none
Login prompt for RemoteApps

    Question

  • Hello,

    I am running RDS in a Windows Server 2008 R2 farm. We want our users to use the shortcuts under Start -- >  'Remote App and Desktop Connection'. When the users do then they are being prompted for their credentials. If possible we would like to get rid of the login screen and that the user is being authenticated automatically. I found the post below and several other ones talking bout single sign-on. However all these posts talk about this issue related to the RD Web Access server.

    http://blogs.msdn.com/b/rds/archive/2009/08/11/introducing-web-single-sign-on-for-remoteapp-and-desktop-connections.aspx

    So my question is: By me implementing SSO would that get rid of the login screen users see when they start an app through Start -- >  'Remote App and Desktop Connection' or does that only remove the second logon screen if users login through the RD Web Access page?

    Thank you
    Marcus

    Thursday, March 15, 2012 7:31 PM

Answers

  • Hi Marcus,

    For your client PCs you need to enable default credential delegation via Group Policy.  The setting is under Computer Configuration\Administrative Templates\System\Credentials Delegation

    Allow Delegating Default Credentials     Enabled     click Show

    TERMSRV/rds.yourdomain.com

    Please replace rds.yourdomain.com with the FQDN of your RDSH server.

    Do you have any XP client PCs?

    Thanks.

    -TP

    • Marked as answer by Mc2102 Thursday, March 15, 2012 9:54 PM
    Thursday, March 15, 2012 8:00 PM
    Moderator

All replies

  • If I'm following you correctly, try opening the RDP shortcut, then select options, on the general tab enable "allow me to save credentials"

    hth

    DDS

    Thursday, March 15, 2012 8:00 PM
  • Hi Marcus,

    For your client PCs you need to enable default credential delegation via Group Policy.  The setting is under Computer Configuration\Administrative Templates\System\Credentials Delegation

    Allow Delegating Default Credentials     Enabled     click Show

    TERMSRV/rds.yourdomain.com

    Please replace rds.yourdomain.com with the FQDN of your RDSH server.

    Do you have any XP client PCs?

    Thanks.

    -TP

    • Marked as answer by Mc2102 Thursday, March 15, 2012 9:54 PM
    Thursday, March 15, 2012 8:00 PM
    Moderator
  • Hello TP,

    I will give that a try and then post the outcome.

    No I do not have any Windows XP machines...Windows 7 only

    Thursday, March 15, 2012 9:29 PM
  • TP,

    I tested the settings you recommened. I created a GPO and applied it to a test machine. Enabled the 'Allow Delegating Default Credentials' Policy added some the following entry to the server list:

    TERMSRV/*.domain.com 

    I enforced the GPO and it works as expected.

    However, I have a farm with serveral RD Session Hosts and when  I added a  dedicated entry for the farm then that seemed to be working too. Thanks for ur help on this.

    Marcus


    • Edited by Mc2102 Thursday, March 15, 2012 9:55 PM
    Thursday, March 15, 2012 9:54 PM