Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3404
  • Last Modified:

2012 RDS remote connections require two authentications

I am currently running a pilot environment for a 2012 RDS Farm, the environment consists of one RDS Connection Broker and two RDS Session Host Servers

When i connect from my desktop to the broker using mstsc i am asked to authenticate in a Windows Security pop-up window (domain\user autofilled) i put in my password and the connection is made. I am then greeted with the 2012 login page (domain\user auto filled again) and i have to put in my password to logon..

Standard users piloting this are also getting asked to sign in twice but these are using a pre-made RDP shortcut config below

screen mode id:i:1
use multimon:i:0
desktopwidth:i:1920
desktopheight:i:1080
session bpp:i:32
winposstr:s:0,3,-1280,-74,0,950
compression:i:1
keyboardhook:i:2
audiocapturemode:i:0
videoplaybackmode:i:1
connection type:i:2
displayconnectionbar:i:1
disable wallpaper:i:1
allow font smoothing:i:0
allow desktop composition:i:0
disable full window drag:i:1
disable menu anims:i:1
disable themes:i:0
disable cursor setting:i:0
bitmapcachepersistenable:i:1
full address:s:<connection broker server name>
audiomode:i:0
redirectprinters:i:1
redirectcomports:i:0
redirectsmartcards:i:1
redirectclipboard:i:1
redirectposdevices:i:0
redirectdirectx:i:1
autoreconnection enabled:i:1
authentication level:i:2
prompt for credentials:i:0
negotiate security layer:i:1
remoteapplicationmode:i:0
alternate shell:s:
shell working directory:s:
gatewayhostname:s:
gatewayusagemethod:i:4
gatewaycredentialssource:i:4
gatewayprofileusagemethod:i:0
promptcredentialonce:i:1
use redirection server name:i:1
loadbalanceinfo:s:tsv://MS Terminal Services Plugin.1.<Collection name>
drivestoredirect:s:

When this is used the 2012 logon prompt is shown and users have to enter their password and then the logon prompt comes up again, its like the broker is requesting a logon before directing to the session hosts which then also ask for a login..

Within the RDS Deployment Properties i have attached a wildcard cert for the domain which is trusted by all clients and the deployment is showing as 'trusted'
0
Stuart Lupton
Asked:
Stuart Lupton
1 Solution
 
Brad BouchardInformation Systems Security OfficerCommented:
This happens because you have Windows XP, Vista, or other older operating systems in your environment.  Windows 7 and above users should be fine.  We also had this issue and it was due to thin clients not being up-to-date with the version of XP embedded they were using.  This article is for 2008 but it applies to 2012... have a look.

http://www.edugeek.net/forums/thin-client-virtual-machines/62950-windows-2008-r2-remote-desktop-double-login.html
0
 
Stuart LuptonDatacentre & Server EngineerAuthor Commented:
Thanks back in the office weds so will give this a go :)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now