RDP and Network Level Authentication
The RDP client version 6 and later collect credentials before establishing a remote session. AuthLite credentials must be entered into the RDP client before the connection is made.
- Please see the AuthLite administrator guide for configuration steps needed on the domain controller (in particular, setting up a Replay Window)
- If you are using TSG, make sure AuthLite is installed on the TSG server as well
- If you are publishing TSG through ISA or TMG, please see the AuthLite administrator guide for configuration steps.
Connect to an RDP session as an AuthLite user
- Open mstsc (the RDP client) and enter the server you wish to connect to.
- Click Connect.
- When the logon dialog opens, select the Username field, and tap your AuthLite key there instead of entering the username.
- Enter your password into the password field.
The reason you must enter the OTP into the username field is that RDP hashes the contents of the password field immediately at the client. So by the time the server gets the credentials, the OTP has been destroyed by the hashing operation. In contrast, the username field is sent to the server in clear text, so the OTP can be transmitted in this field.