Allow saved RDP credentials

Stolen from https://theitbros.com/enable-saved-credentials-usage-rdp

Open gpedit.msc. In the new window of Local Group Policy Editor, go to section Local Computer Policy –> Computer Configuration –> Administrative Templates –> System –> Credentials Delegation. We are interested in the policy Allow delegating default credentials with NTLM-only server authentication.

Open policy and enable it, then click Show button.

In the new window you need to set the list of servers that are explicitly allowed the saved credential usage when connecting over RDP.

The list of allowed systems must be specified in following formats:

TERMSRV/remote_pc — allow to save login credentials for a specific computer

TERMSRV/*.theitbros.com — allow to use the saved credentials for all computers in the domain theitbros.com

TERMSRV/* — allow to store saved credentials for all computers, without exception.

Note. Use TERMSRV in uppercase, as in the example. If you specify a specific computer, remote_pc value must exactly match the name entered in the “Computer” field of rdp-client.

Save changes and run gpupdate /force

Someone on this article's comments wrote in Feb 2019: "For Windows 10, this did not work. What did work was going to Credential Manager, deleting the entry from the section Windows Credentials and adding it to Generic Credentials."