GPO: Configure SSO on RDS Connections

Presentation

In this article, we’ll see how to set up Single Sign-on (SSO) on Remote Desktop (RDS) connections using a GPO.

This solution eliminates the need for users to re-enter their login to connect to an RDS server or RemoteApp connections.

Policy Configuration – GPO

Ouvrir la console de Gestion des stratégies de groupes, sélectionner l’OU 1 où la GPO doit être appliquée, faite un clic droit dessus et cliquer sur Créer un objet GPO dans ce domaine, et le lier ici… 2.
Nouvelle GPO SSO RDS

Nommer la GPO 1 et cliquer sur OK 2.
Nom de la GPO

Faire un clic droit sur la stratégie 1 et cliquer sur Modifier 2.
Modifier le GPO

Aller à l’emplacement suivant : Configuration ordinateur / Stratégies / Modèles d’administrations / Système / Délégation d’informations d’identification 1.
Chemin jusqu'au parametre

Faire un double clic sur Autoriser la délégation d’information d’identification par défaut 1 pour ouvrir les paramètres.
Modifier le parametre

Activate 1 the parameter and click on Display … 2.
Activer le parametre

In the value part 1 enter the server (s) in the form TERMSRV / server_name_name and click on OK 2.
Entrer le nom du serveur

Click Apply 1 and OK 2 to close the window.
Appliquer

The setting is On 1. Close the editor.
Délégation d'authentification activée

Summary of the strategy:
Résumé de la GPO

Test from a client

Go to a client workstation that is in the OU of the strategy.

Open a command window in Administrator and enter the following command to refresh the GPOs.

Open the Remote Desktop Connection client. Entering the server name defined in GPO 1, User Name 2 must be filled in automatically and can not be changed. Click on Login 3.
Client rdp : SSO connexions RDS



Related Posts


GPO: Installing the FusionInventory Agent

Introduction Following the many messages I can see on the forum concerning the installation of the Agent FusionInventory, I will explain how I have been doing for several years. In this article, I'll

Enterprise CA: Installation and Configuration with Windows Server

In this tutorial, I will explain how to set up an enterprise CA that is linked to an Active Directory, unlike the stand-alone CA. This type of CA allows you to automate certificate generation with dir

Printer mapping: GPO and Script

Table Of ContentsIntroMap a printer by GPOLimit printer mapping to a groupPrinter mapping by scriptLimit printer mapping to an Active Directory groupTroubleshootingDeactivate Point and Print Restricti

Scroll to Top