Get the Remote Desktop client. Follow these steps to get started with Remote Desktop on your Mac: Download the Microsoft Remote Desktop client from the Mac App Store. Set up your PC to accept remote connections. (If you skip this step, you can't connect to your PC.) Add a Remote Desktop connection or a remote resource. Use Microsoft Remote Desktop for Mac to connect to a remote PC or virtual apps and desktops made available by your admin. With Microsoft Remote Desktop, you can be productive no matter where you are. GET STARTED Configure your PC for remote access using the information at https://aka.ms/rdsetup. 2020-3-19 You can help protect yourself from scammers by verifying that the contact is a Microsoft Agent or Microsoft Employee and that the phone number is an official Microsoft global customer service number. Site Feedback. Tell us about your experience with our site. CoolHandTnT Created on August 16, 2011. Remote Desktop: Support for Smart Card. Remote Desktop Services and smart card sign-in. Remote Desktop Services enable users to sign in with a smart card by entering a PIN on the RDC client computer and sending it to the RD Session Host server in a manner similar to authentication that is based on user name and password.
-->
Applies To: Windows 10, Windows Server 2016
Sep 06, 2016 Macs with access to a printer capable of printing double sided can print any document as a two-sided print, meaning that each page of the document will go on the front and back of the piece of paper, kind of like a book. Print specific pages. On the File menu, click Print. To print only certain pages, under Pages, do one of the following: To print the page shown in the Quick Preview, select Current Page. To print consecutive pages like 1 -3, select From and enter the first and last page numbers in the From and To boxes. Microsoft Office Word will print all of the pages that appear on one side of the paper and then prompt you to turn the stack over and feed the pages into the printer again. Print odd and even pages. You can also use the following procedure to print on both sides: Click the Microsoft Office Button, and then click Print. Microsoft word mac print front and back.
This topic for the IT professional describes the behavior of Remote Desktop Services when you implement smart card sign-in.
The content in this topic applies to the versions of Windows that are designated in the Applies To list at the beginning of this topic. In these versions, smart card redirection logic and WinSCard API are combined to support multiple redirected sessions into a single process.
Smart card support is required to enable many Remote Desktop Services scenarios. These include:
Remote Desktop Services redirection
In a Remote Desktop scenario, a user is using a remote server for running services, and the smart card is local to the computer that the user is using. In a smart card sign-in scenario, the smart card service on the remote server redirects to the smart card reader that is connected to the local computer where the user is trying to sign in.
Remote Desktop redirection
Notes about the redirection model:
RD Session Host server single sign-in experience
As a part of the Common Criteria compliance, the RDC client must be configurable to use Credential Manager to acquire and save the user's password or smart card PIN. Common Criteria compliance requires that applications not have direct access to the user's password or PIN.
Common Criteria compliance requires specifically that the password or PIN never leave the LSA unencrypted. A distributed scenario should allow the password or PIN to travel between one trusted LSA and another, and it cannot be unencrypted during transit.
When smart card-enabled single sign-in (SSO) is used for Remote Desktop Services sessions, users still need to sign in for every new Remote Desktop Services session. However, the user is not prompted for a PIN more than once to establish a Remote Desktop Services session. For example, after the user double-clicks a Microsoft Word document icon that resides on a remote computer, the user is prompted to enter a PIN. This PIN is sent by using a secure channel that the credential SSP has established. The PIN is routed back to the RDC client over the secure channel and sent to Winlogon. The user does not receive any additional prompts for the PIN, unless the PIN is incorrect or there are smart card-related failures.
Remote Desktop Services and smart card sign-in
Remote Desktop Services enable users to sign in with a smart card by entering a PIN on the RDC client computer and sending it to the RD Session Host server in a manner similar to authentication that is based on user name and password.
In addition, Group Policy settings that are specific to Remote Desktop Services need to be enabled for smart card-based sign-in.
To enable smart card sign-in to a Remote Desktop Session Host (RD Session Host) server, the Key Distribution Center (KDC) certificate must be present on the RDC client computer. If the computer is not in the same domain or workgroup, the following command can be used to deploy the certificate:
certutil -dspublish NTAuthCA 'DSCDPContainer'
The DSCDPContainer Common Name (CN) is usually the name of the certification authority.
Example:
certutil -dspublish NTAuthCA <CertFile> 'CN=NTAuthCertificates,CN=Public Key Services,CN=Services,CN=Configuration,DC=engineering,DC=contoso,DC=com'
For information about this option for the command-line tool, see -dsPublish.
Remote Desktop Services and smart card sign-in across domains
To enable remote access to resources in an enterprise, the root certificate for the domain must be provisioned on the smart card. From a computer that is joined to a domain, run the following command at the command line:
certutil -scroots update
![]()
For information about this option for the command-line tool, see -SCRoots.
For Remote Desktop Services across domains, the KDC certificate of the RD Session Host server must also be present in the client computer's NTAUTH store. To add the store, run the following command at the command line:
Usb Smart Card Reader
certutil -addstore -enterprise NTAUTH <CertFile>
Where <CertFile> is the root certificate of the KDC certificate issuer. Microsoft office visio mac os x.
For information about this option for the command-line tool, see -addstore.
Note If you use the credential SSP on computers running the supported versions of the operating system that are designated in the Applies To list at the beginning of this topic: To sign in with a smart card from a computer that is not joined to a domain, the smart card must contain the root certification of the domain controller. A public key infrastructure (PKI) secure channel cannot be established without the root certification of the domain controller.
Sign-in to Remote Desktop Services across a domain works only if the UPN in the certificate uses the following form: <ClientName>@<DomainDNSName>
Microsoft Remote Desktop 10 Mac Smart Card
The UPN in the certificate must include a domain that can be resolved. Otherwise, the Kerberos protocol cannot determine which domain to contact. You can resolve this issue by enabling GPO X509 domain hints. For more information about this setting, see Smart Card Group Policy and Registry Settings.
Smart Card Service AndroidSee alsoComments are closed.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |