Solved

Server 2008 RemoteApp - Single sign on

Posted on 2013-05-17
4
487 Views
Last Modified: 2013-06-08
Hi,

I'm having trouble getting SSO to work on a Server 2008 terminal server with a RemoteApp.

I have set the server settings for TS to:
Security layer - Negotiate
Encryption Level - Client Compatible
Allow connections from computers running RD with NLA is unchecked
Always prompt for a password is also unchecked.

On the client I have set a GPO to enable:
Allow Delegating Default Credentials with NTLM-only Server Authentication
Allow Delegating Default Credentials

Both these have the TS server listed as
termserv/tsserver
termserv/tsserver.mydomain.com

The client is Windows 7 32 and 64 bit.

If I launch the remote app or even just a normal RDP session it always still prompts for credentials. I'm a bit lost as to what to do now.

Could anyone help please?

Thanks
Gav
0
Comment
Question by:piemckay
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 23

Assisted Solution

by:Patrick Bogers
Patrick Bogers earned 100 total points
ID: 39177059
Hi,

Sounds like either the username/password are not forwarded to the TS as expected or the username password is not stored on the box trying to connect.

What if you connect to the TS with MSTSC and have this remember username password. (i would play with the session, leave it on (just click on the X)) then try your app.

If still no luck i believe it is time to sniff the network traffic and see what the reason is TS is not being served the right credentials. Sniffing can be done with Wireshark or Fiddler.
0
 
LVL 27

Assisted Solution

by:Steve
Steve earned 100 total points
ID: 39207808
assuming the TS & clients are on the same domain and the user is logged in with the appropriate domain account?

There were some known issues with Windows 7 and SSO so I cant guarantee there is an answer, but try forcing NLA in your RDP settings, as this is required for SSO to function.

http://www.computerweekly.com/news/1280096991/XP-single-sign-on-applications-fail-on-Windows-7
0
 

Accepted Solution

by:
piemckay earned 0 total points
ID: 39215940
Hello,
Thanks for the suggestions. I could not find anything with packet sniffers and I did try the settings to force NLA but none of these worked.

It turns out that we needed to use different accounts anyway so we have saved the credentials in the connection now. Not the slickest but we have our application working.

Thanks
Gav
0
 

Author Closing Comment

by:piemckay
ID: 39231301
No solution found. Known issues with this and good suggestions.
0

Featured Post

Get Actionable Data from Your Monitoring Solution

Your communication platform is only as good as the relevance of the information you send. Ensure your alerts get to the right people every time with actionable responses. Create escalation rules that ensure everyone follows the process and nothing is left to chance.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A safe way to clean winsxs folder from your windows server 2008 R2 editions
By default the complete memory dump option is disabled in windows . If we want to enable the complete memory dump for a diagnostic purpose, we have a solution for it. here we are using the registry method to enable this.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question