From 580f34c741e2ed97480b87e3817e323927fdb598 Mon Sep 17 00:00:00 2001 From: Ann Ming Samborski Date: Thu, 26 Jun 2025 14:12:31 -0700 Subject: [PATCH 1/8] Update end user exp Saving changes for end user exp --- .../use-cases/rdp/rdp-browser.mdx | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx b/src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx index ed168ffef372c8..262f22df8bf1bb 100644 --- a/src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx +++ b/src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx @@ -145,6 +145,24 @@ Browser-based RDP supports connecting to Windows machines that run the following | Other Chromium-based browsers (Opera, Brave) | ✅ | | Internet Explorer 11 and below | ❌ | +### Windows login formats + +Browser-based RDP supports connecting to Windows machines using the following login formats: + +SAM, with or without spaces +domain\user with spaces (domain max 20 chars, username max 15 chars) +.\user with spaces (default domain, user max 20 chars) + +Example + +User Principal Name (UPN), with spaces, quotes, or unquoted + + +Security Accounts Manager (SAM) format with spaces: +"user with spaces"@domain.org +user with spaces@domain.org + + ### Cloudflare products From 97b4ed90138b9adc78fd5446ed5f1156c5b4f5b8 Mon Sep 17 00:00:00 2001 From: Ann Ming Samborski Date: Thu, 26 Jun 2025 15:44:12 -0700 Subject: [PATCH 2/8] Update user identifier formats SAM and UPN are supported --- .../use-cases/rdp/rdp-browser.mdx | 36 +++++++++++++------ 1 file changed, 25 insertions(+), 11 deletions(-) diff --git a/src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx b/src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx index 193776f08dcb7a..8f44e6666c6929 100644 --- a/src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx +++ b/src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx @@ -144,7 +144,7 @@ To connect to a Windows machine over RDP: The App Launcher tile will launch a URL of the form `https:///rdp///`. You may also navigate directly to this URL. 4. Select the port that you want to connect to. The port selection screen only appears if the Access application allows RDP traffic on multiple ports (for example, port `3389` and port `65321`). 5. (Optional) In your browser settings, allow the Access application to access the clipboard. Clipboard permissions grant the ability to copy or paste text between the local machine and the remote Windows machine. -6. Enter your Windows username and password. +6. Enter your Windows username and password. The section below on compatibility covers which formats are supported for login credentials. You now have access to the remote Windows desktop. @@ -174,23 +174,37 @@ Browser-based RDP supports connecting to Windows machines that run the following | Other Chromium-based browsers (Opera, Brave) | ✅ | | Internet Explorer 11 and below | ❌ | -### Windows login formats +### User identifier formats -Browser-based RDP supports connecting to Windows machines using the following login formats: +Browser-based RDP supports connecting to Windows machines with the following formats: -SAM, with or without spaces -domain\user with spaces (domain max 20 chars, username max 15 chars) -.\user with spaces (default domain, user max 20 chars) +#### Security Accounts Manager (SAM) -Example +SAM is supported with and without spaces. -User Principal Name (UPN), with spaces, quotes, or unquoted +`domain\user with spaces` format: +- The domain may have a maximum of 20 characters. +- The username may have a maximum of 15 characters. +`.