Solved

Server 2008 RemoteApp - Single sign on

Posted on 2013-05-17
4
486 Views
Last Modified: 2013-06-08
Hi,

I'm having trouble getting SSO to work on a Server 2008 terminal server with a RemoteApp.

I have set the server settings for TS to:
Security layer - Negotiate
Encryption Level - Client Compatible
Allow connections from computers running RD with NLA is unchecked
Always prompt for a password is also unchecked.

On the client I have set a GPO to enable:
Allow Delegating Default Credentials with NTLM-only Server Authentication
Allow Delegating Default Credentials

Both these have the TS server listed as
termserv/tsserver
termserv/tsserver.mydomain.com

The client is Windows 7 32 and 64 bit.

If I launch the remote app or even just a normal RDP session it always still prompts for credentials. I'm a bit lost as to what to do now.

Could anyone help please?

Thanks
Gav
0
Comment
Question by:piemckay
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 23

Assisted Solution

by:Patrick Bogers
Patrick Bogers earned 100 total points
ID: 39177059
Hi,

Sounds like either the username/password are not forwarded to the TS as expected or the username password is not stored on the box trying to connect.

What if you connect to the TS with MSTSC and have this remember username password. (i would play with the session, leave it on (just click on the X)) then try your app.

If still no luck i believe it is time to sniff the network traffic and see what the reason is TS is not being served the right credentials. Sniffing can be done with Wireshark or Fiddler.
0
 
LVL 27

Assisted Solution

by:Steve
Steve earned 100 total points
ID: 39207808
assuming the TS & clients are on the same domain and the user is logged in with the appropriate domain account?

There were some known issues with Windows 7 and SSO so I cant guarantee there is an answer, but try forcing NLA in your RDP settings, as this is required for SSO to function.

http://www.computerweekly.com/news/1280096991/XP-single-sign-on-applications-fail-on-Windows-7
0
 

Accepted Solution

by:
piemckay earned 0 total points
ID: 39215940
Hello,
Thanks for the suggestions. I could not find anything with packet sniffers and I did try the settings to force NLA but none of these worked.

It turns out that we needed to use different accounts anyway so we have saved the credentials in the connection now. Not the slickest but we have our application working.

Thanks
Gav
0
 

Author Closing Comment

by:piemckay
ID: 39231301
No solution found. Known issues with this and good suggestions.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you get continual lockouts after changing your Active Directory password, there are several possible reasons.  Two of the most common are using other devices to access your email and stored passwords in the credential manager of windows.
While working, an annoying popup showing below will come and we cannot cancel or close it form the screen. The error message will come again and again.
This Micro Tutorial will teach you how to the overview of Microsoft Security Essentials. This is a free anti-virus software that guards your PC against viruses, spyware, worms, and other malicious software. This will be demonstrated using Windows…
The viewer will learn how to successfully download and install the SARDU utility on Windows 7, without downloading adware.

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question