kpurchase
asked on
Unable to Set Default Domain in Windows Server 2008
We have configured TS Web Access which uses a Terminal Server Gateway to connect to a Terminal Server running end user applications. Both machines are running Windows Server 2008 Enterprise x64. We have mixed domain controllers (Some Windows Server 2003 and some Windows Server 2008). We have 2 problems.
First I am unable to set the default domain for either of the servers and when users attempt to login they are required to type the domain prior to their username (Domain\Username). Obviously this confuses them and often they are unable to connect. I have tried editing the registry by creating the 'DefaultDomainName' key and setting it to our domain, but that did not work. Also I tried editing the group policy setting <Computer Configuration><Administrat
The second problem is that I would like the user to only have to sign in once, instead of being prompted at the TS Gateway and the Terminal server itself. I have read about Single Sign on (SSO) but that does not work with Windows XP machines. Thanks in advance.
First I am unable to set the default domain for either of the servers and when users attempt to login they are required to type the domain prior to their username (Domain\Username). Obviously this confuses them and often they are unable to connect. I have tried editing the registry by creating the 'DefaultDomainName' key and setting it to our domain, but that did not work. Also I tried editing the group policy setting <Computer Configuration><Administrat
The second problem is that I would like the user to only have to sign in once, instead of being prompted at the TS Gateway and the Terminal server itself. I have read about Single Sign on (SSO) but that does not work with Windows XP machines. Thanks in advance.
ASKER
I have tried to configure this by editing the group policy on one of Windows Server 2008 DC. I can see that the policy is being applied on the TS gateway server and when I remote desktop to the server it seems to be working properly and I can see the domain that I specified is the default. The problem is that it's not working when I go through TS web access. When I attempt to log in it changes to the computer name of the TS gateway.
ASKER
How will this help me? I can already see that the policy is being applied by using the gpresult -r command.
Sorry same thing basically...weird.
ASKER
I am not really sure how the group policy would help me here. When I use TS Web Access it's using the remote desktop connection that I configured in TS Web Access to connect to the TS gateway server and then the terminal server. I could be wrong but it doesn't seem like it's checking the group policy results on the TS gateway at all. Someone has got to have run into this before. Any ideas is appreciated I have tried everything I can possibly think of. I have already tried specifying the domain in the RDP connection, editing group policy (Both domain and local), and editing the registry.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Where is the tsweb folder?
On the webserver in %systemroot%\Web\Tsweb
I have a similar issue, but do not have the "tsweb" folder. My setup consists of the TS Gateway without the TS Web Access. We RDC directly into the terminal servers..
I have it down to one login, but it requires the "domain\username", and my users are not used to typing in a domain name.
I was able to specify this on the properties of the Terminal Server Gateway Configuration "Log on Settings" tab, but this must not be the only place I need to modify. This appears to only be for the remote administration of the server itself. I've also looks at the IIS 7 configuration and specified the default domain on the "Basic" authentication, but it appears the TS gateway uses the "Windows" authentication, which isn't configurable for default domain.
Any help is much appreciated!
I have it down to one login, but it requires the "domain\username", and my users are not used to typing in a domain name.
I was able to specify this on the properties of the Terminal Server Gateway Configuration "Log on Settings" tab, but this must not be the only place I need to modify. This appears to only be for the remote administration of the server itself. I've also looks at the IIS 7 configuration and specified the default domain on the "Basic" authentication, but it appears the TS gateway uses the "Windows" authentication, which isn't configurable for default domain.
Any help is much appreciated!
https://www.experts-exchange.com/questions/23847520/Default-login-domain-Windows-2008-server.html