Unable to rdp to Windows2008 SBS server from XP client after KB969084 installed

We had an issue when all of a sudden we were not able to remote desktop to a clients SBS 2008 server using the rdp client and the TSGateway functionality. Remote Web Workplace would work fine and so would Windows7 clients.
After proving this patch was the culprit by removing the patch and finding my saved rdp session would work, I went back and read the kbarticle 969084 on this patch. I hadn’t initially read this (in common with a lot of other people) and also because the patch was pushed down via wsus. It turns out that XP does not turn on CredSSP by default and this is needed to work with the new RDP client. I followed the instructions at kb951608 and after a reboot, going to the control box/About I got the message that Network Level Authentication was supported and I was then able to connect succesfully.
MSTSC showing Network Level Authentication Supported
To summarize you need todo the following.

  1. Click Start , click Run , type regedit , and then press ENTER.
  2. In the navigation pane, locate and then click the following registry subkey:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
  3. In the details pane, right-click Security Packages , and then click Modify .
  4. In the Value data box, type tspkg . Leave any data that is specific to other SSPs, and then click OK .
  5. In the navigation pane, locate and then click the following registry subkey:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders
  6. In the details pane, right-click SecurityProviders, and then click Modify .
  7. In the Value data box, type credssp.dll . Leave any data that is specific to other SSPs, and then click OK .
  8. Exit Registry Editor.
  9. Restart the computer.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.