Setting to make LOCAL COMPUTER default rather than DOMAIN on RDP login screen

edited September 2019 in General
We are using an RD Gateway and we have some machines that we would like to default to the LOCAL computer for authentication (even though they may or may not have a domain available). It seems to default to the domain on the login screen. Example for a computer named PC: PC\Username <-- this is what we WANT and we can login to the local PC is we type this Domain\Username <-- this appears to be the default for all domain joined computers It appears that (if you are using a RD Gateway) the domain setting is not passed to the RDP login screen nor is it passed if you specify the username with the PC\Username format (PC\Username WILL be used to authenticate to the RD Gateway though). With the default Credential provider you CAN pass the domain from the RDP file as domain:s:DOMAIN or with the username username:s:PC\Username We tried to set the MOTP config option: domain_name=PC but that didn't seem to do anything We set the computer's default domain via GPO -- but that did not seem to change anything We tried to set: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultDomainName\PC and HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\AltDefaultDomainName\PC The MOTP Credential Provider seems to be grabbing the domain name for the logon screen from: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Domain Does anyone have any ideas as to how to set MOTP to default to the local PC name 9such as %computername%) rather than the domain? I see that there is a plugin for pGina called the pGina Local Machine Plugin, but I'm not sure how that might relate to this situation. Anybody have any guidance? The default behavior (without MOTP) passes the parameters for domain (or domain\username) to the RD Gateway AND the RDP login. Is there a way to accomplish this? If not, is there a way to set the logon screen to use the local PC as default (rather than the domain)? Edit: Sorry about the formatting. I don't seem to have any formatting controls available. It looks better before I post.

Comments

  • Hello idoc,
    Due to security reasons, we cannot retrieve the username passed from the RDP client from our third party plugin.
    It could be possible to create a specific registry with a default value before the username.
    Examples:
    Default value = "MYPC" -> login credential used : MYPC\username
    Default value = "" (empty) -> like now (Domain if in a domain, Computer if not in domain)
    Is it what you would like ? Regards,
  • That would work. Can that be done?
  • Great, we will implement that in the next weeks.
  • Hello, the new version 5.8.0.2 of Credential Provider has been published. Can you please give it a try ? Regards.
  • It appears that the download link is not working. https://download.multiotp.net/credential-provider/
  • edited November 2020
    Yes, it's because the first text displayed is the content of the read-me file. The download link is at the bottom of the page. Can you please check. Have a nice day.
This discussion has been closed.