1

I have a windows server 2008-R2 machine which have been configured for remote user login. I have made a policy changes so that credential delegation can work. I have done similar configuration on windows server 2012R2 and it works without any issue.

Changes done: https://blogs.technet.microsoft.com/enterprisemobility/2007/04/19/how-to-enable-single-sign-on-for-my-terminal-server-connections/

Windows server 2008-R2 is updated at the latest windows version with hotfix.

Problem is even when i am including correct data in rdp file my credential delegation are not working.

Edit-1

Below is the rdp used for connecting to the server 

redirectsmartcards:i:1
redirectcomports:i:0
enablecredsspsupport:i:1
autoreconnection enabled:i:1
connection type:i:5
authentication level:i:0
full address:s:192.168.1.198
server port:i:3389
password 51:b:01000000D08C9DDF0115D1118C7A00C04FC297EB01000000CA95DAC5EC043647913E2D433EB3B33A0000000020000000730069006D0070006C0065002E00770069006E00630072007900700074000000106600000001000020000000506A8B9A9E45E6A89CDA3A9016AD9FC56FD4435F58F65BCEC52157FC6FDE5DF4000000000E800000000200002000000091AA63B0D5557901A9AF63B85B5A9BFE905D13B4C0F6B590886C00D90D35C5C050000000C8ABD4B6E7D5B59EB984355D984FBBE4E1C782CEEA7919710A5A1B156FEC4DBF5F4489B13798CC944B41B24D1F7C4A9C089E82C02F76D31E5FB2F36935528C4341D45EABE5F264E02A4F2DFF4758B46940000000A645D392481033EA4F4E5AD76EB83F51E3DB382DBBB87923FF491FAD5496535FC08631FA00F18593BD1B5E2D309F083F8FB6F8F3099BEF9694D380886B63F229
username:s:.\test1

This file have credssp flag enabled so that it can use windows credential manager while authenticating remote machine.

Mandar
  • 111
  • 6

2 Answers2

1

I had this issue a while ago, AFAIR I just reconfigured it from this link http://blog.powershell.no/2009/12/25/single-sign-on-to-remote-desktop-services/ Second time it worked well.

What's the error you get in there?

Strepsils
  • 4,817
  • 9
  • 14
  • 1
    I have created a RDP file for single sign on in which i have a "password 51:" field, now when i login it displays cred dialog. I have configured all above settings. On server event viewer EvenID is 4625. I am pretty sure my creds are not delegated to server. – Mandar Aug 16 '17 at 11:04
0

This issue have been resolved by removing password token from the rdp file.

Problem was because of using both password tag and enablecredsspsupport tag in same file. After removing password tag from the file credssp feature started working.

Mandar
  • 111
  • 6