VMware Horizon Community
tdubb123
Expert
Expert

single sign on from security server

I got rsa authentication and domain authentication working when connecting in from external to my security server in the dmz to the internal connection server.

but the user still has top enter their password when they are on their desktop. why isnt the passthrough authentication working after the domain sign on in the view client?

Reply
0 Kudos
6 Replies
tdubb123
Expert
Expert

actually when a user is logged off compltely from the desktop. whtether the connection is from security server or from internal, the sigle sign on does not work. I still need to enter authentication on the desktop to login. is there anyway to sign onto the desktop without entering the credentials again?

Reply
0 Kudos
Linjo
Leadership
Leadership

That should work fine provided that the user have entered the correct RSA SecurID passcode and then the correct Windows Credentials.

Does SSO work without RSA configured?

// Linjo

Best regards, Linjo Please follow me on twitter: @viewgeek If you find this information useful, please award points for "correct" or "helpful".
Reply
0 Kudos
tdubb123
Expert
Expert

from rsa, if the desktop has been logged off compltely by the user, any attempt to resign on back into the desktop requires 3 authentications

1. rsa

2. vmware view domain login credentials

3. desktop domain login credentials

I am wondering if I can eliminate #3

when connecting internally, I am prompted for

1. desktop domain login credentials

#2 sso works but it gets to the desktop and user is required to login

Reply
0 Kudos
tdubb123
Expert
Expert

i am folowing this doc

http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&docType=kc&docTypeID=DT_KB_1_1&e...

I cannot even find wsgina.dll in the view folder.

I think something is wrong with the gina chain

there is only shgina.dll and thats under

%systemroot%/system32

Reply
0 Kudos
stanyarbroughjr
Contributor
Contributor

I have this issue also at a client implementaiton.  Are you using endpoint protection that prevents the use of passthrough authentication?  It works great in my lab but during an implementation running SEP, passthrough would not function. 

Reply
0 Kudos
tdubb123
Expert
Expert

found the problem. in the registry there was a defaultusername under

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

I removed it.

also DisableCAD was set to 1

I changed it to 0.

now it works

Reply
0 Kudos