I've been tasked with managing these older Windows 7 computers, and I'm running into some issues with connecting them to Intune. It seems like these machines can't connect remotely, even though I'm able to log in using my Microsoft 365 account. The main problem arises when I try to connect from local user accounts that haven't been joined to Intune. I've checked the Intune settings to allow Remote Desktop, and I've even made some tweaks to the RDP files, but I'm still hitting authentication blocks. Is there any way to enable remote connections for local accounts on the same network?
I tried allowing Remote Desktop through Intune and modified the RDP file with the following settings:
`enablecredsspsupport:i:0`
`authentication level:i:2`
Also, I noticed there's an issue trying to access NAS with Microsoft 365 accounts that don't have local accounts. I'm not sure if that's related to the main issue, but it might be worth mentioning since it started happening around the same time I joined these PCs to Intune.
3 Answers
Windows 7 has been out of support for years now, so even trying to integrate it with a modern setup like Intune is a lose-lose situation. If you have to keep using that legacy software, think about setting it up in a virtual environment to limit access. It sounds like you're being asked to fix a problem that shouldn't even be there in the first place.
Honestly, Windows 7 isn't supported by Intune anymore, so you're dealing with a lot of built-in restrictions. Your best bet would be to upgrade these PCs instead of trying to make Windows 7 work with modern solutions. I've seen situations where IT ends up chasing their tails just because they cling to outdated tech. If security is a concern, you might have to convince your superiors to make the upgrade.
I get that, and I'm working on it. Just trying to find a short-term fix to let them connect until we can replace the machines. It’s frustrating!
The problem with your Windows 7 devices is that they don’t support the newer RDP TLS settings that current systems are using. You’re kind of stuck between a rock and a hard place: either lower your security settings (which I wouldn’t recommend) or get rid of those old machines. If someone is pushing for option A, you might want to rethink if this is the right job for you.
You make a good point, but I'm also noticing that local accounts on the same network can't connect either, which suggests it’s not all about Windows 7. I just need to locate the setting that's blocking those local accounts.
Yeah, I know it’s outdated, but the company has a lot of data on these machines. They seem to think it’s okay to keep using them as they are. I'm just trying to find a workaround for now.