2.2.1.2.1 RDP Negotiation Response (RDP_NEG_RSP)
The RDP Negotiation Response structure is used by a server to inform the client of the security protocol which it has selected to use for the connection.
|
|
|
|
|
|
|
|
|
|
1 |
|
|
|
|
|
|
|
|
|
2 |
|
|
|
|
|
|
|
|
|
3 |
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
type |
flags |
length |
|||||||||||||||||||||||||||||
|
selectedProtocol |
|||||||||||||||||||||||||||||||
type (1 byte): An 8-bit, unsigned integer that indicates the packet type. This field MUST be set to 0x02 (TYPE_RDP_NEG_RSP).
flags (1 byte): An 8-bit, unsigned integer that contains protocol flags.
-
Flag
Meaning
EXTENDED_CLIENT_DATA_SUPPORTED
0x01
The server supports Extended Client Data Blocks in the GCC Conference Create Request user data (section 2.2.1.3).
DYNVC_GFX_PROTOCOL_SUPPORTED
0x02
The server supports the Graphics Pipeline Extension Protocol described in [MS-RDPEGFX] sections 1, 2, and 3.
NEGRSP_FLAG_RESERVED
0x04
An unused flag that is reserved for future use. This flag SHOULD be ignored by the client.
RESTRICTED_ADMIN_MODE_SUPPORTED
0x08
Indicates that the server supports credential-less logon over CredSSP (also known as "restricted admin mode") and it is acceptable for the client to send empty credentials in the TSPasswordCreds structure defined in [MS-CSSP] section 2.2.1.2.1.<3>
REDIRECTED_AUTHENTICATION_MODE_SUPPORTED 0x10
Indicates that the server supports credential-less logon over CredSSP with credential redirection (also known as "Remote Credential Guard"). The client can send a redirected logon buffer in the TSRemoteGuardCreds structure defined in [MS-CSSP] section 2.2.1.2.3.
length (2 bytes): A 16-bit, unsigned integer that specifies the packet size. This field MUST be set to 0x0008 (8 bytes).
selectedProtocol (4 bytes): A 32-bit, unsigned integer that specifies the selected security protocol.
-
Value
Meaning
PROTOCOL_RDP
0x00000000
Standard RDP Security (section 5.3).
PROTOCOL_SSL
0x00000001
TLS 1.0, 1.1 or 1.2 (section 5.4.5.1).
PROTOCOL_HYBRID
0x00000002
CredSSP (section 5.4.5.2).
PROTOCOL_RDSTLS
0x00000004
RDSTLS protocol (section 5.4.5.3).
PROTOCOL_HYBRID_EX
0x00000008
Credential Security Support Provider protocol (CredSSP) (section 5.4.5.2) coupled with the Early User Authorization Result PDU (section 2.2.10.2).
PROTOCOL_RDSAAD
0x00000010RDS-AAD-Auth Security (section 5.4.5.4).