Configure authentication on the client by using an .rdp file

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

To configure authentication on the client by using an .rdp file

  1. Open Remote Desktop Connection.

  2. Click Options.

  3. On the Security tab, in the Authentication list, click the authentication option that you want. You can select from the following options:

    • No authentication. If you select this option, the server is not authenticated.

    • Attempt authentication. If you select this option, Transport Level Security (TLS) 1.0 is used to authenticate the terminal server, if TLS 1.0 is supported and correctly configured.

    • Require authentication. If you select this option, TLS is required to authenticate the server. If TLS is not supported or correctly configured, the connection fails. This option is only available for clients that are connecting to terminal servers running Windows Server 2003 Service Pack 1 (SP1).

  4. On the General tab, click Save As.

  5. Enter a file name for the saved connection file, and then click Save. Connections are saved as Remote Desktop protocol (.rdp) files.

  6. Distribute the .rdp file to client computers.



  • Performing this task does not require you to have administrative credentials. Therefore, as a security best practice, consider performing this task as a user without administrative credentials.

  • To open Remote Desktop Connection, click Start, point to Programs or All Programs, point to Accessories, point to Communications, and then click Remote Desktop Connection.

  • You can also edit the .rdp file by using Microsoft Notepad, where the parameter is authentication level. You can specify a value of 0, 1, or 2 where:

    • 0 = No authentication

    • 1 = Require authentication

    • 2 = Attempt authentication

    For example, you can enter the following:

    authentication level:i:0

    Whereispecifies that the value is an integer, and 0 specifies the authentication level (in this example, no authentication).

  • If you select Attempt authentication and the server certificate has expired or is not issued by a trusted root CA, or if the name of the certificate does not match the name of the client computer, you can choose to continue the connection without TLS server authentication. Other errors, however, will cause the connection to fail.

Information about functional differences

  • Your server might function differently based on the version and edition of the operating system that is installed, your account permissions, and your menu settings. For more information, see Viewing Help on the Web.

See Also


Configuring authentication and encryption
Request a certification authority certificate for the client
Configure authentication on the client by using Remote Desktop Connection
Request a computer certificate for server authentication
Configure authentication and encryption on the server
Requesting certificates