6 Appendix A: Product Behavior
The information in this specification is applicable to the following Microsoft products or supplemental software. References to product versions include updates to those products.
Windows NT Server 4.0 operating system, Terminal Server Edition
Windows 2000 operating system
Windows XP operating system
Windows Server 2003 operating system
Windows Vista operating system
Windows Server 2008 operating system
Windows 7 operating system
Windows Server 2008 R2 operating system
Windows 7 operating system with Service Pack 1 (SP1)
Windows 8 operating system
Windows Server 2012 operating system
Windows 8.1 operating system
Windows Server 2012 R2 operating system
Windows 10 operating system
Windows Server 2016 operating system
Windows Server operating system
Windows Server 2019 operating system
Windows Server 2022 operating system
Windows 11 operating system
Windows Server 2025 operating system
Exceptions, if any, are noted in this section. If an update version, service pack or Knowledge Base (KB) number appears with a product name, the behavior changed in that update. The new behavior also applies to subsequent updates unless otherwise specified. If a product edition appears with the product version, behavior is different in that product edition.
Unless otherwise specified, any statement of optional behavior in this specification that is prescribed using the terms "SHOULD" or "SHOULD NOT" implies product behavior in accordance with the SHOULD or SHOULD NOT prescription. Unless otherwise specified, the term "MAY" implies that the product does not follow the prescription.
<1> Section 1.5: By default, Microsoft RDP servers listen on port 3389. Microsoft RDP clients, by extension, attempt to connect on the same port.
<2> Section 2.2.1.1.1: Microsoft RDP 4.0, 5.0, 5.1, 5.2, 6.0, 6.1, and 7.0 clients do not support credential-less logon over CredSSP. This functionality is not supported in Windows NT operating system, Windows 2000, Windows XP, and Windows Vista.
<3> Section 2.2.1.2.1: Microsoft RDP 4.0, 5.0, 5.1, 5.2, 6.0, 6.1, and 7.0 servers do not support credential-less logon over CredSSP. This functionality is not supported in Windows Server 2003 and Windows Server 2008.
<4> Section 2.2.1.2.2: The SSL_WITH_USER_AUTH_REQUIRED_BY_SERVER (0x00000006) failure code is only sent by Microsoft RDP 6.0 servers.
<5> Section 2.2.1.3.2: All Microsoft RemoteFX servers ignore the keyboardLayout field.
<6> Section 2.2.1.3.2: Microsoft RDP servers apply only the active locale identifier to a newly created session. The value is ignored when connecting to an existing session.
<7> Section 2.2.1.3.2: The deviceScaleFactor field is processed only in Windows 8.1.
<8> Section 2.2.1.3.5: REDIRECTION_VERSION1 (0x00) is not advertised by any Microsoft RDP clients.
<9> Section 2.2.1.3.5: REDIRECTION_VERSION2 (0x01) is not advertised by any Microsoft RDP clients.
<10> Section 2.2.1.3.5: REDIRECTION_VERSION3 (0x02) is advertised only by Microsoft RDP 5.1 and 5.2 clients.
<11> Section 2.2.1.3.5: REDIRECTION_VERSION4 (0x03) is advertised only by Microsoft RDP 6.0 and 6.1 clients.
<12> Section 2.2.1.3.5: REDIRECTION_VERSION5 (0x04) is advertised only by Microsoft RDP 7.0 and 7.1 clients.
<13> Section 2.2.1.3.5: REDIRECTION_VERSION6 (0x05) is advertised only by Microsoft RDP 8.0, 8.1, 10.0, 10.1, 10.2, 10.3, 10.4, and 10.5 clients.
<14> Section 2.2.1.3.10.1: The deviceScaleFactor field is processed only in Windows 8.1.
<15> Section 2.2.1.4.6: Only Microsoft RDP 8.0 and 8.1 servers advertise the TRANSPORTTYPE_UDPFECL (0x04) flag.
<16> Section 2.2.1.11.1.1: The Microsoft RDP 6.0 client incorrectly sends the active input locale identifier in the CodePage field of the Info Packet structure.
