Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The RDP Negotiation Response structure is used by a server to inform the client of the security protocol which it has selected to use for the connection.
|
|
|
|
|
|
|
|
|
|
1 |
|
|
|
|
|
|
|
|
|
2 |
|
|
|
|
|
|
|
|
|
3 |
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
type |
flags |
length |
|||||||||||||||||||||||||||||
|
selectedProtocol |
|||||||||||||||||||||||||||||||
type (1 byte): An 8-bit, unsigned integer that indicates the packet type. This field MUST be set to 0x02 (TYPE_RDP_NEG_RSP).
flags (1 byte): An 8-bit, unsigned integer that contains protocol flags.
-
Flag
Meaning
EXTENDED_CLIENT_DATA_SUPPORTED
0x01
The server supports Extended Client Data Blocks in the GCC Conference Create Request user data (section 2.2.1.3).
DYNVC_GFX_PROTOCOL_SUPPORTED
0x02
The server supports the Graphics Pipeline Extension Protocol described in [MS-RDPEGFX] sections 1, 2, and 3.
NEGRSP_FLAG_RESERVED
0x04
An unused flag that is reserved for future use. This flag SHOULD be ignored by the client.
RESTRICTED_ADMIN_MODE_SUPPORTED
0x08
Indicates that the server supports credential-less logon over CredSSP (also known as "restricted admin mode") and it is acceptable for the client to send empty credentials in the TSPasswordCreds structure defined in [MS-CSSP] section 2.2.1.2.1.<3>
REDIRECTED_AUTHENTICATION_MODE_SUPPORTED 0x10
Indicates that the server supports credential-less logon over CredSSP with credential redirection (also known as "Remote Credential Guard"). The client can send a redirected logon buffer in the TSRemoteGuardCreds structure defined in [MS-CSSP] section 2.2.1.2.3.
length (2 bytes): A 16-bit, unsigned integer that specifies the packet size. This field MUST be set to 0x0008 (8 bytes).
selectedProtocol (4 bytes): A 32-bit, unsigned integer that specifies the selected security protocol.
-
Value
Meaning
PROTOCOL_RDP
0x00000000
Standard RDP Security (section 5.3).
PROTOCOL_SSL
0x00000001
TLS 1.0, 1.1 or 1.2 (section 5.4.5.1).
PROTOCOL_HYBRID
0x00000002
CredSSP (section 5.4.5.2).
PROTOCOL_RDSTLS
0x00000004
RDSTLS protocol (section 5.4.5.3).
PROTOCOL_HYBRID_EX
0x00000008
Credential Security Support Provider protocol (CredSSP) (section 5.4.5.2) coupled with the Early User Authorization Result PDU (section 2.2.10.2).
PROTOCOL_RDSAAD
0x00000010RDS-AAD-Auth Security (section 5.4.5.4).