I got rsa authentication and domain authentication working when connecting in from external to my security server in the dmz to the internal connection server.
but the user still has top enter their password when they are on their desktop. why isnt the passthrough authentication working after the domain sign on in the view client?
actually when a user is logged off compltely from the desktop. whtether the connection is from security server or from internal, the sigle sign on does not work. I still need to enter authentication on the desktop to login. is there anyway to sign onto the desktop without entering the credentials again?
That should work fine provided that the user have entered the correct RSA SecurID passcode and then the correct Windows Credentials.
Does SSO work without RSA configured?
// Linjo
from rsa, if the desktop has been logged off compltely by the user, any attempt to resign on back into the desktop requires 3 authentications
1. rsa
2. vmware view domain login credentials
3. desktop domain login credentials
I am wondering if I can eliminate #3
when connecting internally, I am prompted for
1. desktop domain login credentials
#2 sso works but it gets to the desktop and user is required to login
i am folowing this doc
I cannot even find wsgina.dll in the view folder.
I think something is wrong with the gina chain
there is only shgina.dll and thats under
%systemroot%/system32
I have this issue also at a client implementaiton. Are you using endpoint protection that prevents the use of passthrough authentication? It works great in my lab but during an implementation running SEP, passthrough would not function.
found the problem. in the registry there was a defaultusername under
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
I removed it.
also DisableCAD was set to 1
I changed it to 0.
now it works
