Hello AskPerf readers! My name is Don Geddes, and I am a Support Escalation Engineer on the Performance team. Over the last couple of months, we’ve been getting quite a few calls on a new popup dialog box that occurs when connecting to a web site that hosts Terminal Services connections or Terminal Server RemoteApps. Today, we’re going to talk about what exactly this dialog box means – a quick overview, if you will, that is more user-focused. In my next post, I’ll go into more technical depth – a more administrator-focused piece. I know some of you are wondering why I’m not putting everything into one post – the simple answer is that there’s a lot of information and it might get confusing – especially for end-users who might read these posts. So without further ado …
Otherwise known as the “Unknown Publisher prompt” or the “Redirection Warning”, this dialog will start to appear after you have updated your Windows XP computer to Service Pack 3 or the RDC 6.1 client was installed. There are 2 different prompts that you might see, depending on if you are opening a Terminal Services connection or running a RemoteApp. Here are some screenshots:
Remote Desktop Connection:
Here is what the dialog looks like if you are starting a RemoteApp:
These new dialogs have caused confusion among users and IT staff alike, as they are new prompts that were not seen with the older version of the RDP client that was included with Windows XP. The first question that I am asked is usually “What is this prompt? It looks scary and makes me think I clicked on something I shouldn’t have!” Don’t worry, you didn’t do anything wrong, this new prompt is a security feature that is in the latest RDP clients, and once you understand what exactly is going on, it is not all that scary. To translate what this dialog is really trying to tell you, I could put it like this: “The Remote Desktop client cannot verify that the computer you are connecting to is really who it claims to be. Don’t connect unless you trust the website that you visited.” If you arrived at this web page because you were given the link by someone you trust (for example, your company web administrator) then it is normally safe to go ahead and click the Connect button. If you do not trust the website you visited and did not click on a link that generated this dialog, then don’t click the Connect button. See, I told you it wasn’t really that scary!
The second question that I am usually asked is something like this: “How do I get rid of this thing? It’s annoying and I don’t like it.” The short answer is that you can’t get rid of it, not without a little help from the web server administrator. The prompt will always show because the Remote Desktop Client always assumes the server that you are connecting to is unsafe unless it can verify its identity. That is where your IT or Web administrator comes in.
If your system administrator upgrades the server to Windows Server 2008 and uses certificates, you will see a different prompt that allows you to hide the dialog box on subsequent connections to the server. You will know your administrator has done this because the prompt no longer says “Unknown publisher” and has a check box titled “Don’t ask me again for remote connections from this publisher”. This basically means that the server has verified its identity and is now trusted, so if you don’t want to be see this prompt anymore, check the box and it will not display again.
With that, we’ve reached the end of this post. I hope this clears up the confusion surrounding these new security prompts. IT Administrators, stay tuned for my next post about the technical details of signing RDP files and how to make sure users never see this dialog.