How to save RDP credentials into a file?

12

8

I'm trying to use RDP and save my credentials in a file so I don't have to enter it each time I connect.

I remember doing it before and it involved changing a group policy setting. What exactly do I need to change in Group Policy within Windows 7 in the host & client machines to accomplish this?

barfoon

Posted 2010-05-10T18:39:01.850

Reputation: 926

Answers

11

Open the Group Policy editor (Start > Run > gpedit.msc) and navigate to Computer Configuration -> Administrative Templates -> Windows Components -> Remote Desktop Services -> Remote Desktop Connection Client

For value Do not allow passwords to be saved, change to Disabled.

When connecting to a machine in Remote Desktop Connector, expand the Options panel and confirm that Allow me to save credentials is checked.

Neil

Posted 2010-05-10T18:39:01.850

Reputation: 415

Thanks Neil - I actually found a more comprehensive solution linked on my own answer. – barfoon – 2010-05-12T12:39:32.357

11

Actually found a link (archive.org) that solved this problem:

  1. Hit Start –> Run and type "gpedit.msc".
  2. Navigate to Local Computer Policy –> Computer Configuration –> Administrative Templates –> System –> Credentials Delegation.
  3. Double click the policy "Allow Delegating Default Credentials with NTLM-only Server Authentication".
  4. Set the policy to “Enabled”.
  5. Click the Show button and enter the string “TERMSRV/*” into the list. You can also be more specific here in case you don’t want to allow the use of saved credentials with all remote machines but rather just a select few.
  6. Click OK twice to close the policy. Repeat steps 3–6 for the following policies:
    1. "Allow Delegating Default Credentials"
    2. "Allow Delegating Saved Credentials with NTLM-only Server Authentication"
    3. "Allow Delegating Saved Credentials"

barfoon

Posted 2010-05-10T18:39:01.850

Reputation: 926

1+1 As it is links to a very comprehensive answer. This is the kind of answer that should be redone on SuperUser. It is, after all, supposed to be a cross between a forum and a Wiki – Ian Boyd – 2010-09-09T17:06:32.237

@IanBoyd: The recommendation is to make a Community Wiki post with a link to the original content. This is especially helpful when both the original posts have gone dead. – Guvante – 2013-01-02T23:55:03.757

1@Guvante And now that the link has gone dead; the useful answer is lost forever. – Ian Boyd – 2013-01-03T14:38:06.010

1

Available here: https://web.archive.org/web/20091004021911/http://www.perceptible.net/post/2009/02/03/How-To-Enable-Use-of-Saved-Credentials-with-Remote-Desktop-to-Almost-Fully-Authenticated-Machines.aspx

– bkaid – 2014-03-25T16:52:41.517

2

I had the issue on Windows 10 with perma asking password when I try to connect to a new machine.

First, the password line in the RDP must be named:

password 51:b:myEncryptedPassword

And the pass must by encrypted. You can use cryptRDP5 to convert it: https://github.com/jps-networks-modifiedOSS/openvpn-als-applications/tree/master/adito-application-rdp-xplatform-embedded/src/windows

cryptRDP5.exe yourpassword

Maku

Posted 2010-05-10T18:39:01.850

Reputation: 21

0

You can store the hostname/ip and credentials as key from PowerShell using the command :

cmdkey /generic:<ip or hostname> /user:<username> /pass:<password>

For viewing your saved keys
Note: The saved password will not be visible in any case.:

cmdkey /list

For deleting a key:

cmdkey /delete:<hostname>

This works for running a RDP session from command prompt as well as the RDP client.

Hope this helps.

For more details you can visit the Technet page

xeon

Posted 2010-05-10T18:39:01.850

Reputation: 111

0

I've converted @barfoon answer to a registry script, to allow its automated deployment... Or just saving the hassle of navigating through gpedit.msc:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\Terminal Services]
"DisablePasswordSaving"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CredentialsDelegation]
"AllowDefaultCredentials"=dword:00000001
"AllowDefaultCredentialsWhenNTLMOnly"=dword:00000001
"ConcatenateDefaults_AllowDefault"=dword:00000001
"AllowSavedCredentials"=dword:00000001
"ConcatenateDefaults_AllowSaved"=dword:00000001
"AllowSavedCredentialsWhenNTLMOnly"=dword:00000001
"ConcatenateDefaults_AllowSavedNTLMOnly"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CredentialsDelegation\AllowDefaultCredentials]
"1"="TERMSRV/*"

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CredentialsDelegation\AllowSavedCredentials]
"1"="TERMSRV/*"

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CredentialsDelegation\AllowSavedCredentialsWhenNTLMOnly]
"1"="TERMSRV/*"

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CredentialsDelegation\AllowDefaultCredentialsWhenNTLMOnly]
"1"="TERMSRV/*"

Just save this in a filename.reg file, double click it and enjoy.

Evengard

Posted 2010-05-10T18:39:01.850

Reputation: 1 500

Asked: 2010-05-10T18:39:01.850

Viewed: 41 544 times

Active: 2018-07-03T11:52:14.530