

Vista Remote Desktop Connection Authentication FAQ
http://blogs.msdn.com/ts/archive/2007/01/22/vista-remote-desktop-
connection-authentication-faq.aspx

_________________________________________________________
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
TS troubleshooting: http://ts.veranoest.net
*----------- Please reply in newsgroup -------------*

=?Utf-8?B?U2ltb24gV2hpdGU=?=
<SimonWhite@discussions.microsoft.com> wrote on 18 feb 2008:

> I have secure website used by clients to connect to terminal
> servers. When they click a link a dynamically created RDP file
> is returned launching their Remote Desktop Connection. However,
> they are now prompted for a password despite the fact that it
> was supplied in the RDP file. The terminal servers all use SSL
> and I have turned off the prompt for credentials item in the RDP
> file.
>
> If they login and save their password then it appears to work
> fine on subsequent connections however the problem is that they
> usually do not know the password having not needed it in the
> past. I would actually prefer not to give it to them so that I
> can change them on a regular basis without having to tell them.
>
> So is my problem related to a "User name hint" bug I read about
> or is there no way now to automate connection to a terminal
> server without user intervention?
>
> The clients are using RDC v6 connecting to Window 2003 servers.
 
Re: How to stop prompt for Credentials?

I understand that is how it works unfortunately that is useless for my
applications. I can handle that MS does not store the password in the RDP
file by design however it would be useful if it would use the password if it
found in the RDP file.

Otherwise it is nearly impossible to give users an automatic method of
connecting to TS Applications without at least once having them fill in the
user name and password. Perhaps MS does not have any idea often people
forget their passwords and how much time I must spend re-setting them. I can
eliminate all this extra unnecessary work if the user never has to know the
password and the RDC just uses what it finds in the RDP file.

To me their fix does not provide extra security because users just create
easier passwords and write them down so anyone can either figure them out or
look them up.

So now I am must start using a RDP launcher to work around this problem. To
be honest I am not impressed.

Simon



"Vera Noest [MVP]" wrote:

> Storing the password in the file only works for the same user on
> the same workstation as where the file was created (that's why it
> works on the second connection). So you can't copy a standard file
> to all clients.
>
> Check here as well:
>
> Vista Remote Desktop Connection Authentication FAQ
> http://blogs.msdn.com/ts/archive/2007/01/22/vista-remote-desktop-
> connection-authentication-faq.aspx
>
> _________________________________________________________
> Vera Noest
> MCSE, CCEA, Microsoft MVP - Terminal Server
> TS troubleshooting: http://ts.veranoest.net
> *----------- Please reply in newsgroup -------------*
>
> =?Utf-8?B?U2ltb24gV2hpdGU=?=
> <SimonWhite@discussions.microsoft.com> wrote on 18 feb 2008:
>
> > I have secure website used by clients to connect to terminal
> > servers. When they click a link a dynamically created RDP file
> > is returned launching their Remote Desktop Connection. However,
> > they are now prompted for a password despite the fact that it
> > was supplied in the RDP file. The terminal servers all use SSL
> > and I have turned off the prompt for credentials item in the RDP
> > file.
> >
> > If they login and save their password then it appears to work
> > fine on subsequent connections however the problem is that they
> > usually do not know the password having not needed it in the
> > past. I would actually prefer not to give it to them so that I
> > can change them on a regular basis without having to tell them.
> >
> > So is my problem related to a "User name hint" bug I read about
> > or is there no way now to automate connection to a terminal
> > server without user intervention?
> >
> > The clients are using RDC v6 connecting to Window 2003 servers.

>
 
Re: How to stop prompt for Credentials?

There are plenty of 3rd party solutions to address this issue. Provision
Networks, Citrix, Ericom, 2x...


--
Patrick C. Rouse
Microsoft MVP - Terminal Server
SE, West Coast USA & Canada
Quest Software, Provision Networks Division
Virtual Client Solutions
http://www.provisionnetworks.com


"Simon White" wrote:

