Scenarios using remote credential guards

Jeffrey Ho 1 Reputation point
2022-06-10T09:49:42.327+00:00

Hi, I am new to remote credential guard (rcg) and would have clarification on the following scenario:

Scenario: Client side (Enable rcg i.e. apply GPO 'Restrict delegation of credentials to remote servers') ---rdp--> Server side (Not enable rcg i.e. not add reg key)

When I try to RDP to server from my client, I get the expected error message below:

210226-image.png

However, the question is, when I click OK, it still allows me to enter credential and let me in the server side. Is there any configuration missing and how can I prevent user using RDP to remote server without rcg enable? Thanks.

Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,981 questions
Windows Server Security
Windows Server Security
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
1,890 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. MTG 1,231 Reputation points
    2022-06-17T13:53:26.947+00:00

    You misunderstand.
    RCG does not exist to keep people from connecting to a server.
    Its purpose is to prevent that credentials are automatically entering the RAM of the remote machine when you use RDP.
    If you choose to enter a password manually, of course there is no protection.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.