Connect to RDP Resources

Limitations

For Windows users, StrongDM supports the Microsoft Remote Desktop Connection client (MSTSC) that comes bundled with Windows, but may not fully support other RDP clients such as the Remote Desktop app on the Windows Store. Clients on Windows 11 version 24H2 must be on a build version of 26100.3323 (February 25, 2025) or higher, due to a temporary incompatibility between MSTSC and StrongDM in prior build versions that was fixed in a Microsoft update.

Steps

1. Open StrongDM Desktop or your command line and log in to StrongDM.

2. Click on the RDP resource name in your StrongDM Desktop app, or execute sdm connect [servername] at the command line.

3. Open your RDP client.

4. In the PC Name field (or equivalent) in your RDP client, enter localhost:PORT, replacing PORT with the port assigned to your RDP server in the StrongDM client.

5. Under User Account field (or equivalent), enter any string. This is purely to get past client-side validation that requires something to be in the field. It is not used in the authentication process.

6. Save your connection, and then connect.

Troubleshooting

• Finding Replay logs: Because Remote Desktop Protocol (RDP) replays are binary objects, and not typical logs, they must be kept in object storage systems (such as AWS S3, Azure Blob, Google Cloud Storage, and so forth) and not in logging systems (such as AWS Cloudwatch, Azure Monitor, Splunk, and so forth) to ensure they don't get corrupted.

• Smart Cards: Smart card sharing must be disabled on the RDP client to allow StrongDM to negotiate the proper authentication.

• Advanced RDP Configuration: Only the most minimal of RDP settings are supported for RDP via StrongDM. Trying to use advanced options or configurations may prevent replays from being rendered and played.