SynopsisPerforms the configuration required on Windows XP SP3 machines to allow more secure remote desktop connections to Windows Vista, 2008 and higher servers.
- EnableClientNLA [-ComputerName] [-Reboot] [-Credential]
DescriptionThe Enable-ClientNLA cmdlet is used to configure the client-side components necessary for Windows XP SP3 to connect to servers that require Network Level Authentication on Remote Desktop connections. Specifically, the cmdlet configures the XP client to use the Credential Security Service Provider (CredSSP). This cmdlet is for use with XP SP3 only. Earlier versions of the operating system do not support NLA connections and later versions of Windows come with CredSSP configured by default.
- ComputerName The computer against which to run the cmdlet. By default this parameter will be populated with the name of the local computer.
- Reboot Reboot the computer after the changes have been made. A reboot is required to make the changes active.
- Credential The credentials under which to run the cmdlet. By default this cmdlet will run as the current user. Using this parameter and the Get-PSCredential cmdlet you can specify an alternate set of credentials under which to execute this command.
InputsEnable-ClientNLA accepts input objects with a Computer, Computername or CN property for use with the ComputerName parameter.
OutputsEnable-ClientNLA makes changes directly to the Windows registry and does not output any Powershell objects.
NotesThe Enable-ClientNLA cmdlet requires that the RPC service is started on the computer it is trying to access and that DNS services are available to resolve target host names.
Example 1This command will enable client-side network level authentication on the local computer:
Example 2This command will enable client-side network level authentication on the remote computer PC01 and will also reboot the computer so that the changes take effect:
C:\PS>Enable-ClientNLA -Computer PC01 -Reboot