Solved

SSO on XP SP3

Posted on 2010-08-27
5
809 Views
Last Modified: 2012-05-10
I've done the following and still can't seem to get SSO working from XP SP3:

My Domain has been setup for 2008, the primary DC is a 2003 still but the backup is a 2008.
This is a working, though not live, 2008 terminal server.

I have locally adjusted the policy to Allow Delegating Default Credentials, setting TERMSRV/*

On the XP box:
SP3 is installed.  
Going off of KB951608 I have
followed first portion to setup CREDSSP
followed the section regarding creating the registry keys
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows and created a key for CredentialsDelegation, then subkeys for AllowDefaultCredentials and AllowDefCredentialsWhenNTLMOnly.
Within CredentialsDelegation I have created DWORDs at value 1 labeled:
AllowDefaultCredentials
AllowDefCredentialsWhenNTLMOnly
ConcatenateDefaults_AllowDefault
ConcatenateDefaults_AllowDefNTLMOnly

Witin the other two subkeys I have created string values with Name = 1, Data = TERMSRV/*

I have also tried installing fixes from KB KB953760.

Still, after restarts of course, when I attempt to connect to the server either using standard MSTSC or a remoteapp RDP I am prompted for the username password.
------------

Also, I have set in the GPO for the server under System>logon to default to my Domain - however, when logging in if I do not specify the Domain it still puts the local server name.
0
Comment
Question by:americaneldercare
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 33

Expert Comment

by:digitap
ID: 33549481
try setting TERMSRV/* to "TERMSRV/*.MyDomain.com"
0
 

Author Comment

by:americaneldercare
ID: 33558013
that didn't appear to resolve it, though I haven't restarted yet so that might be necessary (I am brnging a virtual machine online to do further testing with which I will also apply this to).  

to verify something, because microsofts KB article was a little unclear, under the 'AllowDefaultCredentials" key the "1"="TERMSRV/MyServer" that they illustrate I am assuming is supposed be the following:
Create new String Value, name it 1.  Set the 'Data' portion equal to TERMSRV/MyServer

I am going to also try adding in TERMSRV/TSName and TERMSRV/TSname.domain.com and see if that does anything once I have the test machine online.
0
 
LVL 33

Accepted Solution

by:
digitap earned 500 total points
ID: 33559121
Yes...I think you've almost got it.  I think the one change you need to make is adding the domain to the server name...so, if you domain name is domain.com, then your key should look like:

"TERMSRV/TSName.domain.com"

I think adding the domain will take care of it.
0
 

Author Closing Comment

by:americaneldercare
ID: 33590931
doing it fresh on a brand new virtual machine with the domain added in worked...i exported all of the settings and built a script off of it.  also tested removing the domain portion and that worked as well...leading me to believe it is either something wrong with my computer, or i f*ed up a setting somewhere.

either way, it is working now and that is what was needed.
0
 
LVL 33

Expert Comment

by:digitap
ID: 33591117
Great!  Thanks for the points!
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question