> I understand that is how it works unfortunately that is useless for my
> applications. I can handle that MS does not store the password in the RDP
> file by design however it would be useful if it would use the password if it
> found in the RDP file.
>
> Otherwise it is nearly impossible to give users an automatic method of
> connecting to TS Applications without at least once having them fill in the
> user name and password. Perhaps MS does not have any idea often people
> forget their passwords and how much time I must spend re-setting them. I can
> eliminate all this extra unnecessary work if the user never has to know the
> password and the RDC just uses what it finds in the RDP file.
>
> To me their fix does not provide extra security because users just create
> easier passwords and write them down so anyone can either figure them out or
> look them up.
>
> So now I am must start using a RDP launcher to work around this problem. To
> be honest I am not impressed.
>
> Simon
>
>
>
> "Vera Noest [MVP]" wrote:
>
> > Storing the password in the file only works for the same user on
> > the same workstation as where the file was created (that's why it
> > works on the second connection). So you can't copy a standard file
> > to all clients.
> >
> > Check here as well:
> >
> > Vista Remote Desktop Connection Authentication FAQ
> > http://blogs.msdn.com/ts/archive/2007/01/22/vista-remote-desktop-
> > connection-authentication-faq.aspx
> >
> > _________________________________________________________
> > Vera Noest
> > MCSE, CCEA, Microsoft MVP - Terminal Server
> > TS troubleshooting: http://ts.veranoest.net
> > *----------- Please reply in newsgroup -------------*
> >
> > =?Utf-8?B?U2ltb24gV2hpdGU=?=
> > <SimonWhite@discussions.microsoft.com> wrote on 18 feb 2008:
> >
> > > I have secure website used by clients to connect to terminal
> > > servers. When they click a link a dynamically created RDP file
> > > is returned launching their Remote Desktop Connection. However,
> > > they are now prompted for a password despite the fact that it
> > > was supplied in the RDP file. The terminal servers all use SSL
> > > and I have turned off the prompt for credentials item in the RDP
> > > file.
> > >
> > > If they login and save their password then it appears to work
> > > fine on subsequent connections however the problem is that they
> > > usually do not know the password having not needed it in the
> > > past. I would actually prefer not to give it to them so that I
> > > can change them on a regular basis without having to tell them.
> > >
> > > So is my problem related to a "User name hint" bug I read about
> > > or is there no way now to automate connection to a terminal
> > > server without user intervention?
> > >
> > > The clients are using RDC v6 connecting to Window 2003 servers.

> >
 
Re: How to stop prompt for Credentials?

Unfortunately most of these solution are not cost effective in my case.

Simon

"Patrick Rouse" wrote:

> There are plenty of 3rd party solutions to address this issue. Provision
> Networks, Citrix, Ericom, 2x...
>
>
> --
> Patrick C. Rouse
> Microsoft MVP - Terminal Server
> SE, West Coast USA & Canada
> Quest Software, Provision Networks Division
> Virtual Client Solutions
> http://www.provisionnetworks.com
>
>
> "Simon White" wrote:
>
> > I understand that is how it works unfortunately that is useless for my
> > applications. I can handle that MS does not store the password in the RDP
> > file by design however it would be useful if it would use the password if it
> > found in the RDP file.
> >
> > Otherwise it is nearly impossible to give users an automatic method of
> > connecting to TS Applications without at least once having them fill in the
> > user name and password. Perhaps MS does not have any idea often people
> > forget their passwords and how much time I must spend re-setting them. I can
> > eliminate all this extra unnecessary work if the user never has to know the
> > password and the RDC just uses what it finds in the RDP file.
> >
> > To me their fix does not provide extra security because users just create
> > easier passwords and write them down so anyone can either figure them out or
> > look them up.
> >
> > So now I am must start using a RDP launcher to work around this problem. To
> > be honest I am not impressed.
> >
> > Simon
> >
> >
> >
> > "Vera Noest [MVP]" wrote:
> >
> > > Storing the password in the file only works for the same user on
> > > the same workstation as where the file was created (that's why it
> > > works on the second connection). So you can't copy a standard file
> > > to all clients.
> > >
> > > Check here as well:
> > >
> > > Vista Remote Desktop Connection Authentication FAQ
> > > http://blogs.msdn.com/ts/archive/2007/01/22/vista-remote-desktop-
> > > connection-authentication-faq.aspx
> > >
> > > _________________________________________________________
> > > Vera Noest
> > > MCSE, CCEA, Microsoft MVP - Terminal Server
> > > TS troubleshooting: http://ts.veranoest.net
> > > *----------- Please reply in newsgroup -------------*
> > >
> > > =?Utf-8?B?U2ltb24gV2hpdGU=?=
> > > <SimonWhite@discussions.microsoft.com> wrote on 18 feb 2008:
> > >
> > > > I have secure website used by clients to connect to terminal
> > > > servers. When they click a link a dynamically created RDP file
> > > > is returned launching their Remote Desktop Connection. However,
> > > > they are now prompted for a password despite the fact that it
> > > > was supplied in the RDP file. The terminal servers all use SSL
> > > > and I have turned off the prompt for credentials item in the RDP
> > > > file.
> > > >
> > > > If they login and save their password then it appears to work
> > > > fine on subsequent connections however the problem is that they
> > > > usually do not know the password having not needed it in the
> > > > past. I would actually prefer not to give it to them so that I
> > > > can change them on a regular basis without having to tell them.
> > > >
> > > > So is my problem related to a "User name hint" bug I read about
> > > > or is there no way now to automate connection to a terminal
> > > > server without user intervention?
> > > >
> > > > The clients are using RDC v6 connecting to Window 2003 servers.
> > >
 
Re: How to stop prompt for Credentials?

