none
RD Gateway with cached credentials

    General discussion

  • We're using a RD Gateway server and a RDS Host on a remote site. Both of them

    are joined to the internal domain. There's no DC on this remote site (VPN connection to

    the main site where AD DC are located).

    Connections are made using domain users accounts.

    My problem: if the VPN is down, RD connections are refused by the RD Gateway.

    Is there any way to allow the RDGateway to authenticate domain users using local cached credentials ?

    (with domain users profiles created locally)

    Thanks,

    Vincent

    Saturday, May 10, 2014 5:11 PM

All replies

  • Hi Vincent,

    Thank you for posting in Windows Server Forum.

    Yeah, you have the option for locally logged on credentials under credential sharing option. You must have RDP version above 6.1. You can enable or disable credential sharing in either of the following two ways:

    - Editing connection settings on the Remote Desktop Services client (Remote Desktop Connection). On the client, the credential sharing setting is configured by selecting or clearing the Use my RD Gateway credentials for the remote computer check box, as described later in this topic.

    - Editing RDP file settings. In the RDP file, the credential sharing setting is configured by adding or modifying the PromptCredentialOnce:i line, as described later in this topic.

    More information:
    Enable or Disable Credential Sharing for Connections Through Remote Desktop Gateway
    http://technet.microsoft.com/en-us/library/cc732614.aspx

    Hope it helps!

    Thanks.


    Dharmesh Solanki

    Monday, May 12, 2014 9:44 AM
  • Hi Dharmesh,

    I was thinking about cached logon information on server side (RD Gateway and RD Host), in case

    the domain controller is not available. This appears to be working on RD Host, but not on RD Gateway.

    Is this by design ? Any solution / workaround ?

    Thanks,
    Vincent

    Thursday, May 15, 2014 12:12 PM
  • Hi

    I 'll close this thread and create a new one called "RD Session host login when DC unavailable" to clarify.

    Thanks,

    Vincent

    Thursday, May 15, 2014 4:00 PM