How to remove TS Web Access, TS RemoteApp logon cache credentials
There are two ways:
1. Through group policy object
2. Manually remove
Sometimes we want to remove the cache logon credentials for security reason. This is true when you have Terminal server service for your users available through a public terminal such as commonly used workstation and do not want the next user to use the previously logon credential. In this case you will need to use a GPO so that no credentials will be saved. However there are times when you want to allow users to save credentials and need to rectify the incorrect credentials information saved. For this you will then use the second method, manual removal.
To set the GPO, go to User Configuration and under Policies browse to Administrative Templates, Windows Components, Terminal Services, Remote Desktop Connection Client and enable the policy “Do not allow password to be saved”. With this setting, users will not able to save password and RDC will prompt for user input every time user tries to connect.
For manual removal of logon credentials particularly when you have TS Web Access, some users have their credentials saved by selecting the check box that says, “I am using a private computer that complies with my organization’s security policy. By selecting this option you can save your credentials so that they can be used in the future when connecting to these programs. Before you select this option, please ensure that saving your credentials is in compliance with your organization’s security policy.”
When the next user invokes the terminal service session, he or she doesn’t have the choice to change the credentials.
Of course, you can uncheck the “I am using a private computer…” and get away with it, but the credentials are saved and you have to always fill in the credentials which sometimes very inconvenient. In order to change that, here are the steps:
1. Open Internet Explorer and go to serverxx.domainxx.com/ts and make sure the check box “I am using private computer…” is checked.
2. Fire up Remote Desktop Connection client and click the Options button to expand the window (if it is not already expanded).
3. Under Computer: field, type serverxx.domainxx.com. As soon as you have completed typing you will see text appear with edit and delete links, similar to following:
4. Click edit and credentials update dialog box will popup. Make the necessary changes and hit OK.
The next time when the user connects it will reflect the correct logon credentials.
Note: If you want to remove it, just click delete on Step 4.
Auto Suggest and drop drown
In Remote desktop connection, when you type the server name, RDC will auto suggest and provide all previous connected server name in the drop down menu. Again, for security reason you can remove it by navigating to the following registry key:
HKCU\Software\Microsoft\Terminal Server Client\Default
With Vista, Windows 7 and Windows 2008 you will have the option to backup the settings.
I hope this article will provide you some useful insights.
This website uses IntenseDebate comments, but they are not currently loaded because either your browser doesn't support JavaScript, or they didn't load fast enough.