Tuesday, May 5, 2009

Enable Network Level Authentication on Windows XP Service Pack 3

Windows 2008, Windows Vista and Windows 7 support a new feature called NLA (Network Level Authentication. This is a more secure method for remote desktop. To use network level authentication select the radio button on the Remote tab in System Properties.



Windows XP SP3 supports Network Level Authentication for connecting to devices running it. However by default on a XP SP3 machine if you try and connect to a device running NLA you will recieve this error:


To fix this we need to make a few registry changes on the Windows XP machine.
1. Click Start, click Run, type regedit, and then press ENTER.
2. In the navigation pane, locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
3. In the details pane, right-click Security Packages, and then click Modify.
4. In the Value data box, type tspkg. Leave any data that is specific to other SSPs, and then click OK.
5. In the navigation pane, locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders
6. In the details pane, right-click SecurityProviders, and then click Modify.
7. In the Value data box, type credssp.dll. Leave any data that is specific to other SSPs, and then click OK.
8. Exit Registry Editor.
9. Restart the computer.
Now when you attempt to connect to your remote computer running NLA it will successfully connect.

No comments:

Post a Comment