Results 1 to 7 of 7

Thread: "Do not display last username" with Remote Desktop on Server 2008

  1. #1
    Timothy Guest

    "Do not display last username" with Remote Desktop on Server 2008

    I just deployed my first Server 2008 box in our internal environment for
    testing. We do nearly all management via remote desktop. One of our
    corporate security policies is to NOT show the last logged on user, to
    prevent information disclosure of our admin usernames. We use a GPO in our
    domain to control the "Interactive logon: Do not display last username"
    setting to set it to ENABLED for all servers. This works on all Server 2003
    boxes flawlessly. The Server 2008 box works when you are at the physical
    console, but when you remote desktop, you are presented with the "logon
    icons" where you can select the last user or "other user." This behavior
    violates our corporate security policy.

    I double checked the setting by running rsop.msc. The policy is being
    applied and is set to "ENABLED." I also checked the Local Security Policy,
    which shows it set to enabled as well, and the little "policy" icon is there
    to show group policy governs this setting (so it is not changable).

    Is there a new setting specific to terminal services? I went to the
    Terminal Services administrative template and didn't see anything there that
    might be helpful. I also went to the Terminal Services Configuration MMC,
    nothing was helpful there either.

    I'm thoroughly lost here, because from what I read, all you need to do is
    set the "Do not display last user name" and all will be well. But it's not
    working.

  2. #2
    Meinolf Weber Guest

    Re: "Do not display last username" with Remote Desktop on Server 2008

    If you are fill in the mstsc/remote desktop window the username it will be
    automatically saved on the local machine, so make sure that the username
    is not set there if you close mstsc/remote desktop. Leave the username field
    empty.

  3. #3
    Join Date
    Oct 2008
    Posts
    1
    I am not filling in the username or password on my terminal service client
    (I'm using RD Tabs, which you can turn off NLA and also elect to not supply a
    username/password) but even on older mstsc.exe (RDP 5.x) I get the logon
    screen and have a choice between two icons, the admin user and "other user."
    I cannot get it to STOP showing the admin user after I connect.

  4. #4
    Lanwench [MVP - Exchange] Guest
    Hi - you've posted a reply to a message that doesn't seem to be on the
    server any longer, and you haven't quoted the original text in your message,
    so it's unlikely that anyone will know what you're talking about.

    I suggest you stop using the forum web interface you're using and try a news
    client, such as Forte Agent, Thunderbird, or even Outlook Express, rather
    than the pretty clunky web interface to the newsgroups. It's a lot easier to
    do nearly everything that way. You can mark messages to be watched, filter
    the views so you can see replies to your posts easily, and search.

    The Microsoft public news server is msnews.microsoft.com and you can
    subscribe to as many groups as you like; no authentication is required.

    To what posting are you replying?

  5. #5
    Join Date
    Jun 2010
    Posts
    1

    Re: "Do not display last username" with Remote Desktop on Server 2008

    Hi guys I SOLVED THIS ...

    please read point 2 of this article ... - God Luck !

  6. #6
    Join Date
    Sep 2010
    Posts
    1

    Re: "Do not display last username" with Remote Desktop on Server 2008

    Hi Elmoro,

    I can't see your solution for the interactive logon in your post. What did you do to fix this.

    Thanks!

  7. #7
    Join Date
    Apr 2011
    Posts
    1

    Re: "Do not display last username" with Remote Desktop on Server 2008

    Hey, I spent quite awhile to figure this one out.

    The last username information is actually stored locally on the client side, not on the 2008 server. This information is held in the
    \MyDouments\Default.rdp file and in the registry at
    HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\Default. You will find a bunch of MRU keys that you should delete. You should also delete the keys in HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\Servers.

    Good news is the display of the last username can also be controlled on the server side.
    Go to Start > Administrative Tools > Remote Desktop Services > Remote Desktop Session Host Configuration.

    In the window that appears, right-click on the item in the "Connections window" and click properties. In the "Log on settings" tab, check the middle option, "Always use the following logon information" an leave every field blank. Click, apply, Ok. Logout and log back in. The last user name should be gone form the RDP screen.

    You really have two choices in how to handle this:

    1) Delete RDP file and registry items on the client every time it is used for RDP
    OR
    2) make the changes on the server to ignore the client's supplied logon info.

Similar Threads

  1. Replies: 5
    Last Post: 11-05-2011, 06:55 PM
  2. Replies: 5
    Last Post: 19-04-2011, 10:37 PM
  3. Replies: 4
    Last Post: 08-06-2010, 03:46 PM
  4. Replies: 7
    Last Post: 26-10-2007, 12:28 AM
  5. Replies: 1
    Last Post: 06-02-2007, 04:21 AM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Page generated in 1,675,195,994.93534 seconds with 17 queries