locked
RD Web Access to RemoteApp SSO RRS feed

  • Question

  • I am trying to set up this scenario, and with the most popular SSO post, it doesn't seem to work/isn't meant for this purpose.

    A user connects to TS Web Access. They are prompted for their username/password using Forms Authentication (like normal). They are connecting from a non-domain computer. They enter their credentials, and are given a list of RemoteApps to run. When they click on an app, they are given a certificate warning (which is OK) and then another certificate warning (also OK) and are connected to the app using the Forms credentials they entered earlier.

    That is the IDEAL scenario. This is what I am experiencing. A user logs in with their account to the form. They connect to the RemoteApp and are prompted for another set of credentials. If I enable SSO, it passes the user's currently logged in (Windows) credentials instead of the form credentials. I also have to change a policy setting on the local box in order to get SSO to work (The delegate credentials one).

    So, question 1: Is this even possible?? And question 2: How do I get the Forms credentials to pass to the RemoteApp session?

    Monday, June 20, 2011 12:47 PM

Answers

  • Hi,

     

     

    Yes, it is possible. In Windows Server 2008 R2, using the new RD Web Access Forms Based Authentication (FBA), users will now have to enter credentials only once in the login page of RD Web Access and will not be prompted again for entering credentials on launching subsequent apps from the RemoteApp Programs page of RD Web Access.

     

     

    You can refer to the following article that describes step by step to configure the SSO on RemoteApp and Desktop Connections.

     

    Introducing Web Single Sign-On for RemoteApp and Desktop Connections

    http://blogs.msdn.com/b/rds/archive/2009/08/11/introducing-web-single-sign-on-for-remoteapp-and-desktop-connections.aspx

     

     

     

     

    Thanks.

    • Marked as answer by Tim Quan Monday, July 11, 2011 6:21 AM
    Wednesday, June 22, 2011 6:11 AM

All replies

  • Hi,

     

     

    Yes, it is possible. In Windows Server 2008 R2, using the new RD Web Access Forms Based Authentication (FBA), users will now have to enter credentials only once in the login page of RD Web Access and will not be prompted again for entering credentials on launching subsequent apps from the RemoteApp Programs page of RD Web Access.

     

     

    You can refer to the following article that describes step by step to configure the SSO on RemoteApp and Desktop Connections.

     

    Introducing Web Single Sign-On for RemoteApp and Desktop Connections

    http://blogs.msdn.com/b/rds/archive/2009/08/11/introducing-web-single-sign-on-for-remoteapp-and-desktop-connections.aspx

     

     

     

     

    Thanks.

    • Marked as answer by Tim Quan Monday, July 11, 2011 6:21 AM
    Wednesday, June 22, 2011 6:11 AM
  • Check your folder permissions.

    C:\windows\web\RDweb\

    Give Read & Execute to "Authenticated Users".

    • Proposed as answer by Saimon_SP Wednesday, July 13, 2016 2:46 PM
    Wednesday, January 15, 2014 6:26 PM
  •  I have been having issue with SSO for RDweb app. Using Hyper-V Server 2012 with VMs (Pooled and Personal) Win7 64bit. Remote Client has ThinPC Windows 7 with RDP 8.1.
     Ideally once user logs into ThinPC , IE opens up to rdweb link. Under RemoteApp and Desktop, there are 2 icons that said Pooled VM and Personal VM. A user clicks on Personal and it should automatically rdp to the Win7 64bit VM without any credentials.
     Everything works, until it gets to the Win7 64bit VM, user must enter their password which I do not want. It should use the Windows Authentication password when she logs in first time for ThinPC (domain joined).
     I have tried everything, Delegation Credentials, IE Trusted Site  Termsrv/*domain.com. But once user clicks on the Personal or Pool VM, it gets to the VM and ask for password.
     Please advise. Do you do support?
    Thanks
    Tuan
    Thursday, October 8, 2015 12:31 AM
  • @wawakiki

    Just found this in an article which may help you.

    Web SSO is supported for launching RemoteApp programs from RD Web Access or the Start menu in any of the above modes. For Web SSO to work when connecting to personal desktops or pooled virtual machines (VMs) the client machine needs this hotfix installed:  http://support.microsoft.com/kb/2524668.

    Rob

    Tuesday, October 13, 2015 9:21 AM