Solved

Unable to Set Default Domain in Windows Server 2008

Posted on 2009-07-02
12
925 Views
Last Modified: 2013-11-21
We have configured TS Web Access which uses a Terminal Server Gateway to connect to a Terminal Server running end user applications. Both machines are running Windows Server 2008 Enterprise x64. We have mixed domain controllers (Some Windows Server 2003 and some Windows Server 2008). We have 2 problems.
First I am unable to set the default domain for either of the servers and when users attempt to login they are required to type the domain prior to their username (Domain\Username). Obviously this confuses them and often they are unable to connect. I have tried editing the registry by creating the 'DefaultDomainName' key and setting it to our domain, but that did not work. Also I tried editing the group policy setting <Computer Configuration><Administrative Templates><System><Logon><Default Domain> on the Windows Server 2008 domain controller. No luck their either. Is there something I am missing or does anyone have any other ideas that might help?
The second problem is that I would like the user to only have to sign in once, instead of being prompted at the TS Gateway and the Terminal server itself. I have read about Single Sign on (SSO) but that does not work with Windows XP machines. Thanks in advance.
0
Comment
Question by:kpurchase
  • 4
  • 3
  • 2
  • +1
12 Comments
 
LVL 10

Expert Comment

by:Datedman
ID: 24766350
0
 

Author Comment

by:kpurchase
ID: 24817932
I have tried to configure this by editing the group policy on one of Windows Server 2008 DC. I can see that the policy is being applied  on the TS gateway server and when I remote desktop to the server it seems to be working properly and I can see the domain that I specified is the default. The problem is that it's not working when I go through TS web access. When I attempt to log in it changes to the computer name of the TS gateway.  
0
 
LVL 10

Expert Comment

by:Datedman
ID: 24817958
0
 

Author Comment

by:kpurchase
ID: 24822376
How will this help me? I can already see that the policy is being applied by using the gpresult -r command.
0
 
LVL 10

Expert Comment

by:Datedman
ID: 24822692
Sorry same thing basically...weird.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:kpurchase
ID: 24826715
I am not really sure how the group policy would help me here. When I use TS Web Access it's using the remote desktop connection that I configured in TS Web Access to connect to the TS gateway server and then the terminal server. I could be wrong but it doesn't seem like it's checking the group policy results on the TS gateway at all. Someone has got to have run into this before.  Any ideas is appreciated I have tried everything I can possibly think of. I have already tried specifying the domain in the RDP connection, editing group policy (Both domain and local), and editing the registry.
0
 
LVL 51

Accepted Solution

by:
Netman66 earned 500 total points
ID: 24981901
In the tsweb folder there is a file (external.htm) that can be modified to add in the domain info.

0
 

Author Comment

by:kpurchase
ID: 25198579
Where is the tsweb folder?
0
 
LVL 51

Expert Comment

by:Netman66
ID: 25199847
On the webserver in %systemroot%\Web\Tsweb

0
 

Expert Comment

by:BenY
ID: 26846455
I have a similar issue, but do not have the "tsweb" folder.  My setup consists of the TS Gateway without the TS Web Access.  We RDC directly into the terminal servers..

I have it down to one login, but it requires the "domain\username", and my users are not used to typing in a domain name.

I was able to specify this on the properties of the Terminal Server Gateway Configuration "Log on Settings" tab, but this must not be the only place I need to modify.  This appears to only be for the remote administration of the server itself.  I've also looks at the IIS 7 configuration and specified the default domain on the "Basic" authentication, but it appears the TS gateway uses the "Windows" authentication, which isn't configurable for default domain.

Any help is much appreciated!
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now