KwokQuincySEGPISOCSSAFSOF-4106 avatar image
0 Votes"
KwokQuincySEGPISOCSSAFSOF-4106 asked JasonWarner-2125 edited

Remote desktop html5 webclient windows authentication


I have a simple RDS setup consist of :

server1: Remote Desktop Gateway, Remote Desktop Web, Remote Desktop Connection Broker (high availability mode)
server2: Session Host
server3: SQL(holds the DB for high availibility mode of server1) RD licensing

server1 has a trusted public wildcard cert used on all of the roles mentioned

RD Web on server 1 has been configured to do windows authentication per web.config in /RDWeb/Pages/

Server1 and Server2 are configured in credential delegation, Trusted internet site, etc... in group policy for all the domain joined workstations for Windows Authentication webpage login and allow CredSSP for the second hop connection to remote app.

in RDWeb:
Behavior: All domain joined workstation can windows authenticate to /RDWeb/Pages/en-us/Default.aspx
All domain joined workstation can open remote app and CredSSP provides the credential to the remote app without user entering additional credential

in RDWeb/Webclient html5:
Behavior: all domain joined workstation are prompted with username password prompt. Entering the domain credential allows user access to remote app without user entering additional credential.

Is the SSO for html5 webclient incomplete?

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

I also have asked Microsoft about SSO support for the html5 webclient as the Zero Trust framework that Microsoft is talking about needs it.
The https://<hostname>/RDweb has SSO support but the HTML5 web client https://<hostname>/RDweb/webclient does not appear to have support.

0 Votes 0 ·

0 Answers