SSO on XP SP3

I've done the following and still can't seem to get SSO working from XP SP3:

My Domain has been setup for 2008, the primary DC is a 2003 still but the backup is a 2008.
This is a working, though not live, 2008 terminal server.

I have locally adjusted the policy to Allow Delegating Default Credentials, setting TERMSRV/*

On the XP box:
SP3 is installed.  
Going off of KB951608 I have
followed first portion to setup CREDSSP
followed the section regarding creating the registry keys
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows and created a key for CredentialsDelegation, then subkeys for AllowDefaultCredentials and AllowDefCredentialsWhenNTLMOnly.
Within CredentialsDelegation I have created DWORDs at value 1 labeled:
AllowDefaultCredentials
AllowDefCredentialsWhenNTLMOnly
ConcatenateDefaults_AllowDefault
ConcatenateDefaults_AllowDefNTLMOnly

Witin the other two subkeys I have created string values with Name = 1, Data = TERMSRV/*

I have also tried installing fixes from KB KB953760.

Still, after restarts of course, when I attempt to connect to the server either using standard MSTSC or a remoteapp RDP I am prompted for the username password.
------------

Also, I have set in the GPO for the server under System>logon to default to my Domain - however, when logging in if I do not specify the Domain it still puts the local server name.
americaneldercareAsked:
Who is Participating?
 
digitapConnect With a Mentor Commented:
Yes...I think you've almost got it.  I think the one change you need to make is adding the domain to the server name...so, if you domain name is domain.com, then your key should look like:

"TERMSRV/TSName.domain.com"

I think adding the domain will take care of it.
0
 
digitapCommented:
try setting TERMSRV/* to "TERMSRV/*.MyDomain.com"
0
 
americaneldercareAuthor Commented:
that didn't appear to resolve it, though I haven't restarted yet so that might be necessary (I am brnging a virtual machine online to do further testing with which I will also apply this to).  

to verify something, because microsofts KB article was a little unclear, under the 'AllowDefaultCredentials" key the "1"="TERMSRV/MyServer" that they illustrate I am assuming is supposed be the following:
Create new String Value, name it 1.  Set the 'Data' portion equal to TERMSRV/MyServer

I am going to also try adding in TERMSRV/TSName and TERMSRV/TSname.domain.com and see if that does anything once I have the test machine online.
0
 
americaneldercareAuthor Commented:
doing it fresh on a brand new virtual machine with the domain added in worked...i exported all of the settings and built a script off of it.  also tested removing the domain portion and that worked as well...leading me to believe it is either something wrong with my computer, or i f*ed up a setting somewhere.

either way, it is working now and that is what was needed.
0
 
digitapCommented:
Great!  Thanks for the points!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.