MsRdpEx icon indicating copy to clipboard operation
MsRdpEx copied to clipboard
verified publisher icon Devolutions

Typo and Missing instructions

Open SergeCaron opened this issue 4 weeks ago • 0 comments

Greetings!

In your article https://awakecoding.com/posts/rd-gateway-without-kdc-proxy-causes-ntlm-downgrade/ there appears to be an extra space in the user name shown in the code snippet: netsh returns error 1332. The correct user name is "NT AUTHORITY\NetworkService".

On my Windows Server 2025 Standard DC, service KPSSVC is already running with the parameters shown in your article and the urlacl is already identical to what you defined: did Microsoft hear your prayers or am I facing a new configuration ?

Finally, even when specifying KDCProxyURL:s:https://FQDN of the RDG/ in the RDP file and running & 'C:\Program Files\Devolutions\MsRdpEx\mstscex.exe' '.\(my file).rdp', the RDP session is downgraded to NTLMv2 in this environment. The client is a Windows 11 PRO 25H2 build 26200.7171.

Do you have a complete example of the extra parameters needed to establish this Kerneros session?

Is there a simple way to test that the server is indeed providing the Kerberos ticket to the client?

Regards,

SergeCaron avatar Nov 27 '25 15:11 SergeCaron