• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 835
  • Last Modified:


I've done the following and still can't seem to get SSO working from XP SP3:

My Domain has been setup for 2008, the primary DC is a 2003 still but the backup is a 2008.
This is a working, though not live, 2008 terminal server.

I have locally adjusted the policy to Allow Delegating Default Credentials, setting TERMSRV/*

On the XP box:
SP3 is installed.  
Going off of KB951608 I have
followed first portion to setup CREDSSP
followed the section regarding creating the registry keys
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows and created a key for CredentialsDelegation, then subkeys for AllowDefaultCredentials and AllowDefCredentialsWhenNTLMOnly.
Within CredentialsDelegation I have created DWORDs at value 1 labeled:

Witin the other two subkeys I have created string values with Name = 1, Data = TERMSRV/*

I have also tried installing fixes from KB KB953760.

Still, after restarts of course, when I attempt to connect to the server either using standard MSTSC or a remoteapp RDP I am prompted for the username password.

Also, I have set in the GPO for the server under System>logon to default to my Domain - however, when logging in if I do not specify the Domain it still puts the local server name.
  • 3
  • 2
1 Solution
try setting TERMSRV/* to "TERMSRV/*.MyDomain.com"
americaneldercareAuthor Commented:
that didn't appear to resolve it, though I haven't restarted yet so that might be necessary (I am brnging a virtual machine online to do further testing with which I will also apply this to).  

to verify something, because microsofts KB article was a little unclear, under the 'AllowDefaultCredentials" key the "1"="TERMSRV/MyServer" that they illustrate I am assuming is supposed be the following:
Create new String Value, name it 1.  Set the 'Data' portion equal to TERMSRV/MyServer

I am going to also try adding in TERMSRV/TSName and TERMSRV/TSname.domain.com and see if that does anything once I have the test machine online.
Yes...I think you've almost got it.  I think the one change you need to make is adding the domain to the server name...so, if you domain name is domain.com, then your key should look like:


I think adding the domain will take care of it.
americaneldercareAuthor Commented:
doing it fresh on a brand new virtual machine with the domain added in worked...i exported all of the settings and built a script off of it.  also tested removing the domain portion and that worked as well...leading me to believe it is either something wrong with my computer, or i f*ed up a setting somewhere.

either way, it is working now and that is what was needed.
Great!  Thanks for the points!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now