Add an RDP Server
An RDP server in strongDM is the combination of an IP/DNS address and authentication information used to control a Windows resource, such as a server running Windows Server 2019 or Windows 10 Professional. From the Servers section, click
Add Server then select
RDP as the server type to show the resource configuration.
Display Name: Required Like other resource types, this is the name that is displayed in the CLI and GUI for any Users that are granted access.
Server Type: Required Select RDP from the drop-down menu.
Hostname: Required The IP/DNS address used to connect to the resource from your Gateway/Relay. (e.g.
Port: Required The port on the target server that is listening for RDP connections. If you're unsure, leave this as the default:
Port Override: Required The port that SDM will use to listen for connections for this server on a User's machine. This port value must be unique across the Organization. Leave blank to have a valid port number assigned by default.
Username: Required The username or domain\username to authenticate with. (e.g.
Password: Required The password for the provided username.This password cannot be validated by the healthcheck; a green healthcheck for this resource indicates network reachability only.
Windows Network Level Authentication (NLA)
Windows NLA is a security protocol used by the Remote Desktop Service; when enabled, it completes additional client-side verifications. SDM will automatically detect and use Windows NLA if it is enabled. However, some variations of NLA are not supported. For example, you may encounter error messages such as these in your
cannot extract server's sent public key: failed to handshake tls conn:read tcp4 172.22.64.180:35118->172.22.20.44:3389: read: connection reset by peer"cannot complete server NLA authentication: cannot parse ntlm echo packet:cannot read class byte: remote error: tls: internal error
Users may also see similar errors when trying to connect to RDP servers. If you do encounter problems like this, please contact our Support team, who may be able to perform additional configuration on the backend to address this.
Should you have any trouble or have general questions, please reach out to email@example.com.