<17> Section 2.2.1.11.1.1: Microsoft RDP servers only apply the active language identifier to a newly created session. The value is ignored when connecting to an existing session.
<18> Section 2.2.1.11.1.1.1: The PERF_ENABLE_FONT_SMOOTHING flag is not read by RDP 4.0, 5.0, 5.1, or 5.2 servers.
<19> Section 2.2.1.11.1.1.1: The PERF_ENABLE_DESKTOP_COMPOSITION flag is only read by RDP 6.0, 6.1, 7.0, and 7.1 servers.
<20> Section 2.2.1.11.1.1.1: Microsoft RDP clients set the reserved1 field to 100.
<21> Section 2.2.1.11.1.1.1: Microsoft RDP 8.0, 8.1, 10.0, 10.1, 10.2, 10.3, 10.4, and 10.5 clients do not send the cbDynamicDSTTimeZoneKeyName, dynamicDSTTimeZoneKeyName and dynamicDaylightTimeDisabled fields if the RNS_UD_SC_ DYNAMIC_TIME_ZONE_SUPPORTED (0x00000002) flag is not set in the earlyCapabilityFlags field of the Server Core Data (section 2.2.1.4.2).
<22> Section 2.2.1.11.1.1.1: Microsoft RDP 8.0, 8.1, 10.0, 10.1, 10.2, 10.3, 10.4, and 10.5 clients do not send the cbDynamicDSTTimeZoneKeyName, dynamicDSTTimeZoneKeyName and dynamicDaylightTimeDisabled fields if the RNS_UD_SC_ DYNAMIC_TIME_ZONE_SUPPORTED (0x00000002) flag is not set in the earlyCapabilityFlags field of the Server Core Data (section 2.2.1.4.2).
<23> Section 2.2.1.11.1.1.1: Microsoft RDP 8.0, 8.1, 10.0, 10.1, 10.2, 10.3, 10.4, and 10.5 clients do not send the cbDynamicDSTTimeZoneKeyName, dynamicDSTTimeZoneKeyName and dynamicDaylightTimeDisabled fields if the RNS_UD_SC_ DYNAMIC_TIME_ZONE_SUPPORTED (0x00000002) flag is not set in the earlyCapabilityFlags field of the Server Core Data (section 2.2.1.4.2).
<24> Section 2.2.7.1.1: Microsoft RDP 7.1 RemoteFX servers and RDP 8.0, 8.1, 10.0, 10.1, 10.2, 10.3, 10.4, and 10.5 servers require that clients specify both the FASTPATH_OUTPUT_SUPPORTED (0x0001) and LONG_CREDENTIALS_SUPPORTED (0x0004) flags to indicate support for fast-path output. If both of these flags are not specified, then the server assumes that the client does not support fast-path output.
<25> Section 2.2.7.1.1: Microsoft RDP 7.1 RemoteFX servers and RDP 8.0, 8.1, 10.0, 10.1, 10.2, 10.3, 10.4, and 10.5 servers require that clients specify both the FASTPATH_OUTPUT_SUPPORTED (0x0001) and LONG_CREDENTIALS_SUPPORTED (0x0004) flags to indicate support for fast-path output. If both of these flags are not specified, then the server assumes that the client does not support fast-path output.
<26> Section 2.2.7.1.3: Microsoft RDP clients that advertise support for Surface Commands (2.2.9.2) and TS_NEG_SCRBLT_INDEX (0x02) also advertise support for TS_NEG_MEMBLT_INDEX (0x03) when connecting to RDP 8.0, 8.1, 10.0, 10.1, 10.2, 10.3, 10.4, and 10.5 servers.
<27> Section 2.2.7.1.3: Microsoft RDP clients that advertise support for Surface Commands (2.2.9.2) and TS_NEG_MEMBLT_INDEX (0x03) also advertise support for TS_NEG_SCRBLT_INDEX (0x02) when connecting to RDP 8.0, 8.1, 10.0, 10.1, 10.2, 10.3, 10.4, and 10.5 servers.
