RDP disable SLA

How to Disable NLA on the RDS 2012 Server

To disable mandatory use of NLA by clients, in Server Manager console go to Remote Desktop Services -> Collections -> QuickSessionCollection, then Tasks -> Edit Properties, click Security and uncheck Allow connections only from computers running Remote Desktop with Network Level Authentication.

Of course, you need tounderstand that disabling NLA at the server level reduces the system security and generally is not recommended. It is preferable to use the second method.

How to Enable NLA at the Level of Windows XP Client

NLA support appeared in Windows XP starting from SP3, but it is disabled by default. It is possible to enable NLA support only from the registry. To do it:

• In HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders, edit the value of SecurityProviders key by adding credssp.dll at the end (separated from its current value by comma)
• Then in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa add the line tspkg to the value of Security Packages setting
• After making these changes, restart your computer

After these actions are performed, a computer with Windows XP SP3 should easily connect to the terminal farm on Windows 2012 via rdp.

Tip. Alongside with that, there appeared another problem with printing via Easy Print. To let Windows XP computers on RDS 2012 print using Easy Print, the clients should meet the following requirements:

• OS – Windows XP SP3 or later,
• RDP client version – 6.1 or later
• .NET Framework 3.5.