Password Save

[Guest]

I have a Windows 2003 Server -w- Term. Server installed, stand-alone. I am
accessing it with a windows 2000 network with RDP. I edit the .rdp file to
save the password, but when I log off, the password goes away. I have figured
out the password I am seeing must be stored in the registry because when I
access the same file without logging off under a different user, the password
field is blank.

Here is the problem: I need to store the password so the user(s) that use
the workstation can just click an icon. How do I get the password to stick?

 

[Vera Noest [MVP]]

This is by design. For security reasons, the password is encrypted in
such a way that only the same user, on the same machine, can decrypt
it.
If all users are using the same account and password, you can
set the username and password in Terminal Services Configuration
admin tool.

Be sure to uncheck "Always prompt for password" in TSC.

_________________________________________________________
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
TS troubleshooting: http://ts.veranoest.net
SQL troubleshooting: http://sql.veranoest.net
___ please respond in newsgroup, NOT by private email ___

 

[Guest]

Thank you Vera,
I found a previous post you made with a similar answer. The same user,
on the same machine is launching the .rdp file in my case. When the user logs
off, then back on, the password disappears. A closer examination of the file
with notepad reveals that the password is encrypted differently each time the
user saves the password. This is predicted. However, the same user, on the
same machine is unable to decrypt after logging off, then back on to the
network. This is not predicted. I have checked the server settings, and I do
have it working in a different situation. The problem must be something such
as an encryption key is volatile. Any idea what key is used, and why this
might be happening? Thanks in advance.. SrChasJC

Network Settings:
Windows 2000 SP4
AD Native mode
No OU restrictions (for testing)
Local machine admin is saving file
Roving profiles
Profile unlocked (non-mandatory)
Profile removed on reboot.

 

[Vera Noest [MVP]]

Have you tried if it works with a domain account?
The encryption key is partly based on the domain password.

_________________________________________________________
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
TS troubleshooting: http://ts.veranoest.net
SQL troubleshooting: http://sql.veranoest.net
___ please respond in newsgroup, NOT by private email ___

 

[Guest]

The clients are members of a domain, and they do log on to the domain. The
terminal server is in a stand-alone configuration on a different network. The
only ports allowed between them is the TS ports, so having the TS Server join
a domain is not possible in this case. Since the clients are in a domain, I
would think even if a different key was loaded (Such as a session ticket, or
Kerberos ticket) (Since the root certificate is the same) it should unlock
the password assuming it is a asymmetric key.

 

[Vera Noest [MVP]]

OK, found a KB article which might help:

839918 - Hotfix that lets you control whether a user can save a
password for Remote Desktop Connection sessions to a terminal
server in Windows XP or in Windows 2000
http://support.microsoft.com/?kbid=839918

_________________________________________________________
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
TS troubleshooting: http://ts.veranoest.net
SQL troubleshooting: http://sql.veranoest.net
___ please respond in newsgroup, NOT by private email ___