Active Directory Single Sign-On

Um Windows SSO-Authentifizierung für generierte Clients zu aktivieren:

Update TSplus Remote Access to the latest version on a server joined to the domain.

Generate a client from the Client Generator, checking the “Enable Single Sign-On (SSO)” box in the “Security” tab.

Connectez-vous depuis une machine jointe au domaine en utilisant le client généré.

Configurar la Política de Grupo para el Inicio de Sesión Único (SSO) de Windows a través del Cliente de Escritorio Remoto

Desde el controlador de dominio:

1. Open the Group Policy Management Console.
2. Right-click on the Organizational Unit (OU) where the Group Policy Object (GPO) should be applied and select “Create a GPO in this domain, and Link it here…”.
3. Name the GPO (e.g., SSO_RDS_MY_SERVER) and click “OK”.
4. Right-click on the created policy and select “Edit”.
5. Navigate to the following location: “Configuración del equipo / Políticas / Plantillas administrativas / Sistema / Delegación de credenciales.”
6. Doppelklicken Sie auf „Standardanmeldeinformationen delegieren erlauben“, um die Einstellungen zu öffnen.
7. Enable the setting and click “Show…”
8. In the Value field, enter the server(s) in the format TERMSRV/server_fully_qualified_domain_name and click “OK”.
9. Click “Apply” and “OK” to close the window. From the client machine:
10. Update group policies by running the following command as an administrator: gpupdate /force.