A
A
ArtemiyFedorov2020-03-05 12:14:43
System administration
ArtemiyFedorov, 2020-03-05 12:14:43

Control byte in Windows registry entry?

Colleagues, welcome!

Faced with a situation where there are a large number of computers in the workgroup, not in the domain. They need to add the fingerprint of the certificate to trusted ones so that when connecting via RDP, no warnings are displayed.

In a domain, this is done using the Specify SHA1 thumbprints of certificates representing RDP publishers group policy , which creates an entry in the 'HKLM:\Software\Microsoft\Terminal Server Client\PublisherBypassList' registry key, whose name contains sha1 the fingerprint of a trusted certificate, and some hexadecimal number is written to the value.
I do not know the exact purpose of the hexadecimal number, perhaps it is some kind of control value.

I don't have a domain - I write to the registry with a powershell script.
The problem is that on different computers I get a different working value - I manually determined it by squeezing warnings and looking at what was written to the registry. Of sampling a dozen computers, which include physical machines on different processors, virtualke deployed completely and from a single image, I have 3 different values of approximately 30% of the sample:
3372821D349C3F8E6CB09998DF2609AEEB30E02200 - 0x00000045 (69)
3372821D349C3F8E6CB09998DF2609AEEB30E02200 - 0x0000004d (77)
3372821D349C3F8E6CB09998DF2609AEEB30E02200 - 0x000000ED (237)

Can you please help me figure out what this value is and how to calculate it?

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Z
Zolg, 2020-03-05
@ArtemiyFedorov

These are bit flags of what is allowed to be forwarded through the RDP connection. They have nothing to do with print. There is no point in looking for exact documentation, it is enough to take the value from a manually created connection with the parameters you like.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question