-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I understand. Thanks for the information.

Um, maybe we should look at taking another approach?

What would you think about using a Java RDP client?
Or, possibly an HTML5 RDP solution?

On 11/29/2011 6:55 AM, Dmitri Chebotarov wrote:
> 
> 
> Looks like with RDP v6 protocol, user's credentials are stored in 
> %userprofile% on local PC and not in .rdp file. Plus, password is encrypted 
> using hash from user's Windows login password. This practically makes it 
> impossible to generate .rdp file with username/password included. 
> 
> I found 
> http://www.remkoweijnen.nl/blog/2007/10/17/launch-rdp-from-commandline/ 
> utility, which works as a wrapper for mstsc.exe and can pass 
> username/password and auto-connect to a RDP session. This is probably closest 
> it gets to auto-login...
> 
> Thanks.
> On Nov 22, 2011, at 16:37 , Aaron Coburn wrote:
> 
>> On Nov 22, 2011, at 2:58 PM, Alexander Kurt Keller wrote:
>>> I believe years ago (RDP version 4?) the password could be defined in clear 
>>> text within the RDP file but that is long unsupported. Here is a write-up 
>>> and a lively comments discussion on the  MSTSC embedded password encryption 
>>> function:
>>>
>>> http://www.remkoweijnen.nl/blog/2007/10/18/how-rdp-passwords-are-encrypted/
>>>
>>> it looks like they use the machine or user SID to salt the hash?
>>
>>
>> I tried implementing this particular solution a while ago but was never able 
>> to get it to work. The basic idea described in the website is that the 
>> target machine needs to encrypt the password and that encrypted string goes 
>> into the RDP file as:
>>
>> password 51:b:{encrypted password}
>>
>> For instance, if a suitable encryption program is installed on the VCL 
>> Windows machine, the management node could, in theory, request a hashed copy 
>> of the password before generating the RDP file for the user.
>>
>> I certainly don't want to dissuade anyone from trying to get this to work as 
>> described in the link above, but given that there is no reference to 
>> 'password 51' fields in the current Terminal Services documentation, I am 
>> not entirely sure that the field is still supported: 
>> http://technet.microsoft.com/en-us/library/ff393708%28WS.10%29.aspx
>> http://support.microsoft.com/?kbid=885187
>>
>> The closest I have come to an auto-login solution is to use protocol 
>> handlers in the form of a link. Something like this:
>>
>> <a href="rdp://username:password@hostname:port/domain?params">...</a>
>>
>> For this to work on a user's computer, the protocol handler must be 
>> registered at the OS level, which introduces an additional level of 
>> complexity. On Mac OS X, this is done automatically when a user installs an 
>> RDP client such as CoRD. On linux, a user will need to execute something 
>> like this to enable the handler:
>> gconftool-2 -s /desktop/gnome/url-handlers/rdp/command '/usr/bin/rdesktop 
>> %s' --type String
>> gconftool-2 -s /desktop/gnome/url-handlers/rdp/enabled --type Boolean true
>> I am not entirely sure about how to get this to work on Windows, though. 
>> First of all, mstsc.exe doesn't seem to accept a username or password 
>> argument from the command line. Nevertheless, if you want the protocol 
>> handler to work on Windows, you'll need to modify the registry in 
>> HKEY_CLASSES_ROOT\\rdp -- the documentation here will give you a start: 
>> http://msdn.microsoft.com/en-us/library/aa767914.aspx
>>
>> Please let me know if you make any progress on this!
>>
>> Best regards,
>> Aaron
>>
>>
>> --
>> Aaron Coburn
>> Systems Administrator and Programmer
>> Academic Technology Services, Amherst College
>> (413) 542-5451 acob...@amherst.edu
>>
>>
>>
>>> -----Original Message-----
>>> From: Josh Thompson [mailto:josh_thomp...@ncsu.edu] 
>>> Sent: Tuesday, November 22, 2011 11:12 AM
>>> To: vcl-user@incubator.apache.org
>>> Subject: Re: rdp file auto login
>>>
>>> It's been several years since I tried to get this to work.  However, unless 
>>> things have changed (which I'm guessing they haven't), you can't make it 
>>> auto- login.  The password is provided in a clear text form in the rdp 
>>> file.  
