I understand the reason for NLA, but I dont quite get how it performs the first pre-login screen authentication. I'm connecting in an Active Directory computer to another computer with RDP inside the domain. I suppose Microsoft client checks for the cached credentiales/network token for my user, and then present the login screen just in case I'd like to login as a different user, or even as a double safety measure. But after that, I tried to login from a linux client (Remmina) (from a machine outside the AD) and after asking me for the login credentials, I was able to login. I never specified any server other than the RDP I wanted to connect to. So, what credentials did it checked?

Thanks