I feel your pain Simon, but at some point it's about what just works, as you
don't want users rejecting a server based computing technology over issues
that have solutions. Terminal Server is a platform on which others extend,
and I don't see that changing. In most projects these kind of requirements
flush themselves out in the Proof of Concept phase.


--
Patrick C. Rouse
Microsoft MVP - Terminal Server
SE, West Coast USA & Canada
Quest Software, Provision Networks Division
Virtual Client Solutions
http://www.provisionnetworks.com


"Simon White" wrote:

> Unfortunately most of these solution are not cost effective in my case.
>
> Simon
>
> "Patrick Rouse" wrote:
>
> > There are plenty of 3rd party solutions to address this issue. Provision
> > Networks, Citrix, Ericom, 2x...
> >
> >
> > --
> > Patrick C. Rouse
> > Microsoft MVP - Terminal Server
> > SE, West Coast USA & Canada
> > Quest Software, Provision Networks Division
> > Virtual Client Solutions
> > http://www.provisionnetworks.com
> >
> >
> > "Simon White" wrote:
> >
> > > I understand that is how it works unfortunately that is useless for my
> > > applications. I can handle that MS does not store the password in the RDP
> > > file by design however it would be useful if it would use the password if it
> > > found in the RDP file.
> > >
> > > Otherwise it is nearly impossible to give users an automatic method of
> > > connecting to TS Applications without at least once having them fill in the
> > > user name and password. Perhaps MS does not have any idea often people
> > > forget their passwords and how much time I must spend re-setting them. I can
> > > eliminate all this extra unnecessary work if the user never has to know the
> > > password and the RDC just uses what it finds in the RDP file.
> > >
> > > To me their fix does not provide extra security because users just create
> > > easier passwords and write them down so anyone can either figure them out or
> > > look them up.
> > >
> > > So now I am must start using a RDP launcher to work around this problem. To
> > > be honest I am not impressed.
> > >
> > > Simon
> > >
> > >
> > >
> > > "Vera Noest [MVP]" wrote:
> > >
> > > > Storing the password in the file only works for the same user on
> > > > the same workstation as where the file was created (that's why it
> > > > works on the second connection). So you can't copy a standard file
> > > > to all clients.
> > > >
> > > > Check here as well:
> > > >
> > > > Vista Remote Desktop Connection Authentication FAQ
> > > > http://blogs.msdn.com/ts/archive/2007/01/22/vista-remote-desktop-
> > > > connection-authentication-faq.aspx
> > > >
> > > > _________________________________________________________
> > > > Vera Noest
> > > > MCSE, CCEA, Microsoft MVP - Terminal Server
> > > > TS troubleshooting: http://ts.veranoest.net
> > > > *----------- Please reply in newsgroup -------------*
> > > >
> > > > =?Utf-8?B?U2ltb24gV2hpdGU=?=
> > > > <SimonWhite@discussions.microsoft.com> wrote on 18 feb 2008:
> > > >
> > > > > I have secure website used by clients to connect to terminal
> > > > > servers. When they click a link a dynamically created RDP file
> > > > > is returned launching their Remote Desktop Connection. However,
> > > > > they are now prompted for a password despite the fact that it
> > > > > was supplied in the RDP file. The terminal servers all use SSL
> > > > > and I have turned off the prompt for credentials item in the RDP
> > > > > file.
> > > > >
> > > > > If they login and save their password then it appears to work
> > > > > fine on subsequent connections however the problem is that they
> > > > > usually do not know the password having not needed it in the
> > > > > past. I would actually prefer not to give it to them so that I
> > > > > can change them on a regular basis without having to tell them.
> > > > >
> > > > > So is my problem related to a "User name hint" bug I read about
> > > > > or is there no way now to automate connection to a terminal
> > > > > server without user intervention?
> > > > >
> > > > > The clients are using RDC v6 connecting to Window 2003 servers.
> > > >
 
Re: How to stop prompt for Credentials?

Hi

My problem is that it use to work and now does not. This is not something
that would be found in the desing phase because it work properly.

I still think the client should use the password if supplied and let me
worry about the security.

