Modern Auth RDP example:
full address:s:HOSTNAME-NO-IP username:s:User@domain.com redirectwebauthn:i:1 enablerdsaadauth:i:1
User/Pass Auth RDP example:
full address:s:HOSTNAME-OR-IP authentication level:i:2 enablecredsspsupport:i:0 username:s:AzureAD\AzureAD\User@domain.com
Enable NL:
net localgroup "Externe bureaubladgebruikers" /add "AzureAD\User@domain.com" Enable-NetFirewallRule -DisplayGroup "Extern Bureaublad" Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' -name "fDenyTSConnections" -value 0 (Get-WmiObject -class "Win32_TSGeneralSetting" -Namespace root\cimv2\terminalservices -Filter "TerminalName='RDP-tcp'").SetUserAuthenticationRequired(0)
Enable EN:
net localgroup "Remote Desktop Users" /add "AzureAD\User@domain.com" Enable-NetFirewallRule -DisplayGroup "Remote Desktop" Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' -name "fDenyTSConnections" -value 0 (Get-WmiObject -class "Win32_TSGeneralSetting" -Namespace root\cimv2\terminalservices -Filter "TerminalName='RDP-tcp'").SetUserAuthenticationRequired(0)
Disable NLA on remote machine HOSTNAME:
$TargetMachine = "HOSTNAME" (Get-WmiObject -class "Win32_TSGeneralSetting" -Namespace root\cimv2\terminalservices -ComputerName $TargetMachine -Filter "TerminalName='RDP-tcp'").SetUserAuthenticationRequired(0)