\user` format: +- This uses the default domain. +- The username may have a maximum of 20 characters. -Security Accounts Manager (SAM) format with spaces: -"user with spaces"@domain.org -user with spaces@domain.org +Examples: +- `DOMAIN\user with spaces` +- `DOMAIN\user` +#### User Principal Name (UPN) + +UPN is supported with spaces, quotes, and unquoted. + +Examples: +- `"user with spaces"@domain.org` +- `user with spaces@domain.org` + +:::note + Cloudflare will not configure any user identifier on the target. Any user identifier used to authenticate must be pre-configured on the server. +::: ### Cloudflare products From c19860dd00fdc0e37ebf3db5b4eadbc2790c9233 Mon Sep 17 00:00:00 2001 From: Ann Ming Samborski Date: Thu, 26 Jun 2025 15:47:28 -0700 Subject: [PATCH 3/8] adding in known limitations --- .../connections/connect-networks/use-cases/rdp/rdp-browser.mdx | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx b/src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx index 8f44e6666c6929..d9df1e2377e46c 100644 --- a/src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx +++ b/src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx @@ -217,5 +217,7 @@ Browser-based RDP does not currently support: - TLS certificate verification: Cloudflare uses TLS to connect to the target RDP server but does not verify the origin TLS certificate. - [WARP authentication](/cloudflare-one/connections/connect-devices/warp/configure-warp/warp-sessions/#configure-warp-sessions-in-access) - Audio over RDP +- File transfer +- Clipboard control From e10e53a45bb0003161d01ecd7553573f0b6de725 Mon Sep 17 00:00:00 2001 From: Ann Ming Samborski Date: Fri, 27 Jun 2025 08:48:14 -0700 Subject: [PATCH 4/8] adding addtl UPN example --- .../connections/connect-networks/use-cases/rdp/rdp-browser.mdx | 1 + 1 file changed, 1 insertion(+) diff --git a/src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx b/src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx index d9df1e2377e46c..b1491c8b788f7f 100644 --- a/src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx +++ b/src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx @@ -201,6 +201,7 @@ UPN is supported with spaces, quotes, and unquoted. Examples: - `"user with spaces"@domain.org` - `user with spaces@domain.org` +- `user@domain.org` :::note Cloudflare will not configure any user identifier on the target. Any user identifier used to authenticate must be pre-configured on the server. From 856a52db3274c84658daeb4951c3b03441700219 Mon Sep 17 00:00:00 2001 From: Ann Ming Samborski Date: Fri, 27 Jun 2025 09:26:33 -0700 Subject: [PATCH 5/8] more examples for SAM --- .../connections/connect-networks/use-cases/rdp/rdp-browser.mdx | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx b/src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx index b1491c8b788f7f..074209280d7b66 100644 --- a/src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx +++ b/src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx @@ -193,6 +193,8 @@ SAM is supported with and without spaces. Examples: - `DOMAIN\user with spaces` - `DOMAIN\user` +- `Username` +- `User Name` #### User Principal Name (UPN) From e74ff5bd7708ffaeb70d2ec49691fb7483fdee13 Mon Sep 17 00:00:00 2001 From: Ann Ming Samborski Date: Fri, 27 Jun 2025 09:59:38 -0700 Subject: [PATCH 6/8] adding clipboard file formats supported --- .../use-cases/rdp/rdp-browser.mdx | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx b/src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx index 074209280d7b66..f5c5036eb06cd0 100644 --- a/src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx +++ b/src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx @@ -209,6 +209,16 @@ Examples: Cloudflare will not configure any user identifier on the target. Any user identifier used to authenticate must be pre-configured on the server. ::: +### Clipboard file formats + +Browser-based RDP supports the following file formats for clipboard copy and paste actions: +- "text/plain" +- "text/html" +- "image/png" +- "HTML Format" (via CF_HTML) +- CF_UNICODETEXT +- CF_DIBV5 (Windows native bitmap formats) + ### Cloudflare products @@ -218,9 +228,10 @@ Examples: Browser-based RDP does not currently support: - TLS certificate verification: Cloudflare uses TLS to connect to the target RDP server but does not verify the origin TLS certificate. -- [WARP authentication](/cloudflare-one/connections/connect-devices/warp/configure-warp/warp-sessions/#configure-warp-sessions-in-access) -- Audio over RDP -- File transfer -- Clipboard control +- [WARP authentication](/cloudflare-one/connections/connect-devices/warp/configure-warp/warp-sessions/#configure-warp-sessions-in-access). +- Clipboard copy and paste control: the ability