Jump to content

RDP/TS Single-sign-on with credentails delegation

Guest Ondrej Sevecek

By Guest Ondrej Sevecek
in Techno Babble

 Share

Recommended Posts

Guest Ondrej Sevecek

Guest Ondrej Sevecek

Posted
Posted

Hello,

 

I am currently investigating the "delegate default credentials" policy for

TS connection (TS SSO) from a domain user.

 

The behaviour is, that the user generates itself a kerberos ticket for

TERMSRV/tsserver.domain.local. Here its ok.

 

But what is the actuall essence of the following TS login? Will the client

pass down the ticket to the terminal server OR will it then use cleartext

login and password (say after this first place pre-authentication by using

kerberos)??

 

Previous TS servers were able to accept only cleartext login and password

(inside the RDP/SSL tunnel certainly). So did this change?

 

ondra.

  • Replies 0
  • Created
  • Last Reply

Popular Days

Popular Days

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...