Enable Kerberos Authentication for an 3 Host RDS farm

Marissa Van Opens 1 Reputation point
2021-12-07T02:43:34.403+00:00

Hi there,

We are trying to get off of NTLM for our entire Domain and the last tricky spot seems to be our RDS implementation.

When we Restrict NTLM and set it to Deny All we RDS breaks. From looking at this old post (https://techcommunity.microsoft.com/t5/security-compliance-and-identity/creating-kerberos-identity-for-rd-session-host-farms-part-i/ba-p/246775) it seems like I need user Powershell to create a Kerberos identity for the deployment but I can't get past step 2. This makes me think that I'm either doing something wrong or the process has changed and I can't figure out what.

Does anyone have any ideas or directions you can point me in?

Remote Desktop
Remote Desktop
A Microsoft app that connects remotely to computers and to virtual apps and desktops.
4,136 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Aakash Shah 1 Reputation point
    2022-11-02T21:57:16.013+00:00

    To clarify do you mean you were unable to use "cd RDS:\"? If so, you need to run the following before this:

    Import-Module RemoteDesktopServices  
    

    Now you should be able to use "cd RDS:\".

    0 comments No comments

  2. LeiLei-6001 0 Reputation points
    2023-06-14T09:10:32.3733333+00:00

    I have an similar issue at Step 3. "RDSFarms" doesn't exists. Only "LicenseServer" is available.
    But Im definitely connected on my Connection Broker (the affected Server is License Server and Connection Broker at once).

    Have anyone an idea, how can I fix this?

    0 comments No comments