Jump Desktop 8 0 2 – Remote Desktop Utility

  1. Jump Desktop 8 0 2 – Remote Desktop Utility Software
  2. Microsoft Remote Desktop 8.0.44
  3. Microsoft Remote Desktop 8
  4. Remote Desktop Protocol 8
-->
  • Pay what you want for Jump Desktop, Limited time offer only http://stacksocial.com/sales/the-name-your-own-price-mac-bundle-4-0-ft-snagit-flux-4?aid=a-p8nrvb.
  • Add a remote access user. After installation completes Jump Desktop Connect will launch. Click the Add a remote access user link and sign into your Jump Desktop account. When you're done, Jump Desktop Connect will list you as a remote access user. Access your desktop from an iPad, iPhone, Android, Mac or Windows device.
  • Jump Desktop 8.5.15 - Remote desktop utility. Download the latest versions of the best Mac apps at safe and trusted MacUpdate.
  • Jump Desktop works very fast and is reasonably priced IMO. However I always use Screen Sharing to connect to my MacMini iTunes Server in my home network (1680x1050 resolution) and compared to Jump Desktop the MacOS ScreenSharing.app shows the shared macMini screen on my MBP (using 1900x1200 resolution) much crisper and sharper using HiDPI.

Applies to: Windows 10, Windows 8.1, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2

Install RU Server on your premises to route your remote connections through and use enhanced capabilities. Download Server (.exe, 7MB) Version 2.8.2.0.

You can control a remote PC by using a Microsoft Remote Desktop client. The client can run on almost any device, including on your mobile smartphone. The client gives you the same powers you would have if you could reach the PC's keyboard. Through the client, you can:

  • Operate the apps that are installed on the PC.
  • Access the files and network resources of the PC.
  • Leave the apps open when you end the client.

Before you start, see the supported configuration article. The article discusses the PC configurations that the Remote Desktop clients can connect to. Also see the client FAQ article.

The following client apps are available:

DeviceGet the appSet-up instructions
Windows DesktopWindows Desktop clientGet started with the Windows Desktop client
Windows StoreWindows 10 client in the Microsoft StoreGet started with the Microsoft Store Client
AndroidAndroid client in Google PlayGet started with the Android client
iOSiOS client in the iTunes storeGet started with the iOS client
macOS macOS client in the iTunes storeGet started with the macOS client
Jump Desktop 8 0 2 – Remote Desktop Utility

Configuring the remote PC

To configure your remote PC before accessing it remotely, see Allow access to your PC.

Remote Desktop client URI scheme

You can integrate features of Remote Desktop clients across platforms by enabling a Uniform Resource Identifier (URI) scheme. Learn about the supported URI attributes that you can use with the iOS, Mac, and Android clients.

-->

Applies To: Windows 10, Windows Server 2016

This topic for the IT professional describes the behavior of Remote Desktop Services when you implement smart card sign-in.

The content in this topic applies to the versions of Windows that are designated in the Applies To list at the beginning of this topic. In these versions, smart card redirection logic and WinSCard API are combined to support multiple redirected sessions into a single process.

Smart card support is required to enable many Remote Desktop Services scenarios. These include:

  • Using Fast User Switching or Remote Desktop Services. A user is not able to establish a redirected smart card-based remote desktop connection. That is, the connect attempt is not successful in Fast User Switching or from a Remote Desktop Services session.

  • Enabling Encrypting File System (EFS) to locate the user's smart card reader from the Local Security Authority (LSA) process in Fast User Switching or in a Remote Desktop Services session. If EFS is not able to locate the smart card reader or certificate, EFS cannot decrypt user files.

Remote Desktop Services redirection

Jump Desktop 8 0 2 – Remote Desktop Utility Software

In a Remote Desktop scenario, a user is using a remote server for running services, and the smart card is local to the computer that the user is using. In a smart card sign-in scenario, the smart card service on the remote server redirects to the smart card reader that is connected to the local computer where the user is trying to sign in.

Remote Desktop redirection

Notes about the redirection model:

  1. This scenario is a remote sign-in session on a computer with Remote Desktop Services. In the remote session (labeled as 'Client session'), the user runs net use /smartcard.

