RDP to a pGina client

There is no problem connection to a pGina client using RDP, only that you need to disable preauthentication. pGina doesn’t support preauthentication and on the other hand, how do you authenticate a user that doesn’t exist on the system before pGina create it.

There are two ways to achieve this

If you manipulate Default.rdp than this setting will be applied to all new connections. A preconfigured rdp file on the other hand can do even an autologin.

screen mode id:i:2
desktopwidth:i:2560
desktopheight:i:1024
session bpp:i:16
winposstr:s:0,1,-1181,71,-29,905
full address:s:client.local
compression:i:1
keyboardhook:i:2
audiomode:i:0
redirectdrives:i:0
redirectprinters:i:0
redirectcomports:i:0
redirectsmartcards:i:1
displayconnectionbar:i:1
autoreconnection enabled:i:1
authentication level:i:0
username:s:username
domain:s:
alternate shell:s:
shell working directory:s:
disable wallpaper:i:0
disable full window drag:i:0
disable menu anims:i:0
disable themes:i:0
disable cursor setting:i:0
bitmapcachepersistenable:i:1
enablecredsspsupport:i:0

password 51:b:longbytestring

If you add a password hash at “password 51:b:” than you achieve an autologin, otherwise the user needs to type his password into the password field of the logon screen.

Some google results for: How to hash RDP pwd

RDP from a pgina client

You can’t use pgina to preauthenticate on another machine. Only Windows default password provider (“Use another account”) will do this. Windows RDP GUI

Windows 10

If you want to connect to a Windows 10 RDP server you also need to set a regkey to disable preauthentication.

reg add “HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp” /v SecurityLayer /t REG_DWORD /d 0 /f