Article
Written by: Venkata Kumar Gorantla, Hannatti Sanjeevkumar, Sambit Dash
Reviewed by: Anju Dagliya
Note: The Remote Desktop Session Host on a Windows Server 2008 R2 device is the same as Terminal Server on a Windows Server 2003 device.
If you launch a remote desktop session from a Windows Vista or a Windows 7 Device to a Windows Server 2008 R2 device, you are prompted to specify the Windows credentials. This is because the Network Level Authentication feature of the RDC client 6.1 or higher requires Windows user credentials to be specified before the remote desktop session is launched. However, the Windows credentials are not available at this point of time for Dynamic Local Users.
The goal of this article is to enable the Dynamic Local Users to log into the Windows Server 2008 R2 Remote Desktop Session Host.
Prerequisite
- Ensure that Remote Desktop services are installed on the Windows Server 2008 R2 device.
- A Dynamic Local User Policy that has Use user source credentials and Manage existing user account (if any) options enabled is already created.
Method 1
- On the Windows Server 2008 R2 device, create local user account for all the existing eDirectory users. The account must be created with the same name as the eDirectory username and the User must change password at next logon option selected.
- Make each of the users a member of Remote Desktop Users.
- Do the following, to change the Windows password to match with Novell Client password:
- Right-click Novell Client.
- Click Novell Client Properties.
- Click Advanced Login and set the Show login Windows Password Synchronization setting On.
- Perform the following steps to enable the TSAUTOADMIN logon policy on the device:
- Open the registry editor.
- Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Novell\Login and add the following:
Value Type=REG_SZ, Name=TSClientAutoAdminLogon, Data=1
Value Type=REG_SZ, Name=DefaultLoginProfile, Data= Default - Close the registry editor.
- From a Windows Vista or Windows 7 device, launch a Remote Desktop session to the Windows Server 2008 R2 device and specify the Windows user credentials you created in Step 1.
- A Novell Client window is displayed. Click Cancel.
- In the next screen, click Novell Logon.
- Enter the Novell logon credentials to authenticate to eDirectory.
- In the Novell Login screen, specify the context and eDirectory server and click Apply.
The following warning message is displayed:
The Local Computer username or password is not valid - Click OK.
- Specify the Windows credentials and select the Change your Windows password to match your Novell password after a successful login option.
The password of the existing user is synchronized with the eDirectory password and the DLU policy settings are applied to the user account.
Method 2
- On the Windows Server 2008 R2 device, create a user who has the minimum required rights to launch a Remote Desktop session. Communicate these credentials to all the eDirectory users.
- From a Windows Vista or Windows 7 device, launch a RDP session to the Windows Server 2008 R2 device and specify the user credentials you created in Step 1.
- A Novell Client window is displayed. Click Cancel.
- In the next screen, click Novell Logon.
- Enter the DLU user credentials. On successful login, a DLU user is created.
Note: This method poses a security risk because the credentials of the user account created in step 1 has been communicated to all the eDirectory users.
Disclaimer: As with everything else at Cool Solutions, this content is definitely not supported by Novell (so don't even think of calling Support if you try something and it blows up).
It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test, test, test before you do anything drastic with it.
Related Articles
- Configuring the Novell Client for Windows 7 / Windows 2008 Server to authenticate against DSFW or Microsoft AD
- Solving RDP Issues on Remote Loader
- Establishing Cross-Realm Trust between Active Directory and Novell KDC
- ZCM Agent User Authentication fails w/credential or certificate fails (Windows Security Message)
- Mount and Access Windows Shares from the Command Line
User Comments
Not much of a solution
Submitted by gemme on 14 April 2010 - 1:59pm.
It was nice to come across a fix to this issue. I'm working on setting up a Windows 2008 terminal server with Zen 10 dlu for users and was curious about this from Windows 7/vista clients.
I'm glad to see I'm not the only one to run into this, but I can't be the only one that neither methods are possible. I can't create thousands of users local just for this, and method 2 wouldn't go over well with users.
Hopefully there will be a way to address this in the future release of Zen perhaps.
- Be the first to comment! To leave a comment you need to Login or Register
Proper Solution ?
Submitted by caritas-geldern on 15 October 2010 - 2:00am.
I fully agree with gemme. Is there already a professional solution ? Cause Novell can not expect that we create on every Remote Desktop Host localy over 200 users...
- Be the first to comment! To leave a comment you need to Login or Register
Solution !?
Submitted by Calimero on 9 March 2011 - 2:37am.
After the prerequisite go to your Windows 2008 R2 Server and open Group Policy Editor.
Then in "Computer Configuration --> Administrative Templates --> Windows Components --> Remote Desktop Services --> Remote Desktop Session Host --> Security" enable "Require use of specific security layer for remote (RDP) connections" and set the security layer to RDP.
This works for me! When I open a remote session on that server I get only one Login Screen where I enter my DLU enabled user and password and it works on my Windows 7 just like it worked before on my XP.
Would be nice to know if you get the same result
- Be the first to comment! To leave a comment you need to Login or Register
- Be the first to comment! To leave a comment you need to Login or Register
Thank you Calimero!
Submitted by alphonzo1 on 28 June 2011 - 12:15pm.
Appreciate you sharing the real solution!
- Be the first to comment! To leave a comment you need to Login or Register


5