Thanks,
Simon

"Patrick Rouse" wrote:

> I feel your pain Simon, but at some point it's about what just works, as you
> don't want users rejecting a server based computing technology over issues
> that have solutions. Terminal Server is a platform on which others extend,
> and I don't see that changing. In most projects these kind of requirements
> flush themselves out in the Proof of Concept phase.
>
>
> --
> Patrick C. Rouse
> Microsoft MVP - Terminal Server
> SE, West Coast USA & Canada
> Quest Software, Provision Networks Division
> Virtual Client Solutions
> http://www.provisionnetworks.com
>
>
> "Simon White" wrote:
>
> > Unfortunately most of these solution are not cost effective in my case.
> >
> > Simon
> >
> > "Patrick Rouse" wrote:
> >
> > > There are plenty of 3rd party solutions to address this issue. Provision
> > > Networks, Citrix, Ericom, 2x...
> > >
> > >
> > > --
> > > Patrick C. Rouse
> > > Microsoft MVP - Terminal Server
> > > SE, West Coast USA & Canada
> > > Quest Software, Provision Networks Division
> > > Virtual Client Solutions
> > > http://www.provisionnetworks.com
> > >
> > >
> > > "Simon White" wrote:
> > >
> > > > I understand that is how it works unfortunately that is useless for my
> > > > applications. I can handle that MS does not store the password in the RDP
> > > > file by design however it would be useful if it would use the password if it
> > > > found in the RDP file.
> > > >
> > > > Otherwise it is nearly impossible to give users an automatic method of
> > > > connecting to TS Applications without at least once having them fill in the
> > > > user name and password. Perhaps MS does not have any idea often people
> > > > forget their passwords and how much time I must spend re-setting them. I can
> > > > eliminate all this extra unnecessary work if the user never has to know the
> > > > password and the RDC just uses what it finds in the RDP file.
> > > >
> > > > To me their fix does not provide extra security because users just create
> > > > easier passwords and write them down so anyone can either figure them out or
> > > > look them up.
> > > >
> > > > So now I am must start using a RDP launcher to work around this problem. To
> > > > be honest I am not impressed.
> > > >
> > > > Simon
> > > >
> > > >
> > > >
> > > > "Vera Noest [MVP]" wrote:
> > > >
> > > > > Storing the password in the file only works for the same user on
> > > > > the same workstation as where the file was created (that's why it
> > > > > works on the second connection). So you can't copy a standard file
> > > > > to all clients.
> > > > >
> > > > > Check here as well:
> > > > >
> > > > > Vista Remote Desktop Connection Authentication FAQ
> > > > > http://blogs.msdn.com/ts/archive/2007/01/22/vista-remote-desktop-
> > > > > connection-authentication-faq.aspx
> > > > >
> > > > > _________________________________________________________
> > > > > Vera Noest
> > > > > MCSE, CCEA, Microsoft MVP - Terminal Server
> > > > > TS troubleshooting: http://ts.veranoest.net
> > > > > *----------- Please reply in newsgroup -------------*
> > > > >
> > > > > =?Utf-8?B?U2ltb24gV2hpdGU=?=
> > > > > <SimonWhite@discussions.microsoft.com> wrote on 18 feb 2008:
> > > > >
> > > > > > I have secure website used by clients to connect to terminal
> > > > > > servers. When they click a link a dynamically created RDP file
> > > > > > is returned launching their Remote Desktop Connection. However,
> > > > > > they are now prompted for a password despite the fact that it
> > > > > > was supplied in the RDP file. The terminal servers all use SSL
> > > > > > and I have turned off the prompt for credentials item in the RDP
> > > > > > file.
> > > > > >
> > > > > > If they login and save their password then it appears to work
> > > > > > fine on subsequent connections however the problem is that they
> > > > > > usually do not know the password having not needed it in the
> > > > > > past. I would actually prefer not to give it to them so that I
> > > > > > can change them on a regular basis without having to tell them.
> > > > > >
> > > > > > So is my problem related to a "User name hint" bug I read about
> > > > > > or is there no way now to automate connection to a terminal
> > > > > > server without user intervention?
> > > > > >
> > > > > > The clients are using RDC v6 connecting to Window 2003 servers.
> > > > >
 
Re: How to stop prompt for Credentials?

You failed to ever mention that this used to work. The thing that probably
broke this was clients now using Remote Desktop Client 6.0. Perhaps 6.1 will
fix this. It should be released as part of XP SP3.