>>> Unfortunately, the windows and mac RDC apps won't use the clear text 
>>> version.  
>>> You can save a password in an encrypted form in an rdp file; however, RDC 
>>> uses cryptographic stuff specific to the computer that actually saves the 
>>> file, meaning there's no way to generate the encrypted form of the password 
>>> unless you are actually on the end user's machine.
>>>
>>> If anyone wants to try to investigate this again, I think everyone in the 
>>> community would love to see it work.  Or, everyone can switch to linux/unix 
>>> platforms that can use rdesktop that will happily accept the password at 
>>> the command line.  :)  I have a nice wrapper script for rdesktop that will 
>>> take the rdp file and do the auto-login into the remote windows node.
>>>
>>> Josh
>>>
>>> On Tue November 22 2011 1:29:09 PM Gene Lui wrote:
>>>> Dmitri,
>>>>
>>>> If you download the rdp file from the connection reservation and open 
>>>> it with a editor, you see that the rdp file has both a user name and 
>>>> password within the setting file.  For example, the last rdp file had 
>>>> the following key entries:
>>>>
>>>> username:s:gkl25
>>>> clear password:s:LDgKQM
>>>>
>>>> I would have thought that this would be passed to the remote desktop 
>>>> when opening this file with mstcs.  But it is not and I don't know if 
>>>> this is how it normally works or is it suppose to be able to passed it 
>>>> to the Win7 remote desktop and I'm doing something wrong.
>>>>
>>>> - Gene
>>>>
>>>> On Tue, 2011-11-22 at 13:17 -0500, Dmitri Chebotarov wrote:
>>>>> Gene
>>>>>
>>>>> I'm relatively new with VCL and I may be wrong. I could not find any 
>>>>> options in preferences for RDP file to include password. Having 
>>>>> password in RDP file would make it easier and if it's possible it would 
>>>>> be great.
>>>>>
>>>>> I would like to have this option as well and will be looking into 
>>>>> the code which generates a RDP file for new reservations.
>>>>>
>>>>> Thanks
>>>>>
>>>>> On Nov 22, 2011, at 12:58 , Gene Lui wrote:
>>>>>> Thanks Dmitri,
>>>>>>
>>>>>> Wanted to confirm if its possible by using the rdp file, users can 
>>>>>> auto login with the mstsc (would be preferred over entering 
>>>>>> password manually).  Thanks for such a quick reply and answer to my 
>>>>>> question.
>>>>>>
>>>>>> Take care,
>>>>>> Gene
>>>>>>
>>>>>> Drexel University
>>>>>>
>>>>>> On Tue, 2011-11-22 at 12:47 -0500, Dmitri Chebotarov wrote:
>>>>>>> Gene,
>>>>>>>
>>>>>>> Username/password would be on your reservation page.
>>>>>>> Username is Admin, password is generated for each reservation and 
>>>>>>> you need to type it manually when open RDP.
>>>>>>>
>>>>>>> Thanks.
>>>>>>>
>>>>>>> On Nov 22, 2011, at 12:32 , Gene Lui wrote:
>>>>>>>> Hi there,
>>>>>>>>
>>>>>>>> I wonder if any of you bright individuals can help me out here 
>>>>>>>> with this wonderful project you got here.
>>>>>>>>
>>>>>>>> When I use the RDP file supplied on the vcl connection page 
>>>>>>>> (Windows
>>>>>>>> 7 client) , I assume it will automatically supply the 
>>>>>>>> credentials to log into the remote desktop image (Windows 7 
>>>>>>>> image). The problem is that it does not automatically logs in 
>>>>>>>> and it prompts for my password.
>>>>>>>>
>>>>>>>> Do I have this wrong and a password is needed to be manually entered?
>>>>>>>> If not, how do I enable the auto login?  I have tried changing 
>>>>>>>> group policy settings on the remote desktop host but nothing 
>>>>>>>> works.  I appreciate any help anyone can give.
>>>>>>>>
>>>>>>>> Thanks,
>>>>>>>> Gene
>>>>>>>>
>>>>>>>> Drexel University
>>> -
>>> -------------------------------
>>> Josh Thompson
>>> Systems Programmer
>>> Virtual Computing Lab (VCL)
>>> North Carolina State University
>>>
>>> josh_thomp...@ncsu.edu
>>> 919-515-5323
>>>
>>> my GPG/PGP key can be found at www.keyserver.net
>>
> 


- -- 
Jim O'Dell
Network Analyst
California State University Fullerton
Email: jod...@fullerton.edu
Phone: (657) 278-2256
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk7WXRMACgkQREVHAOnXPYTAeQCeItP28fOpXuTFbSVEkZcqHG0b
mOAAoJUPaSuYo3sAQ1DMuo7+iIKbacBH
=j+l6
-----END PGP SIGNATURE-----

Reply via email to