For a Systems Administrator, this generally is a fairly simple process. Open My Computer, right-click on properties and go to Remote Settings and under Remote Desktop, uncheck the box that says “Allow connections only from computers running Remote Desktop with Network Level Authentication (Recommended)”
Well, let’s assume the scenario where you cannot log in via AD authentication and for some reason, you’re unable to find the Administrator’s password or it isn’t working. This is where the winrs command comes in handy. You can simply alter the settings from another VM that is joined to the same domain.
Run cmd as Administrator and run the following to Query current NLA (Network Level Authentication) settings:
winrs -r:VMname.domain.com reg query “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-TCP” /v UserAuthentication
Run the following command to disable NLA.
winrs -r:VMname.domain.com reg add “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-TCP” /v UserAuthentication /t REG_DWORD /d “0” /f
Verify by running the query command again:
winrs -r:VMname.domain.com reg query “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-TCP” /v UserAuthentication
If for some reason, you want to login from the local Administrator account, you can run the following command to change it.
Cheers !!!!!
Note: This guide is meant for those who are working as a System Administrator and not meant for a developer with limited knowledge of Operating Systems. If you find this guide, please do not implement it on your own, without the guidance of your company’s IT Manager or System Administrator.
Top comments (0)