Solved

SBS 2008 RWW and terminal server single sign on

Posted on 2010-09-09
3
1,361 Views
Last Modified: 2012-06-22
We are using Small Business Server 2008 and I am setting up a separate 2008 R2 server as a terminal server (or RDS now).  RWW and RDS both individually tout single sign on, but when I try to connect to the RDS server  through RWW (after already signing in to RWW)  it asks for a username and password to connect.  Is there a way to pass those credentials to the RDS server so it doesn't require a second logon?
0
Comment
Question by:dgooge
  • 2
3 Comments
 
LVL 77

Accepted Solution

by:
Rob Williams earned 500 total points
ID: 33645629
You cannot bypass the dual sign-on using RWW to the TS but you can make use of the "terminal server gateway service" built-in to SBS 2008 to use an RDP client that connects directly to the TS and still uses the SSL portion of RWW.

From an earlier post of mine:
SBS 2008 and newer makes use of the TS Gateway service. This allows you to connect directly to a corporate server or PC and bypass RWW altogether, and yet still have the same security as RWW.

To do so the connecting client must have the updated TS/RDP client, version 6.1 or newer, which requires XP SP3, Vista SP1, or Win7/Server 2008. Then start the RDP connection client | click options | advanced | connection settings | and enter the TS gateway address (your SBS server name -probably remote.yourdomain.com). Under the General tab enter the computer name to which you want to connect and user name (domain\user), and save.

Clicking on the saved connection now allows you to connect directly to the corporate PC, still using SSL, and with only a single logon. The first time the connection is used, there are two pop-ups that have to be approved but if you check 'always' they will not be present next time.

This is new to 2008 and a very useful feature, especially for folk that are always connecting to the same server or PC and don't want to have to have to do multiple logins, approve multiple popups, and select a PC.

The following link outlines RWW with SBS 2008 and shows the client connection configuration half way down the page under "TSGateway Integration".
http://blogs.technet.com/b/sbs/archive/2009/06/25/sbs-2008-introduction-to-remote-web-workplace.aspx

0
 
LVL 7

Expert Comment

by:withtu
ID: 33646404
If we enable SSO in RWW and Remote desktop, then we will have no opportunities to change the credential unless logoff the RWW and login with a sufficient acount again, I don't think this is a good idea, and in most cases, this option will cause security risk either.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 33686407
Thanks dgooge.
Cheers!
--Rob
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Change SBS 2011 Internet Domain Name 3 62
SharePoint 2010 Errors on SBS2011 8 65
Funa@india.com 6 458
Exchange 2007 3 47
The SBS 2011 release date (RTM) is supposed to be around Christmas, 2011.  This article is a compilation of my notes -- things I have learned first hand.  The items are in a rather random order, but I think this list covers most of what is new and d…
I’m often asked about newer and larger USB drives connected to SBS2008 and 2011 failing Windows Server Backup vs the older USB drives not failing. As disk space continues to grow and drive technology change SBS2008 and some SBS2011 end up with the f…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question