Change default RDP credential prompt

0

Up until recently, every time I RDP'd into a server, I was prompted for my domain credentials (namely, just the password, as my username is already populated).

I'm not sure what changed, but now whenever I try to RDP into any server, its asking me for my Hello For Business PIN, like so;

RDP Credential Prompt

I then have to click 'more choices' select, my domain account, and login. I have to do this every time. Note, my host was setup with H4B many months ago, but this RDP behavior is recent so I dont think they are related.

How do I change the RDP prompt to default to my domain credentials, instead of trying to use something else (in this case a Hello for Business pin).

n00b

Posted 2019-08-15T14:17:45.177

Reputation: 683

Answers

0

It seems that Windows Hello for Business PIN is part of the Biometrics package.

If disabling Biometrics is an acceptable solution, this is done by running gpedit.msc and navigating to Computer Configuration > Administrative Templates > Windows Components > Biometrics.

You will find there several options that you could disable experimentally. The master option looks to be "Allow the use of biometrics".

harrymc

Posted 2019-08-15T14:17:45.177

Reputation: 306 093

Thanks for the reply, however everything under 'allow the user of biometrics' is in a 'not configured' state. – n00b – 2019-08-15T15:49:44.197

Not configured means enabled - you need to specifically set it to disabled. – harrymc – 2019-08-15T15:50:58.950

Unfortunately changing this setting and resetting did not have the desired effect. See my answer, and let me know if you have further ideas. – n00b – 2019-08-16T12:56:10.577

0

It appears this is strictly tied to what credentials I use to log into (or subsequently unlock) my workstation. If I log into my workstation using my H4B pin, the RDP client will prompt me for an H4B pin by default. Likewise if I log in with my domain credentials instead, the RDP client will default to asking me for my domain credentials. Note the behavior change is immediate, upon locking the machine, and changing the login method.

This is a good enough work around for me for now, but if anybody knows how to change this default behavior (short of saving RDP creds, or creating custom .RDP files) I am all ears.

n00b

Posted 2019-08-15T14:17:45.177

Reputation: 683

Asked: 2019-08-15T14:17:45.177

Viewed: 376 times

Active: 2019-08-16T12:55:36.740