Announcements

SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
RSAAdmin
Beginner
Beginner

SecurID authentication issues with RDP connection

Jump to solution

We have an old SecurID appliance that is still being used for authentication into our DMZ systems.  One thing I have noticed is when I attempt to RDP to a Windows 7 machine, it will ask me for my username/login, but it needs my non-RSA Windows password on the machine.  Once I provide that, I get the usual welcome screen where I will then enter my RSA pin/tokencode.  Is there any way to avoid the first step so I can keep users from needing to log in twice (once with Windows password, second time with token)?  Locally to the machine, this does not happen, it is only an issue with RDP.

1 Solution

Accepted Solutions
RSAAdmin
Beginner
Beginner

The first authentication is called Network Level Authentication (NLA), and it can be disabled. MS introduced it sometime ago to make RDP sessions more secure.

 

To avoid NLA, you must disable it to that host. It's a less secure process get into RDP session, but it's possible.

 

Change the GPO: Require user authentication for remote connections by using Network Level Authentication

to: Disabled


See if it helps.

View solution in original post

0 Likes
1 Reply
RSAAdmin
Beginner
Beginner

The first authentication is called Network Level Authentication (NLA), and it can be disabled. MS introduced it sometime ago to make RDP sessions more secure.

 

To avoid NLA, you must disable it to that host. It's a less secure process get into RDP session, but it's possible.

 

Change the GPO: Require user authentication for remote connections by using Network Level Authentication

to: Disabled


See if it helps.

0 Likes