Hello,
this right be related to Add support for kerberos to RDP, however here I am talking about connecting from Windows OS (Win 10 and 11).
I’m using RoyalTS 6.1.60925.
I’ve noticed on domain DCs in the NTLM Operational Log in “Applications and services Logs -> Microsoft -> Windows -> NTLM - Operational” that every RDP connection initiated by RoyalTS is logged as an NTLM authentication, wheres from my understanding it should be best case to use Kerberos.
Example Log entry:
Domain Controller Blocked Audit: Audit NTLM authentication to this domain controller.
Secure Channel name: Server name
User name: user
Domain name: domain
Workstation name: Client name
Secure Channel type: 2
Audit NTLM authentication requests within the domain ***** that would be blocked if the security policy Network Security: Restrict NTLM: NTLM authentication in this domain is set to any of the Deny options.
If you want to allow NTLM authentication requests in the domain **** , set the security policy Network Security: Restrict NTLM: NTLM authentication in this domain to Disabled.
If you want to allow NTLM authentication requests to specific servers in the domain ****, set the security policy Network Security: Restrict NTLM: NTLM authentication in this domain to Deny for domain servers or Deny domain accounts to domain servers, and then set the security policy Network Security: Restrict NTLM: Add server exceptions in this domain to define a list of servers in the domain **** to which clients are allowed to use NTLM authentication.
This might be a configuration thing, however I was unable to find anything telling what I would need to set in RoyalTS to change the behavior.
I did some testing with the native RDP client and also MobaXterm in comparison, which to not lead to the same or a similar log entry.
Is this something not available / supported in version 6.1.60925 and specific to V7 upwards or maybe not currently supported altogether?