Login screen to Windows 2008 R2 Terminal server
Hi there
We just replaced our Windows 2003 terminal server with Windows 2008 R2 terminal server.
On old terminal server, we used to get to the server and get the login screen of username, password and domain.
On the new terminal server, even before we actually see the Windows 2008 R2 server, the RDP client asks us for the username and password.
Ideally, when a user puts the server name in the RDP client and clicks on connect, we want two things.
1. Instead of asking for username password right then, it should take us to the server and it should present us with the username and passwords field.
2. The logon domain, by default, is set to the servers's computer name. It should be set to the domain name.
Setup we have is simple. One domain controller and one terminal server.
Users logon to the TS from domain computers as well as from remote locations where the computers are not part of the domain.
What I don't know is if this is RDP client issue or server side issue and I don't know what setting to change.
We just replaced our Windows 2003 terminal server with Windows 2008 R2 terminal server.
On old terminal server, we used to get to the server and get the login screen of username, password and domain.
On the new terminal server, even before we actually see the Windows 2008 R2 server, the RDP client asks us for the username and password.
Ideally, when a user puts the server name in the RDP client and clicks on connect, we want two things.
1. Instead of asking for username password right then, it should take us to the server and it should present us with the username and passwords field.
2. The logon domain, by default, is set to the servers's computer name. It should be set to the domain name.
Setup we have is simple. One domain controller and one terminal server.
Users logon to the TS from domain computers as well as from remote locations where the computers are not part of the domain.
What I don't know is if this is RDP client issue or server side issue and I don't know what setting to change.
Hi.
You now have a modern TS, you should not even worry about this :) Turn on single sign on, no more password typing.
You now have a modern TS, you should not even worry about this :) Turn on single sign on, no more password typing.
ASKER
Hi Mike
Thanks for the tip.
We have prevented use of saved creds because of security.
Does your setting conflict with that?
I am aware of saving the creds but due our security policy, we get a message on the rdp client itself that the server doesn't allow saved creds and again prompts you for the details.
What I want is that the RDP client shouldn't ask me for login info at all and take me to the server and that's where I type my login information.
I don't know if this is possible, but if it is, I would like to know.
Thanks for the tip.
We have prevented use of saved creds because of security.
Does your setting conflict with that?
I am aware of saving the creds but due our security policy, we get a message on the rdp client itself that the server doesn't allow saved creds and again prompts you for the details.
What I want is that the RDP client shouldn't ask me for login info at all and take me to the server and that's where I type my login information.
I don't know if this is possible, but if it is, I would like to know.
enablecredsspsupport:i:0
The way I understood it is:
This does not save credentials but passses on the credentials that are currently logged into the PC.
The way I understood it is:
This does not save credentials but passses on the credentials that are currently logged into the PC.
You gave no feedback on sso, why?
I am talking about this: http://blogs.msdn.com/b/rds/archive/2007/04/19/how-to-enable-single-sign-on-for-my-terminal-server-connections.aspx
I am talking about this: http://blogs.msdn.com/b/rds/archive/2007/04/19/how-to-enable-single-sign-on-for-my-terminal-server-connections.aspx
ASKER
The SSO won't work because there are users who access the terminal server from computers which are not part of the domain.
Also we have users who login to TS using some generic logins.
Also we have users who login to TS using some generic logins.
Oh, feedback!
Well, I see.
1) That behavior is normal with 2008 RDP. It is a security mechanism that won't let you connect to the server until you authenticated. Not sure if this can be altered.
2) I don't experience it like that - do you start the rdp client with a domain account? Then this should not happen, I suppose.
Well, I see.
1) That behavior is normal with 2008 RDP. It is a security mechanism that won't let you connect to the server until you authenticated. Not sure if this can be altered.
2) I don't experience it like that - do you start the rdp client with a domain account? Then this should not happen, I suppose.
ASKER
Hi McKnife
Ah, you say that but we do have our domain controller which is Windows 2008 R2 as well.
It does exactly what I need to do which is when you RDP into it, it doesn't ask you for username or password on the RDP client itself, but when you get connected, you see just the username and password field.
Anyway, I will close the question as I am not getting anywhere with this, I am not sure why it works on the DC and not on TS.
Ah, you say that but we do have our domain controller which is Windows 2008 R2 as well.
It does exactly what I need to do which is when you RDP into it, it doesn't ask you for username or password on the RDP client itself, but when you get connected, you see just the username and password field.
Anyway, I will close the question as I am not getting anywhere with this, I am not sure why it works on the DC and not on TS.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
It is located in the root of the My Documents folder
Open/edit default.rdp with notepad
Insert the following line
enablecredsspsupport:i:0
Save and exit