How can I limit (RDP) access to a Windows Server not only by username/password but also with a client certificate?
Imagine creating a certificate and copying this to all computers from which I want to be able to access the server from.
This would not be as limited as IP based rules but would add some flexibility on the other hand as not every computer/laptop is in a certain domain or fix ip range.
Best Answer
One way is by implementing a smart card solution. Probably not what you are looking for due to the cost and pain threshold, but many smart cards are actually just that (hardware-based certificates with strong private key protection), and the Remote Desktop integration is seamless.