Active Directory Single Sign-On
Um Windows SSO-Authentifizierung für generierte Clients zu aktivieren:
Update TSplus Remote Access to the latest version on a server joined to the domain.
Generate a client from the Client Generator, checking the “Enable Single Sign-On (SSO)” box in the “Security” tab.
Connectez-vous depuis une machine jointe au domaine en utilisant le client généré.
Configurar la Política de Grupo para el Inicio de Sesión Único (SSO) de Windows a través del Cliente de Escritorio Remoto
Desde el controlador de dominio:
- Open the Group Policy Management Console.
- Right-click on the Organizational Unit (OU) where the Group Policy Object (GPO) should be applied and select “Create a GPO in this domain, and Link it here…”.
- Name the GPO (e.g., SSO_RDS_MY_SERVER) and click “OK”.
- Right-click on the created policy and select “Edit”.
- Navigate to the following location: “Configuración del equipo / Políticas / Plantillas administrativas / Sistema / Delegación de credenciales.”
- Doppelklicken Sie auf „Standardanmeldeinformationen delegieren erlauben“, um die Einstellungen zu öffnen.
- Enable the setting and click “Show…”
- In the Value field, enter the server(s) in the format TERMSRV/server_fully_qualified_domain_name and click “OK”.
- Click “Apply” and “OK” to close the window. From the client machine:
- Update group policies by running the following command as an administrator: gpupdate /force.