<28> Section 2.2.7.1.6: Microsoft RDP 4.0, 5.0, 5.1, and 5.2 servers do not explicitly set the keyboardLayout, keyboardType, keyboardSubType, and keyboardFunctionKey fields to zero.
<29> Section 2.2.7.1.6: Microsoft RDP 4.0, 5.0, 5.1, and 5.2 servers do not explicitly fill the imeFileName field with zeros.
<30> Section 2.2.7.1.6: All Microsoft RDP RemoteFX servers ignore the keyboardLayout field.
<31> Section 2.2.7.2.10.1.1: Microsoft RDP servers ignore Bitmap Codec structures (section 2.2.7.2.10.1.1) with the codecGUID field set to CODEC_GUID_IMAGE_REMOTEFX.
<32> Section 2.2.8.1.1.3: Due to server-side timing issues, Microsoft RDP 8.0 servers do not always process slow-path input PDUs that were sent by the client before it received any graphics PDUs.
<33> Section 2.2.8.1.1.3: Microsoft RDP 7.1 RemoteFX servers do not support slow-path input.
<34> Section 2.2.8.1.2: Due to server-side timing issues, Microsoft RDP 7.1 RemoteFX servers and RDP 8.0 servers do not always process fast-path input PDUs that were sent by the client before it received any graphics PDUs.
<35> Section 2.2.8.2.2: Only Microsoft RDP 5.0, 5.1, 5.2, 6.0, 6.1, 7.0, and 7.1 servers send the Set Keyboard IME Status PDU.
<36> Section 2.2.9.1.1.3.1: Microsoft RDP 7.1 RemoteFX servers and RDP 8.0, 8.1, 10.0, 10.1, 10.2, 10.3, 10.4, and 10.5 servers do not support slow-path graphics output.
<37> Section 2.2.11.2: Microsoft RDP 8.0 servers do not correctly process the Refresh Rect PDU in either single monitor or multiple monitor scenarios. Microsoft RDP 8.1 servers do not correctly process the Refresh Rect PDU in multiple monitor scenarios. The workaround in both cases is to force a refresh of the entire virtual desktop by sending two Suppress Output PDUs (section 2.2.11.3): one Suppress Output PDU to suppress display updates, followed by another Suppress Output PDU to resume display updates.
<38> Section 2.2.13.1: The LB_CLIENT_TSV_URL redirection flag is supported only on Windows 7 and Windows Server 2008 R2.
<39> Section 2.2.13.1: The LB_SERVER_TSV_CAPABLE redirection flag is supported only on Windows 7 and Windows Server 2008 R2.
<40> Section 2.2.13.1: The TsvUrlLength field is supported only on Windows 7 and Windows Server 2008 R2.
<41> Section 2.2.13.1: The TsvUrl field is supported only on Windows 7 and Windows Server 2008 R2.
<42> Section 2.2.15.1: Only Microsoft RDP 8.0 and 8.1 servers send the Server Initiate Multitransport Request PDU with the requestedProtocol field set to INITITATE_REQUEST_PROTOCOL_UDPFECL (0x02). This implies that the RDP-UDP FEC lossy transport is only supported by RDP 8.0 and 8.1 servers.
<43> Section 3.2.5.3.1: All Microsoft RDP clients, except for RDP 4.0 and 5.0 clients, include the cookie field in the X.224 Connection Request PDU if a nonempty username can be retrieved for the current user and the routingToken field is not present (the IDENTIFIER used in the cookie string is the login name of the user truncated to nine characters).
<44> Section 3.2.5.9.4.1: The Play Sound PDU is not sent by Windows 7 and Windows Server 2008 R2 operating system Remote Desktop implementations, due to architectural changes in the underlying driver subsystem. Instead, all system and application-generated beeps are dispatched to a client by using the RDP audio redirection protocol specified in [MS-RDPEA]. If a client does not support RDP audio redirection, it will not receive any beep notifications.