--
Patrick C. Rouse
Microsoft MVP - Terminal Server
SE, West Coast USA & Canada
Quest Software, Provision Networks Division
Virtual Client Solutions
http://www.provisionnetworks.com


"Simon White" wrote:

> Hi
>
> My problem is that it use to work and now does not. This is not something
> that would be found in the desing phase because it work properly.
>
> I still think the client should use the password if supplied and let me
> worry about the security.
>
> Thanks,
> Simon
>
> "Patrick Rouse" wrote:
>
> > I feel your pain Simon, but at some point it's about what just works, as you
> > don't want users rejecting a server based computing technology over issues
> > that have solutions. Terminal Server is a platform on which others extend,
> > and I don't see that changing. In most projects these kind of requirements
> > flush themselves out in the Proof of Concept phase.
> >
> >
> > --
> > Patrick C. Rouse
> > Microsoft MVP - Terminal Server
> > SE, West Coast USA & Canada
> > Quest Software, Provision Networks Division
> > Virtual Client Solutions
> > http://www.provisionnetworks.com
> >
> >
> > "Simon White" wrote:
> >
> > > Unfortunately most of these solution are not cost effective in my case.
> > >
> > > Simon
> > >
> > > "Patrick Rouse" wrote:
> > >
> > > > There are plenty of 3rd party solutions to address this issue. Provision
> > > > Networks, Citrix, Ericom, 2x...
> > > >
> > > >
> > > > --
> > > > Patrick C. Rouse
> > > > Microsoft MVP - Terminal Server
> > > > SE, West Coast USA & Canada
> > > > Quest Software, Provision Networks Division
> > > > Virtual Client Solutions
> > > > http://www.provisionnetworks.com
> > > >
> > > >
> > > > "Simon White" wrote:
> > > >
> > > > > I understand that is how it works unfortunately that is useless for my
> > > > > applications. I can handle that MS does not store the password in the RDP
> > > > > file by design however it would be useful if it would use the password if it
> > > > > found in the RDP file.
> > > > >
> > > > > Otherwise it is nearly impossible to give users an automatic method of
> > > > > connecting to TS Applications without at least once having them fill in the
> > > > > user name and password. Perhaps MS does not have any idea often people
> > > > > forget their passwords and how much time I must spend re-setting them. I can
> > > > > eliminate all this extra unnecessary work if the user never has to know the
> > > > > password and the RDC just uses what it finds in the RDP file.
> > > > >
> > > > > To me their fix does not provide extra security because users just create
> > > > > easier passwords and write them down so anyone can either figure them out or
> > > > > look them up.
> > > > >
> > > > > So now I am must start using a RDP launcher to work around this problem. To
> > > > > be honest I am not impressed.
> > > > >
> > > > > Simon
> > > > >
> > > > >
> > > > >
> > > > > "Vera Noest [MVP]" wrote:
> > > > >
> > > > > > Storing the password in the file only works for the same user on
> > > > > > the same workstation as where the file was created (that's why it
> > > > > > works on the second connection). So you can't copy a standard file
> > > > > > to all clients.
> > > > > >
> > > > > > Check here as well:
> > > > > >
> > > > > > Vista Remote Desktop Connection Authentication FAQ
> > > > > > http://blogs.msdn.com/ts/archive/2007/01/22/vista-remote-desktop-
> > > > > > connection-authentication-faq.aspx
> > > > > >
> > > > > > _________________________________________________________
> > > > > > Vera Noest
> > > > > > MCSE, CCEA, Microsoft MVP - Terminal Server
> > > > > > TS troubleshooting: http://ts.veranoest.net
> > > > > > *----------- Please reply in newsgroup -------------*
> > > > > >
> > > > > > =?Utf-8?B?U2ltb24gV2hpdGU=?=
> > > > > > <SimonWhite@discussions.microsoft.com> wrote on 18 feb 2008:
> > > > > >
> > > > > > > I have secure website used by clients to connect to terminal
> > > > > > > servers. When they click a link a dynamically created RDP file
> > > > > > > is returned launching their Remote Desktop Connection. However,
> > > > > > > they are now prompted for a password despite the fact that it
> > > > > > > was supplied in the RDP file. The terminal servers all use SSL
> > > > > > > and I have turned off the prompt for credentials item in the RDP
> > > > > > > file.
> > > > > > >
> > > > > > > If they login and save their password then it appears to work
> > > > > > > fine on subsequent connections however the problem is that they
> > > > > > > usually do not know the password having not needed it in the
> > > > > > > past. I would actually prefer not to give it to them so that I
> > > > > > > can change them on a regular basis without having to tell them.
> > > > > > >
> > > > > > > So is my problem related to a "User name hint" bug I read about
> > > > > > > or is there no way now to automate connection to a terminal
> > > > > > > server without user intervention?
> > > > > > >
> > > > > > > The clients are using RDC v6 connecting to Window 2003 servers.
> > > > > >
 
Back
Top