locked
RemotApp SSO with Radius Authentication RRS feed

All replies

  • Hi Andress,

    The workaround in Idan's post should work, with the exception of using challenge-response.

    If your radius uses challenge-response, then it will not work as the RDP SSO does not implemented in the challenge-response sceanrio.

     

    Ophir.

    Thursday, November 3, 2011 7:23 AM
  • Hi Ophir.

    Thanks for the hint. Yes, the Radius Server uses challenge-response.

    Is there another way to achieve SSO with RemoteApp and a Radius Server using challenge-response?

    Allthough I don't understand, why it does not work if using both, Radius Server and Active Directory authentication. Any hints?

    Best regards
    Andreas

    Saturday, November 5, 2011 8:42 AM
  • Hi Andreas,

    Sorry for the late reply.

    The reason the SSO fail when using challenge-response is because unlike server side SSO, the RemoteApp SSO is implemented on the client side (i.e. the login page "injects" the credentials into the client ActiveX) and this logic was not implemneted on the challenge-response pages.

    You can try the following workaround:

    Please create a file called ..\von\internalsite\inc\customupdate\TrunkName1LoginContinue.inc

    (When TrunkName is the name of your trunk).

    Inside this file, put the following code:

    <HTML>
    <META NAME="uag_rds_sso_username" CONTENT="<% DefaultDomain="DOMAIN"
    IF INSTR(session("user_name1"),"\")=0 THEN session("user_name1")=DefaultDomain + "\" +session("user_name1")
    Session("full_user_name1")=session("user_name1")
    FormUser=Server.HTMLEncode(Server.URLEncode(session("user_name1")))
    Response.Write FormUser%>"/>
    

    (Please change the word DOMAIN to match your domain name).

    After that, check again and see if the SSO works with challenge-response.

     

    Disclaimer: This sample code is not formal microsoft answer and does not guaranty to work, etc...

    Wednesday, November 9, 2011 12:31 PM