  2. Arrows represent the flow of the PIN after the user types the PIN at the command prompt until it reaches the user's smart card in a smart card reader that is connected to the Remote Desktop Connection (RDC) client computer.

  3. The authentication is performed by the LSA in session 0.

  4. The CryptoAPI processing is performed in the LSA (Lsass.exe). This is possible because RDP redirector (rdpdr.sys) allows per-session, rather than per-process, context.

  5. The WinScard and SCRedir components, which were separate modules in operating systems earlier than Windows Vista, are now included in one module. The ScHelper library is a CryptoAPI wrapper that is specific to the Kerberos protocol.

  6. The redirection decision is made on a per smart card context basis, based on the session of the thread that performs the SCardEstablishContext call.

  7. Changes to WinSCard.dll implementation were made in Windows Vista to improve smart card redirection.

RD Session Host server single sign-in experience

As a part of the Common Criteria compliance, the RDC client must be configurable to use Credential Manager to acquire and save the user's password or smart card PIN. Common Criteria compliance requires that applications not have direct access to the user's password or PIN.

Common Criteria compliance requires specifically that the password or PIN never leave the LSA unencrypted. A distributed scenario should allow the password or PIN to travel between one trusted LSA and another, and it cannot be unencrypted during transit.

Utility

When smart card-enabled single sign-in (SSO) is used for Remote Desktop Services sessions, users still need to sign in for every new Remote Desktop Services session. However, the user is not prompted for a PIN more than once to establish a Remote Desktop Services session. For example, after the user double-clicks a Microsoft Word document icon that resides on a remote computer, the user is prompted to enter a PIN. This PIN is sent by using a secure channel that the credential SSP has established. The PIN is routed back to the RDC client over the secure channel and sent to Winlogon. The user does not receive any additional prompts for the PIN, unless the PIN is incorrect or there are smart card-related failures.

Remote Desktop Services and smart card sign-in

Microsoft Remote Desktop 8.0.44

Remote Desktop Services enable users to sign in with a smart card by entering a PIN on the RDC client computer and sending it to the RD Session Host server in a manner similar to authentication that is based on user name and password.

In addition, Group Policy settings that are specific to Remote Desktop Services need to be enabled for smart card-based sign-in.

To enable smart card sign-in to a Remote Desktop Session Host (RD Session Host) server, the Key Distribution Center (KDC) certificate must be present on the RDC client computer. If the computer is not in the same domain or workgroup, the following command can be used to deploy the certificate:

certutil -dspublish NTAuthCA 'DSCDPContainer'

The DSCDPContainer Common Name (CN) is usually the name of the certification authority.

Example:

certutil -dspublish NTAuthCA <CertFile> 'CN=NTAuthCertificates,CN=Public Key Services,CN=Services,CN=Configuration,DC=engineering,DC=contoso,DC=com'

For information about this option for the command-line tool, see -dsPublish.

Remote Desktop Services and smart card sign-in across domains

To enable remote access to resources in an enterprise, the root certificate for the domain must be provisioned on the smart card. From a computer that is joined to a domain, run the following command at the command line:

certutil -scroots update

For information about this option for the command-line tool, see -SCRoots.

For Remote Desktop Services across domains, the KDC certificate of the RD Session Host server must also be present in the client computer's NTAUTH store. To add the store, run the following command at the command line:

Microsoft Remote Desktop 8

certutil -addstore -enterprise NTAUTH <CertFile>

Where <CertFile> is the root certificate of the KDC certificate issuer.

For information about this option for the command-line tool, see -addstore.

Note If you use the credential SSP on computers running the supported versions of the operating system that are designated in the Applies To list at the beginning of this topic: To sign in with a smart card from a computer that is not joined to a domain, the smart card must contain the root certification of the domain controller. A public key infrastructure (PKI) secure channel cannot be established without the root certification of the domain controller.

Sign-in to Remote Desktop Services across a domain works only if the UPN in the certificate uses the following form: <ClientName>@<DomainDNSName>

The UPN in the certificate must include a domain that can be resolved. Otherwise, the Kerberos protocol cannot determine which domain to contact. You can resolve this issue by enabling GPO X509 domain hints. For more information about this setting, see Smart Card Group Policy and Registry Settings.

Remote Desktop Protocol 8

See also