The following properties can be configured when creating or editing the RDP entry. Most of the general properties require you to close the RDP entry completely, then reopen it to take effect.
Authentication
| SETTINGS | DESCRIPTION |
|---|---|
| Connect and don't warn me | Automatically connects without any security warnings. |
| Do not connect | Prevent the connection if authentication issues are detected. |
| Warn me | Provide a warning if there are any concerns with the authentication but allows the option to proceed. |
| Default (Connect and don't warn me) | Use the default setting to connect without warning. |
| Enable Network level authentication (NLA) | Enable NLA, which enhances security by requiring authentication before establishing a remote desktop session. |
| Enable Entra ID SSO | Enable Single Sign-On (SSO) with Entra ID credentials for a seamless login experience. |
Transport security
Advanced transport security options are only supported with FreeRDP. If you wish to enforce NLA from the client, disable both TLS and RDP transport security options, which will leave NLA as the only option to negotiate. NLA always uses TLS, but TLS does not imply NLA.
| SETTINGS | DESCRIPTION |
|---|---|
| Enable Transport Layer Security (TLS) | TLS security without Network Level Authentication (NLA). NLA always uses TLS, but TLS does not imply NLA. Disabling this option does not disable TLS, but it disables TLS without NLA. |
| Enable Remote Desktop Protocol Security (RDP) | Obsolete RDP transport security that predates the creation of TLS. It is never recommended, especially since TLS in RDP has been supported since Windows Server 2003. |
SSPI
Advanced SSPI settings are only supported with FreeRDP and the Microsoft RDP client in external mode on Windows. If you wish to enforce Kerberos usage from the client, set Authentication package to Kerberos.
| SETTINGS | DESCRIPTION |
|---|---|
| RD Gateway is KDC proxy | Indicate that the RD Gateway serves as a Key Distribution Center (KDC) proxy for Kerberos authentication. |
| SSPI module | Specify the Security Support Provider Interface (SSPI) module to be used for authentication.
|
| Authentication Package | Define the authentication package used for verifying user credentials.
|
| KDC Detection Method | Determine the method for detecting the Key Distribution Center in Kerberos authentication scenarios.
|
| KDC Server URL | Specify the URL of the KDC server to be used for Kerberos authentication, if applicable.
|
Give us Feedback