none
RDWeb an SSO with FBA credentials

    Question

  • Hello,

    I am having a problem with the double authentication when using the RDWeb Page.
    When i logon to the RDWeb Page, i see all of the RemoteApps i published.
    When i click on one Remote App, i'll get again an Authentication Windows. When putting the credetionals in the app starts.
    I don't find the Problem why the SSO is not working.

    RD Session Hosts:
    TSRV01
    TSRV02
    TSRV03

    Connection Broker and RDWeb Server:
    RD01

    All Servers are running Windows 2008 R2

    RD01 is Member in the "ts web access computers group" on all of the Terminal Servers.
    "Always prompt for password" is not checked in RDP Settings
    When adding an App, it immediatly appears on WebPage, so RDWeb Server seams to talk to the Session Hosts.

    Certifcates for digitaly signing are installed. I use a internal CA.

    When i set "Allow Delegating Default Credentials" via GPO to the Clients, the SSO is working with the localy provided credentials, but i want to use the credentials that are typed into the RDWeb Login Page.

    Hope somebody have a tip for me!

    Thanks!

    Nikolaus

    Sunday, March 17, 2013 9:58 PM

Answers

  • Hi,

    Thanks for your post.

    In Windows Server 2008 R2, the Web Single Sign-On (Web SSO) feature provides users with the ability to enter their credentials only once during logon to Remote Desktop Web Access (RD Web Access). After logon, users can launch RemoteApp programs that are part of the same connection in RemoteApp and Desktop Connections without any further credential prompts, even if the RemoteApp programs are configured to use RD Gateway.

    Web SSO is supported for launching RemoteApp programs from RD Web Access or the Start menu in any of the above modes. However, for connections to personal desktops or pooled virtual machines (VMs), it will not work, which means VDI does not support Single Sign-On.

    Please refer to the following article:

    Introducing Web Single Sign-On for RemoteApp and Desktop Connections

    http://blogs.msdn.com/b/rds/archive/2009/08/11/introducing-web-single-sign-on-for-remoteapp-and-desktop-connections.aspx

    Best Regards,

    Aiden


    Aiden Cao
    TechNet Community Support

    Thursday, March 21, 2013 2:28 AM
    Moderator

All replies

  • Hi,

    Thanks for your post.

    In Windows Server 2008 R2, the Web Single Sign-On (Web SSO) feature provides users with the ability to enter their credentials only once during logon to Remote Desktop Web Access (RD Web Access). After logon, users can launch RemoteApp programs that are part of the same connection in RemoteApp and Desktop Connections without any further credential prompts, even if the RemoteApp programs are configured to use RD Gateway.

    Web SSO is supported for launching RemoteApp programs from RD Web Access or the Start menu in any of the above modes. However, for connections to personal desktops or pooled virtual machines (VMs), it will not work, which means VDI does not support Single Sign-On.

    Please refer to the following article:

    Introducing Web Single Sign-On for RemoteApp and Desktop Connections

    http://blogs.msdn.com/b/rds/archive/2009/08/11/introducing-web-single-sign-on-for-remoteapp-and-desktop-connections.aspx

    Best Regards,

    Aiden


    Aiden Cao
    TechNet Community Support

    Thursday, March 21, 2013 2:28 AM
    Moderator
  • Thank for the information.
    Tuesday, March 26, 2013 11:11 PM