Start > Terminal server > 2008 Terminal Server – Single Sign-On

2008 Terminal Server – Single Sign-On

27 maart 2009
Ga naar reacties Reageer
It is possible to provide Single Sign-On for the client PC’s in a 2008 Terminal server environment. With this feature, you can use the credentials of the currently logged on user (also called default credentials) to log on to a remote computer (Terminal Server).

 

The condition is that you use a client with Windows XP SP3 or Windows Vista.
How to do?

1. Open Group Policy Management and enable the ”Allow deligating Default Credentials” setting. Add the Terminal Server to the list with TERMSRV\tsname or use TERMSRV\* for all Terminal Servers.

Group Policy Editor

2. When you use Windows XP SP3, you have to do some extra settings in registry (check KB951608) to enable CREDSSP:

  1. Click Start, click Run, type regedit, and then press ENTER.
  2. In the navigation pane, locate and then click the following registry subkey:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
  3. In the details pane, right-click Security Packages, and then click Modify.
  4. In the Value data box, type tspkg. Leave any data that is specific to other SSPs, and then click OK.
  5. In the navigation pane, locate and then click the following registry subkey:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders
  6. In the details pane, right-click SecurityProviders, and then click Modify.
  7. In the Value data box, type credssp.dll. Leave any data that is specific to other SSPs, and then click OK.
  8. Exit Registry Editor.
  9. Restart the computer.

For more info: check Terminal Server Team Blog

Kris Nijs Terminal server

  1. Nog geen reacties.
  1. Nog geen trackbacks.