when Terminal Services is not installed Windows2012 R2 Configure the properties of the Remote Desktop on the server.
from Windows To start, if you do not have a computer that has Terminal Services enabled on the server, to configure Remote Desktop to use more secure encrypted RDP the connection needs to be installed through another - Management of server management tools after they are connected. Typically, this is not a problem for domain-joined computers. However, this method will not be used for non-domain computing. We need to set some commands to achieve the same effect.
650) this.width=650; "title=" 1.png "style=" Float:none; "src=" http://s2.51cto.com/wyfs02/M01/7A/F4/ Wkiol1bc0-3qlyv2aabmd1gq4hy738.png "alt=" Wkiol1bc0-3qlyv2aabmd1gq4hy738.png "/>
First we need to know the thumbprint of the certificate used for encryption.
650) this.width=650; "title=" 2.png "src=" Http://s3.51cto.com/wyfs02/M01/7A/F4/wKioL1bC1dDRDrWUAABgI7jKC7I254.png " alt= "Wkiol1bc1ddrdrwuaabgi7jkc7i254.png"/>
Copy the content and remove the space. As follows:
dc1fffbc28f11b6c2e6db4021697c7fa72545474
and then with this command, for Terminalservice Configure the certificate.
Wmic/namespace:\\root\cimv2\terminalservices pathwin32_tsgeneralsetting Set sslcertificatesha1hash= " dc1fffbc28f11b6c2e6db4021697c7fa72545474 "
Then modify the two registry key values:
Hkey_local_machine\system\currentcontrolset\control\terminalserver\winstations\rdp-tcp
Securitylayer REG_DWORD
Minencryptionlevelreg_dword
Securitylayer the corresponding relationship is as follows:
0 rdpsecurity Layer
1 Negotiate
2 SSL (TLS1.0)
Minencryptionlevel the corresponding relationship is as follows:
1 Low
2 clientcompatible
3 High
4 fipscompliant
Also, in the registry, you can verify the previously configured certificate information.
650) this.width=650; "title=" 3.png "src=" Http://s3.51cto.com/wyfs02/M01/7A/F4/wKiom1bC1X2Ty5f7AAAea_NPwOQ155.png " alt= "Wkiom1bc1x2ty5f7aaaea_npwoq155.png"/>
Sslcertificatesha1hash The fingerprint of the certificate is recorded in the
userauthentication is about whether to allow only support Network Level Authentication the hook before the Client connection option. 1 is selected,0 means not selected.
To configure Remote Desktop properties on a Windows R2 server that does not have Terminal Services installed