Tuesday, March 17, 2009

Give Windows XP Network Level Authentication Support

I ran into a hitch with all these new fancy Windows 2008 servers where the new group policy is for NLA (Network Level Authentication) but I’m stubborn and I am still on XP and havent gone to Vista.

Thanks to an article at Vidmar i found a solution through one of the people that commented on a similar article written pre SP3 days.


To enable NLA in XP machines; first install XP SP3, then edit the registry settings on the XP client machine to allow NLA

• Configure Network Level Authentication

1. Click Start, click Run, type regedit, and then press ENTER.
2. In the navigation pane, locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
3. In the details pane, right-click Security Packages, and then click Modify.
4. In the Value data box, type tspkg. Leave any data that is specific to other SSPs, and then click OK.
5. In the navigation pane, locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders
6. In the details pane, right-click SecurityProviders, and then click Modify.
7. In the Value data box, type credssp.dll. Leave any data that is specific to other SSPs, and then click OK.
8. Exit Registry Editor.
9. Restart the computer.

Now when you run remote desktop you will notice that Network Level Authentication is supported. To check this, right-click the top left hand corner of a remote desktop session and choose, Help > About


Original Article

Another poster linked to the microsoft post which is much more long whinded.


Posted by admin in
Permalink
Page 1 of 1 pages