cancel
Showing results for 
Search instead for 
Did you mean: 

Terminal Sessions Bookmarks SSO

SOLVED
Highlighted
Occasional Contributor

Terminal Sessions Bookmarks SSO

Hi,

Is there anyway to create terminal services bookmarks which are single sign on?

Cheers

Graham

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Frequent Contributor

Re: Terminal Sessions Bookmarks SSO

Yes - you are correct.

 

User can only map the username from the login and not the password - the reason being, normally - the when SSO is enabled - the SA can cache the username and password which is secured and this is used to relay it back to the server, so that the backend server thinks that the client (you) is trying to login while it's done by the SA for you.

 

In this case, since the user is creating the bookmark - storing the password on any cookie / client machine on the fly is insecure and thus, we only give permission to map the username. However, the password can be stored manually on a browser.

 

Hope the above answers your question.

 

 

 

Please mark this post as 'accepted solution' if this answers your question that way it might help others as well, a kudo would be a bonus thanks

View solution in original post

3 REPLIES 3
Frequent Contributor

Re: Terminal Sessions Bookmarks SSO

Graham,

 

Please check for the KB - KB9565

 

Hope that should help you.

 

 

 

 

Please mark this post as 'accepted solution' if this answers your question that way it might help others as well, a kudo would be a bonus thanks

Highlighted
Occasional Contributor

Re: Terminal Sessions Bookmarks SSO

Sorry not from admin side from the user side - It looks like all you can do is map the username from the login not the password? Is it not possible for the user themselves to create a bookmark with full SSO?

Cheers

Graham

Highlighted
Frequent Contributor

Re: Terminal Sessions Bookmarks SSO

Yes - you are correct.

 

User can only map the username from the login and not the password - the reason being, normally - the when SSO is enabled - the SA can cache the username and password which is secured and this is used to relay it back to the server, so that the backend server thinks that the client (you) is trying to login while it's done by the SA for you.

 

In this case, since the user is creating the bookmark - storing the password on any cookie / client machine on the fly is insecure and thus, we only give permission to map the username. However, the password can be stored manually on a browser.

 

Hope the above answers your question.

 

 

 

Please mark this post as 'accepted solution' if this answers your question that way it might help others as well, a kudo would be a bonus thanks

View solution in original post