10.11. Procedure – Saving login credentials for RDP on Windows

You can use automatic RDP login on Windows, but the stored credentials are not trusted by default, and you have to enter the password for each connection. Create the following local policies on the client to allow delegating saved credentials:

  1. Start the Group Policy Editor: run gpedit.msc

  2. Navigate to Local Computer Policy > Computer Configuration > Administrative Templates > System > Credentials Delegation

  3. Open the Allow Delegating Saved Credentials with NTLM-only Server Authentication policy

  4. Click Show and enter TERMSRV/*

  5. Click Apply

  6. Open the Allow Delegating Saved Credentials policy

  7. Click Show and enter TERMSRV/*

  8. Click Apply

  9. Open the Allow Delegating Default Credentials with NTLM-only Server Authentication policy

  10. Click Show and enter TERMSRV/*

  11. Click Apply

  12. Open the Allow Delegating Default Credentials policy

  13. Click Show and enter TERMSRV/*

  14. Click Apply

  15. Verify that the Deny Delegating Saved Credentials policy does not contain TERMSRV/* in the list

  16. Close the Group Policy Editor

  17. From the command line, issue the gpupdate /force command