*Cube-Host– full cloud services!!
: Function WP_Styles::add was called incorrectly. The style with the handle "hello-elementor-child-style" was enqueued with dependencies that are not registered: hello-elementor-theme-style. Please see Debugging in WordPress for more information. (This message was added in version 6.9.1.) in /home/csrkub/domains/cube-vps.com/public_html/wp-includes/functions.php on line 6131
Notice: Function WP_Scripts::add was called incorrectly. The script with the handle "gpress-custom-js" was enqueued with dependencies that are not registered: gpress-siema. Please see Debugging in WordPress for more information. (This message was added in version 6.9.1.) in /home/csrkub/domains/cube-vps.com/public_html/wp-includes/functions.php on line 6131
*Cube-Host– full cloud services!!
Network Level Authentication (NLA) is a mechanism for pre-authentication when connecting to a remote desktop. It protects the server from unauthorized access and reduces the risk of attacks before a full session is established. Today, it has become a security standard in corporate IT environments.
However, on older systems such as Windows XP, NLA requires manual configuration. In this article, we will discuss how to enable Network Level Authentication on different versions of Windows and why it is necessary.
NLA requires the client to pass authentication before starting an RDP session. This differs from the old approach, where the connection was established immediately and the credentials were only verified afterwards. Key benefits:
Enabling Network Level Authentication (NLA) depends on the version of the operating system. Below are detailed instructions for Windows 10/11, server versions, and Windows XP SP3. During setup, be sure to check the compatibility of the RDP client, the availability of updates, and the correct operation of services.
2. Find the “Remote Desktop” block.
3. Select the option:
“Allow connections only from computers verified by network security (recommended)”.
4. Click Apply and OK.
2. Go to the following path:
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlTerminal ServerWinStationsRDP-Tcp
3. Find the UserAuthentication setting. If it is not there, create a DWORD (32-bit) value with this name.
4. Set the value to 1 (enabled).
5. Restart the server or the Remote Desktop Service (TermService).
Open PowerShell as an administrator and run:
Set-ItemProperty -Path 'HKLM:SYSTEMCurrentControlSetControlTerminal ServerWinStationsRDP-Tcp' -Name 'UserAuthentication' -Value 1
Configuring NLA on server operating systems is similar to desktop operating systems:
2. Go to: Local Server → Remote Desktop
3. Click “Disabled” next to Remote Desktop → select:
4. Apply the settings.
Also make sure that:
Windows XP cannot be an NLA-enabled server, but it can connect to other systems where NLA is enabled if the following conditions are met:
Download and install Remote Desktop Connection Client 6.1 or later (for example, from the Microsoft website or Windows Update).
CredSSP (Credential Security Support Provider) is required for network-level authentication. To enable it:
2. After installation, edit the registry:
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa]
"Security Packages"=hex(7):43,00,72,00,65,00,64,00,45,00,53,00,53,00,50,00,00,00
The CredSSP value is added to the security package list.
3. Restart your computer.
If you are using local policy (in Windows XP Pro):
2. Go to: Computer Configuration → Administrative Templates → System → Credentials Delegation
3. Enable:
4. Apply and restart the system.
|
Error |
Reason |
How to fix |
|
NLA required |
Old customer |
Update RDP to 6.1+ |
|
Security protocol not supported |
Incompatible OS |
Check CredSSP support |
|
Access denied |
No entry |
Add the user to the desired group |
Configuring NLA is a mandatory step for anyone using a remote desktop. It minimizes risks and ensures the security of your corporate infrastructure. Even on older systems, it is possible to connect to secure RDP servers with the right configuration.
