none
FIPS support with Microsoft Remote Assistance? RRS feed

  • Question

  • After setting up Remote Assistance in group policy for our domain, I can easily use it when not in FIPS mode by typing: msra /offerra

    However, if I have FIPS enabled on the PC I run this command from, the Remote Assistance session doesn’t connect.
    reg add HKLM\SYSTEM\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy /v Enabled /t REG_DWORD /d 1

    But it works again if I disable FIPS:
    reg add HKLM\SYSTEM\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy /v Enabled /t REG_DWORD /d 0

    It doesn’t matter if the other computer has FIPS enabled or not, just the helper computer that issues the “msra /offerra” command.  How do I configure Microsoft Remote Assistance to work with a Windows 7 workstation in FIPS mode?

    Friday, August 15, 2014 9:07 PM

Answers

  • By default, the connections are encrypted when using Remote Assistance, as it uses RDP. Remote Assistance dosn't support FIPS encryption, but RDP does. Hence, you can configure RDP to use FIPS encryption.

    Regarding FIPS encryption with RDP, you can have a look at the following link:

    http://technet.microsoft.com/en-us/magazine/ff458357.aspx


    Balaji Kundalam

    Tuesday, August 19, 2014 2:47 AM

All replies

  • Kindly have a look at here:

    http://social.technet.microsoft.com/Forums/windows/en-US/26865c60-9f5f-4ebd-a0f2-28b038649d4f/remote-assistance-cant-connect?forum=w7itpronetworking


    Balaji Kundalam

    Sunday, August 17, 2014 5:39 AM
  • Thank you for the link.  It doesn't look that thread found a solution that left FIPS enabled.
    Monday, August 18, 2014 3:18 PM
  • By default, the connections are encrypted when using Remote Assistance, as it uses RDP. Remote Assistance dosn't support FIPS encryption, but RDP does. Hence, you can configure RDP to use FIPS encryption.

    Regarding FIPS encryption with RDP, you can have a look at the following link:

    http://technet.microsoft.com/en-us/magazine/ff458357.aspx


    Balaji Kundalam

    Tuesday, August 19, 2014 2:47 AM
  • Hi,

    With this discussion now being over 4 years old, does anyone know what Microsoft official stance on this is and if there is a work around to enable functionality of Remote Assistance when FIPS is enabled.

    Thanks

    Phil

    Wednesday, October 3, 2018 9:02 AM