Server 2008 RemoteApp - Single sign on

Hi,

I'm having trouble getting SSO to work on a Server 2008 terminal server with a RemoteApp.

I have set the server settings for TS to:
Security layer - Negotiate
Encryption Level - Client Compatible
Allow connections from computers running RD with NLA is unchecked
Always prompt for a password is also unchecked.

On the client I have set a GPO to enable:
Allow Delegating Default Credentials with NTLM-only Server Authentication
Allow Delegating Default Credentials

Both these have the TS server listed as
termserv/tsserver
termserv/tsserver.mydomain.com

The client is Windows 7 32 and 64 bit.

If I launch the remote app or even just a normal RDP session it always still prompts for credentials. I'm a bit lost as to what to do now.

Could anyone help please?

Thanks
Gav
piemckayAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
piemckayConnect With a Mentor Author Commented:
Hello,
Thanks for the suggestions. I could not find anything with packet sniffers and I did try the settings to force NLA but none of these worked.

It turns out that we needed to use different accounts anyway so we have saved the credentials in the connection now. Not the slickest but we have our application working.

Thanks
Gav
0
 
Patrick BogersConnect With a Mentor Datacenter platform engineer LindowsCommented:
Hi,

Sounds like either the username/password are not forwarded to the TS as expected or the username password is not stored on the box trying to connect.

What if you connect to the TS with MSTSC and have this remember username password. (i would play with the session, leave it on (just click on the X)) then try your app.

If still no luck i believe it is time to sniff the network traffic and see what the reason is TS is not being served the right credentials. Sniffing can be done with Wireshark or Fiddler.
0
 
SteveConnect With a Mentor Commented:
assuming the TS & clients are on the same domain and the user is logged in with the appropriate domain account?

There were some known issues with Windows 7 and SSO so I cant guarantee there is an answer, but try forcing NLA in your RDP settings, as this is required for SSO to function.

http://www.computerweekly.com/news/1280096991/XP-single-sign-on-applications-fail-on-Windows-7
0
 
piemckayAuthor Commented:
No solution found. Known issues with this and good suggestions.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.