Hi, Welcome!
IT & Telecomunications Knowledgebase

Subscribe to Article Print Article Email Article to Friend Export to PDF

Sonicwall RDP authentication (local vs domain)


Sonicwall RDP authentication (local vs domain)


Sonicwall SRA Family (all)

Sonicwall NSA Family (all)


Sonicwall has given the ability to publish "bookmarks" into their VPN portal (called the Virtual Office) on the SRA and NSA series appliances so users can authenticate and will have a list of places/applications/servers to visit and [if selected] will authenticate the user with your LDAP/Active Directory credentials.
Sonicwall's implementation of RDP/RDC, if configured "normally", will allow users to authenticate to the Virtual Office portal, select the server's RDP/RDC session and will attempt to login to the server (usually Windows 2003 or 2008), however it will fail to authenticate with the server because it is logging on LOCALLY, not authenticating to the domain.

Why this happens

In Microsoft's implementation of RDP 5.x and 6.x, you are required to specify a domain (DOMAIN\username) or use the full uniname (username@domain.local) to tell the destination server to authenticate outside of the local users database.


  1. Open the bookmark created for your terminal server(s)
  2. Ensure Automatically log in is checked
  3. Change to Use custom credentials
  4. Leave Username: BLANK
  5. Leave Password: BLANK
  6. In Domain: Enter the DNS domain name of your domain (example: domain.local)
  7. Click Ok

This non-standard method makes Sonicwall pass the logged in variables for username and password, but ADD the domain, which will allow the destination RDP/RDC server to correctly authenticate to the domain and not locally.

Article properties

KB Article ID:00086
KB Article Permalink:http://kb.sleepyshark.com/article.php?id=86
Published:Thu, Sep 15, 2016 at 3:12 PM
Updated:Thu, Sep 15, 2016 at 3:12 PM
This article has been viewed 302 times.