Is it possible to 'Trust' a Remote Desktop connection on the same domain?

I have a Windows 8 PC, and I find that day-to-day I'm connecting to various VMs or Servers running inside my organisation's domain.

However, each time I connect to a server, it asks me "Do I trust this computer?". See this picture:

Do you trust this remote connection popup

Of course, I can tick the 'Never show this message again' checkbox, but unfortunately I have to do this for every server I connect to.

I figured seeing as we are on the same domain, that would count as a 'trusted computer', but apparently not.

Is there any way to get Remote Desktop to 'Trust' computers on my domain, in order to avoid this popup in the future?

Note: I'm not talking about the 'Invalid Certificate' popup, although that appears too, if it's relevant:

certificate error popup

Robotnik

Posted 2013-10-24T04:01:46.367

Reputation: 2 280

1Are the remote hosts being signed by self signed certs, individual trusted certs, or a single trusted wildcard cert? – Scott Chamberlain – 2013-10-24T04:11:56.480

Are you connecting by just the host name, FQDN or IP address? – Ƭᴇcʜιᴇ007 – 2013-10-24T04:16:02.553

@techie007 - I'm connecting by hostname. Scott - As I don't have complete control over the machines (just access to them) I can't be completely sure, although I'd say probably self-signed. They're mainly used for internal databases and the like. So you're thinking this first popup is again related to the certificate? (I know the second one is) – Robotnik – 2013-10-24T04:37:01.513

Does it behave the same if you connect using the FQDN? – Ƭᴇcʜιᴇ007 – 2013-10-24T04:42:01.797

@techie007 - Yup – Robotnik – 2013-10-24T04:48:42.073

Ok, before we go much further, can you post some screen shots of the actual error(s) you're seeing? – Ƭᴇcʜιᴇ007 – 2013-10-24T04:51:58.653

If it's certificate errors, and you want to set up certificates properly so it doesn't warn you, check out: Configuring Remote Desktop certificates

– Ƭᴇcʜιᴇ007 – 2013-10-24T04:59:10.090

@techie007 - I've added the screenshots. The first one is the one I'm primarily wanting to be rid of, I know what the second one is. If they're related as Scott mentions, then so be it. I thought they were separate warnings though – Robotnik – 2013-10-24T04:59:53.547

Answers

You are getting the first warning because you have a local drive or Plug'n'Play device shared under the Local Resources tab of the RDP connection.

If you click the "Show Details" link in that dialog it will present you the chance to turn off shared resources for that session.

As far as I know, the only way to avoid it is to not share local drives in the RDP connection link, or mark the "Don't ask me again" box.

Ƭᴇcʜιᴇ007

Posted 2013-10-24T04:01:46.367

Reputation: 103 763

Bugger. I share a drive so I can access resources on my host :/. Thanks for this. – Robotnik – 2013-10-24T05:15:30.267

1When I'm on the same domain, I usually just access my workstation from the server via it's IP + admin shares: \\10.1.1.2\c$ ;) Also, I think if you have a share on your host you can access it via the magic TSClient name: \\tsclient\sharename, but it's been awhile since I tried that. – Ƭᴇcʜιᴇ007 – 2013-10-24T05:22:31.007

Is it possible to 'Trust' a Remote Desktop connection on the same domain?

If you are responsible for this domain, then the solution would be to install Certificate services and issue certificates to your computers and systems. Then publish the CA certificate via a group policy to your workstation.

A properly implemented PKI setup will eliminate those warnings, but the setup is relatively complex.

Zoredache

Posted 2013-10-24T04:01:46.367

Reputation: 18 453

I'm not a power user over the domain, and as such cannot install certificates etc. As I said, I was primarily concerned with the 'trust this computer' message, not the certificate one (as I know I can't change that) – Robotnik – 2013-10-24T06:54:51.543

@Robotnik I think if you put the certificate that the connection is signed with in the Trusted Publishers store it gets rid of the "trust this computer" message. So if the domain used a single wildcard cert for all of the remote desktop servers you could add that one cert and it would work. – Scott Chamberlain – 2013-10-24T14:04:31.787