Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!

SSO - RDP hosts

mawan_revera
Altostratus
Altostratus

‎23-Jun-2019 16:03

Hello ,

i am on F5 - 13.1.4 and am trying to setup sso for remote desktop - i have enabled sso when setting up desktop - but its still not signining on and asking for username and password - meaning - giving a prompt

logs indicate username - domain and password variables are set but still not working

 

Question - do i need to do a sso mapping (i thought that was not necessary)

2 - do i need to setup NTLM2 sso for this ?

 

thanks

 

Labels:
0 Kudos
8 REPLIES 8

Stanislas_Piro2
Cumulonimbus
Cumulonimbus

‎23-Jun-2019 21:34

> do i need to do a sso mapping (i thought that was not necessary)

 

what variables are defined in rdp sso section?

 

if source variables are session.sso.token.last.username and session.sso.token.last.password, you need to set these variables...

 

sso credential mapping is a tool to do it but you can also do it with variable assign

 

Rdp does not use NTLM sso.

 

are you sure session.logon.last.domain is configured with NT domain name?

0 Kudos

mawan_revera
Altostratus
Altostratus

‎23-Jun-2019 22:20

Thanks for the reply -

i have added variable assign -

session.logon.last.username = session.logon.last.username

session.sso.token.last.password = expr { "[mcget session.logon.last.password1]" }

session.logon.last.domain = expr {"RVM"}

 

and i can see in th elogs as well (debug) - that

_resource_remote_desktop./MGM/S01.domain' set to 'RVM'

resource_remote_desktop./MGM/S01.password' set to '**********'

resource_remote_desktop./MGM/S01.username' set to 'TESTUSEr'

 

but still - get a logon prompt when i launch RDP

0 Kudos

Stanislas_Piro2
Cumulonimbus
Cumulonimbus

‎23-Jun-2019 22:32

Did you set a ssl profile to the vs?

 

if yes, don’t use APM default server ssl but serverssl.

 

i got issues with sso because APM did not trust rdp server CA (not listes in trusted ca defined in this ssl profile)

0 Kudos

mawan_revera
Altostratus
Altostratus

‎24-Jun-2019 00:03

hi - i am using server ssl

0 Kudos

mawan_revera
Altostratus
Altostratus

‎24-Jun-2019 00:04

0691T000005l8R9QAI.jpg

0 Kudos

Stanislas_Piro2
Cumulonimbus
Cumulonimbus

‎24-Jun-2019 10:44

Is the variable session.logon.last.password1 encrypted?

 

In variable assign for password, set it as secured and use expression

 

expr { "[mcget -secure session.logon.last.password1]" }

0 Kudos

mawan_revera
Altostratus
Altostratus
In response to Stanislas_Piro2

‎24-Jun-2019 19:04

no luck

0 Kudos

mawan_revera
Altostratus
Altostratus

‎24-Jun-2019 19:04

no luck

0 Kudos
Copyright © 2023 Khoros, LLC