<45> Section 3.3.5.3.3: Microsoft RDP 5.0 servers support a maximum width of 1,600 pixels. Microsoft RDP 5.1, 5.2, 6.0, 6.1, 7.0, and 7.1 servers support a maximum width of 4,096 pixels. Note that Windows Server 2003 RDP servers scale down the supported color depth to reduce memory usage if the width is greater than 1,600 pixels. Microsoft RDP 8.0, 8.1, 10.0, 10.1, 10.2, 10.3, 10.4, and 10.5 servers support a maximum width of 8,192 pixels.
<46> Section 3.3.5.3.3: Microsoft RDP 5.0 servers support a maximum height of 1,200 pixels. Microsoft RDP 5.1, 5.2, 6.0, 6.1, 7.0, and 7.1 servers support a maximum height of 2,048 pixels. Note that Windows Server 2003 RDP servers scale down the supported color depth to reduce memory usage if the height is greater than 1,200 pixels. Microsoft RDP 8.0, 8.1, 10.0, 10.1, 10.2, 10.3, 10.4, and 10.5 servers support a maximum height of 8,192 pixels.
<47> Section 3.3.5.3.11: Microsoft RDP 4.0, 5.0, 5.1, 5.2, 6.0, and 6.1 clients always set the SEC_ENCRYPT flag in the Client Info PDU, even when the Encryption Level is ENCRYPTION_LEVEL_NONE (0).
<48> Section 3.3.5.3.19: Microsoft RDP 4.0, 5.0, 5.1, and 5.2 servers set the targetUser field to a random value.
<49> Section 3.3.5.9.4.1: The Play Sound PDU is not sent by Windows 7 and Windows Server 2008 R2 Remote Desktop implementations due to architectural changes in the underlying driver subsystem. Instead, all system and application-generated beeps are dispatched to a client by using the RDP audio redirection protocol specified in [MS-RDPEA]. If a client does not support RDP audio redirection, it will not receive any beep notifications.
<50> Section 3.3.5.10.1: Microsoft RDP 5.0, 5.1, 5.2, 6.0, 6.1, 7.0, 7.1, 8.0, 8.1, 10.0, 10.1, 10.2, 10.3, 10.4, and 10.5 servers send the INFOTYPE_LOGON or INFOTYPE_LOGON_LONG notification if the INFO_LOGONNOTIFY and INFO_AUTOLOGON flag was set by the client in the Client Info PDU (section 2.2.1.11) or if the username or domain used to log on to the session is different from what was sent in the Client Info PDU.
<51> Section 4.11: These features are available only after installation of the updates in [MSKB-5017380], [MSKB-5017381], [MSKB-5017383].
<52> Section 5.4.5: TLS 1.1 is not supported by Windows NT, Windows 2000 Server operating system, Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008.
<53> Section 5.4.5: TLS 1.2 is not supported by Windows NT, Windows 2000 Server, Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008.
<54> Section 5.4.5: TLS 1.3 is not supported by Windows NT, Windows 2000 Server operating system, Windows XP operating system, Windows Server 2003 operating system, Windows Vista operating system, Windows 7 operating system, Windows 8 operating system, Windows 10, Windows Server 2008 operating system with Service Pack 2 (SP2), Windows Server 2012 operating system, Windows Server 2016, and Windows Server 2019.
<55> Section 5.4.5: CredSSP is not supported by Windows NT, Windows 2000 Server, Windows XP operating system Service Pack 1 (SP1), Windows XP operating system Service Pack 2 (SP2), and Windows Server 2003.
<56> Section 5.4.5.1: Microsoft RDP 5.2, 6.0, 6.1, 7.0, 7.1, 8.0, 8.1, 10.0, 10.1, 10.2, 10.3, 10.4, and 10.5 servers expect that the final set of client-to-server TLS handshake messages (ClientKeyExchange, ChangeCipherSpec, and Finished, illustrated in [RFC2246] Figure 1) be sent together in a single frame.
<57> Section 5.4.5.4: These features are available only after installation of the updates in [MSKB-5017380], [MSKB-5017381], [MSKB-5017383].