Forum Discussion

mawan_revera's avatar
Icon for Altostratus rankAltostratus
Jun 23, 2019

SSO - RDP hosts

Hello ,

i am on F5 - 13.1.4 and am trying to setup sso for remote desktop - i have enabled sso when setting up desktop - but its still not signining on and asking for username and password - meaning - giving a prompt

logs indicate username - domain and password variables are set but still not working


Question - do i need to do a sso mapping (i thought that was not necessary)

2 - do i need to setup NTLM2 sso for this ?




8 Replies

  • > do i need to do a sso mapping (i thought that was not necessary)


    what variables are defined in rdp sso section?


    if source variables are session.sso.token.last.username and session.sso.token.last.password, you need to set these variables...


    sso credential mapping is a tool to do it but you can also do it with variable assign


    Rdp does not use NTLM sso.


    are you sure session.logon.last.domain is configured with NT domain name?

  • Thanks for the reply -

    i have added variable assign -

    session.logon.last.username = session.logon.last.username

    session.sso.token.last.password = expr { "[mcget session.logon.last.password1]" }

    session.logon.last.domain = expr {"RVM"}


    and i can see in th elogs as well (debug) - that

    _resource_remote_desktop./MGM/S01.domain' set to 'RVM'

    resource_remote_desktop./MGM/S01.password' set to '**********'

    resource_remote_desktop./MGM/S01.username' set to 'TESTUSEr'


    but still - get a logon prompt when i launch RDP

  • Did you set a ssl profile to the vs?


    if yes, don’t use APM default server ssl but serverssl.


    i got issues with sso because APM did not trust rdp server CA (not listes in trusted ca defined in this ssl profile)

  • Is the variable session.logon.last.password1 encrypted?


    In variable assign for password, set it as secured and use expression


    expr { "[mcget -secure session.logon.last.password1]" }