Kerberos SSO failed for Microsoft Remote Desktop Services

Question

I’m trying to setup Kerberos SSO for Remote Desktop using smartcard and the SSO is not working.  After authenticated via F5 against LDAP server and validated, I see icons populated from MS Remote Desktop Web Access, however when I clicked on the icons, it prompted for AD username/password.  I know the Kerberos is working because I can see it’s obtained Kerberos tickets in the logs. S4U ======&gt; OK!  So I know the Kerberos is working but not able to provide SSO.&nbsp;
F5 APM v13&nbsp;
Microsoft Windows 2016; MS RDS Web Access&nbsp;
For Remote Desktop profile, I enabled both Single Sign-on and Standalone Client Settings.&nbsp;
Any idea?&nbsp;

amiles_377865 · Answer

Hi James,&nbsp;
Did you assign your action box to map sso credentials in the vpe?  &nbsp;

jdewing · Answer

Yes, I have variable box to mapped to SAMAccount.&nbsp;
&nbsp;
I'm not using the password field since it's a smart card authentication that validated against LDAP server including CERT auth.    
&nbsp;

Forum Discussion

Kerberos SSO failed for Microsoft Remote Desktop Services

Recent Discussions

Flip-flop load balancing

ASM Export JSON - size Limit ?

Can i apply ddos profile on virtual server using port range

I used the wrong email account when take Application Delivery Exam (101)

F5 iControl REST API - viewBy Parameter Issue in Analytics Report

Related Content

F5 APM as Service Provider (SP) and Microsoft AzureAD as Identity Provider (IDP)

Microsoft Powershell with iControl

SSL Orchestrator Service Extensions: User Coaching

Troubleshooting Kerberos Constrained Delegation: Strong Encryption Types Allowed for Kerberos

Microsoft Active Directory Federation Services (AD FS) iApp Template

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS