以下设置基于 Windows Server 2022
另存为 rdp.reg 双击导入注册表。
Security Layer 0 – With a low security level, the remote desktop protocol is used by the client for authentication prior to a remote desktop connection being established. Use this setting if you are working in an isolated environment.
Security Layer 1 – With a medium security level, the server and client negotiate the method for authentication prior to a Remote Desktop connection being established. As this is the default value, use this setting only if all your machines are running Windows.
Security Layer 2- With a high security level, Transport Layer Security, better knows as TLS is used by the server and client for authentication prior to a remote desktop connection being established. We recommend using this setting for maximum security.
* RDP: RDP 方法使用本机 RDP 加密安全客户端和 RD 会话主机服务器之间的通信。如果选择此设置，RD 会话主机服务器未通过身份验证。
* SSL: SSL 方法要求使用 TLS 1.0 对会话主机服务器进行身份验证。如果不支持 TLS，则连接将失败。
In Windows 10 and 8.1 Microsoft changed RDP’s defaults. They modified the default for “SecurityLayer” from 0 to 2. Even if you go into the user interface and disable: “Allow connections only from computers running Remote Desktop with Network Level Authentication (recommended)” Still doesn’t change that value to a 0.
Navigate to this Key:
Change “SecurityLayer” to a zero
Specifies that the Microsoft Remote Desktop Protocol (RDP) is used by the server and the client for authentication before a remote desktop connection is established. RDP is a Microsoft protocol that supports terminal services across heterogeneous network environments.
Specifies that the server and the client negotiate the method for authentication before a remote desktop connection is established. This is the default value.
Specifies that the Transport Layer Security (TLS) protocol is used by the server and the client for authentication before a remote desktop connection is established.
指定传输层安全性 (TLS) 协议用于服务器和客户端身份验证之前建立的远程桌面连接。