Forum Discussion

Commander_E's avatar
Commander_E
Copper Contributor
Dec 31, 2021

Azure Virtual Desktop Host Pool RDP Properties for default sign-in with other account

Hi,

 

I'm running different Host-pools for our consultants for connecting to our customers within each host-pool is one Virtual Machine with it's own personal local credentials that no one else needs to know. Because of that i want that particular username/password entered in the RDP-properties, but it keeps returing with logging in with my own azure account.

 

Below the latest RDP-properties i've tried:

 

prompt for credentials:i:0;username:s:user;promptcredentialonce:i:0;connect to console:i:1;gatewaycredentialssource:i:2;password 51:b:system.byte[];drivestoredirect:s:*;audiomode:i:0;videoplaybackmode:i:1;redirectclipboard:i:1;redirectprinters:i:1;devicestoredirect:s:*;redirectcomports:i:1;redirectsmartcards:i:1;usbdevicestoredirect:s:*;enablecredsspsupport:i:1;use multimon:i:1

 

I've also tried with the normal Password RDP-propertie, but the RDP-properties keeps adjusting the password without the capital letters (and doesn't work either)

  • I believe those credentials, saved into Remote Desktop (especially the password) is saved in the Windows Credential Manager, specific to each user, if you open:

    Credential Manager, select Windows Credentials you should be able to see your TERMSRV entries, but it is encrypted on that PC only (unless you exported the backup and imported to another machine as a test).

    Saving username and passwords in plain text in an RDP file would be a 'no no', I believe you might be able to save the username, but don't think the password will work.

     

    Depending on the resources you want and for better security and auditability you may be able to use Azure AD Privileged access groups that are delegated to application/host groups: https://docs.microsoft.com/en-us/azure/active-directory/privileged-identity-management/groups-features, allowing your consultants to request access to specific hosts when they need it the most.

    • Commander_E's avatar
      Commander_E
      Copper Contributor

      lukemurraynz 

       

      As you can see, i don't save the credentials in plain-text. The password is encrypted so it isn't available for no one. Besides that. That RDP-properties are not offloaded to the personal workstation.

       

      If it's not possible to store those credentials in de Azure Virtual Desktop Host-Pool properties. Then again it isn't possible to enable the option: Save Credentials. The next time i will return to that Virtual Desktop, it askes for credentials again. 

Resources