External

• http://en.wikipedia.org/wiki/Network_Level_Authentication
• Configure Remote Desktop Access on Windows 7 Systems http://technet.microsoft.com/en-us/magazine/ff404238.aspx

Internal

• Windows

Remote Desktop Clients

Windows

Configure to Connect to a Remote Server

1. Start Remote Desktop Connection

Start -> All Programs -> Accessories -> Communications -> Remote Desktop Connection.

2. Specify computer.

1.2.3.4

3. Specify username/password.

Executable

Windows 7, Windows 8: C:/Windows/System32/mstsc.exe

Mac

Mac users can access a Microsoft Windows with Remote Desktop access enabled. For that:

1) Download "Microsoft Remote Desktop" from App Store.

DO NOT use "Remote Desktop Connection", I had troubles with it.

2) Configure as follows:

Connection Name: NOW530

PC Name: NOW530

Credentials

User name: ovidiu

Password: ***

Resolution: Native

Colors: True Color (24 bit)

Full screen mode: OS X native

DO NOT Start session in full screen

DO NOT Scale content

DO Use all monitors.

Remote Desktop Server

Enable a Windows Machine to Run as Session Host

Enable on Windows 7, Windows Vista

System -> Remote Settings -> Remote Desktop.

In some situations, you must enable the Windows Firewall exceptions for Remote Desktop (the link has a yellow triangle exclamation mark besides it and the "Remote Desktop" options below are grayed out. In order to do that, click on the link and follow the instructions.

Then:

Allow connections from computers running any version of Remote Desktop -> Select Users

Enable on Windows 8

System Settings -> Remote Settings -> Remote -> Remote Desktop

Command line:

C:\Windows\System32\SystemPropertiesAdvanced.exe

See the firewall exception notes, above.

Then: Allow Remote Connections to this Computer.

Enable on Windows 10

Command line:

C:\Windows\System32\SystemPropertiesAdvanced.exe > Remote -> Remote Desktop

Troubleshoot the Session Host

1. Verify that the Service is Running

Services:

• Remote Desktop Configuration
• Remote Desktop Services
• Remote Desktop Services UserMode Port Redirector

To start the service:

C:\windows\System32\svchost.exe -k NetworkService

2. Verify that the Firewall Allows Access

The "Remote Desktop" rule should be there. More details here:

https://home.feodorov.com:9443/wiki/Wiki.jsp?page=WindowsFirewall#section-WindowsFirewall-AddingAccessRuleForRemoteDesktopOnSessionHost

3. Boosted Group Policy Rules

I did this on just on pre-configured corporate laptop, not sure if it is really necessary generally.

Start the Local Group Policy Editor following the procedure3 described here: https://home.feodorov.com:9443/wiki/Wiki.jsp?page=LocalGroupPolicyEditor#section-LocalGroupPolicyEditor-Run

Then navigate to Local Computer Policy -> Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Session Host:

Connections:

• Allow users to connect remotely using Remote Desktop Services: Enabled

Device and Resource Redirection:

• Do not allow drive redirection: Disabled.

Security:

• Set client connection encryption level: Enabled , Encryption Level: Client Compatible
• Always prompt for password upon connection: Enabled
• Require user authentication for remote connection by using network Level Authentication: Disabled

Session Time Limit:

• Set time limit for active but idle Remote Desktop Service sessions: Enabled, Idle session limit: Never.
• Set time limit for active Remote Desktop Service sessions: Enabled, Active session limit: Never

!!4. Added my network user to "Remote Desktop Users" group (I did this on the Accenture Laptop, not sure if it is really necessary)

Start the local user management utility as described in [Windows Users#UserManagement].

Then, go to Groups, double click on Remote Desktop Users -> Add -> "ovidiu.feodorov"