to define if users can copy/paste content from the remote machine to their local machine and vice versa. +- Audio over RDP. +- File transfer. + From 77a49017c1e8ea2efc56b72f1ac92515113c9acb Mon Sep 17 00:00:00 2001 From: Ann Ming Samborski Date: Fri, 27 Jun 2025 10:59:12 -0700 Subject: [PATCH 7/8] adjustments thanks to some feedback! --- .../connect-networks/use-cases/rdp/rdp-browser.mdx | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx b/src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx index f5c5036eb06cd0..231d42224502f7 100644 --- a/src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx +++ b/src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx @@ -180,7 +180,7 @@ Browser-based RDP supports connecting to Windows machines with the following for #### Security Accounts Manager (SAM) -SAM is supported with and without spaces. +SAM-formatted user identifiers are supported with and without spaces. `domain\user with spaces` format: - The domain may have a maximum of 20 characters. @@ -198,7 +198,7 @@ Examples: #### User Principal Name (UPN) -UPN is supported with spaces, quotes, and unquoted. +UPN-formatted user identifiers are supported with spaces, quotes, and unquoted. Examples: - `"user with spaces"@domain.org` @@ -211,7 +211,7 @@ Examples: ### Clipboard file formats -Browser-based RDP supports the following file formats for clipboard copy and paste actions: +Browser-based RDP supports the following formats for text-based copy and paste actions: - "text/plain" - "text/html" - "image/png" @@ -219,6 +219,11 @@ Browser-based RDP supports the following file formats for clipboard copy and pas - CF_UNICODETEXT - CF_DIBV5 (Windows native bitmap formats) +:::note + File transfer is not supported presently (see Known limitations below). Copying and pasting any file from the local machine to the remote machine or vice versa will not succeed. +::: + + ### Cloudflare products From 8cc4506ab8037a73d88ee958c28398368c1bc4c2 Mon Sep 17 00:00:00 2001 From: Ann Ming Samborski Date: Mon, 30 Jun 2025 14:03:28 -0700 Subject: [PATCH 8/8] responding to feedback --- .../use-cases/rdp/rdp-browser.mdx | 35 ++++++------------- 1 file changed, 11 insertions(+), 24 deletions(-) diff --git a/src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx b/src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx index 231d42224502f7..550e8a55872f9b 100644 --- a/src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx +++ b/src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx @@ -182,48 +182,35 @@ Browser-based RDP supports connecting to Windows machines with the following for SAM-formatted user identifiers are supported with and without spaces. -`domain\user with spaces` format: +`domain\username with spaces` format: - The domain may have a maximum of 20 characters. - The username may have a maximum of 15 characters. -`.\user` format: +`.\username` format: - This uses the default domain. - The username may have a maximum of 20 characters. Examples: -- `DOMAIN\user with spaces` -- `DOMAIN\user` -- `Username` -- `User Name` +- `DOMAIN\username with spaces` +- `DOMAIN\username` +- `.\username` +- `.\username with spaces` +- `username` +- `username with space` #### User Principal Name (UPN) UPN-formatted user identifiers are supported with spaces, quotes, and unquoted. Examples: -- `"user with spaces"@domain.org` -- `user with spaces@domain.org` -- `user@domain.org` +- `"username with spaces"@domain.org` +- `username with spaces@domain.org` +- `username@domain.org` :::note Cloudflare will not configure any user identifier on the target. Any user identifier used to authenticate must be pre-configured on the server. ::: -### Clipboard file formats - -Browser-based RDP supports the following formats for text-based copy and paste actions: -- "text/plain" -- "text/html" -- "image/png" -- "HTML Format" (via CF_HTML) -- CF_UNICODETEXT -- CF_DIBV5 (Windows native bitmap formats) - -:::note - File transfer is not supported presently (see Known limitations below). Copying and pasting any file from the local machine to the remote machine or vice versa will not succeed. -::: - - ### Cloudflare products