Clientless SSL - Forward usrname/pwd to 2008

Unanswered Question
Aug 12th, 2010

Currently using the rdp plugin setup as bookmarks and they all point to windows 2003 terminal servers.  Using the following strings in the bookmarks, our users usernames/passwords forward to the terminal servers just fine and they don't have to enter any info after signing into the ssl/vpn front page on the asa.

rdp://10.10.1.91/?csco_sso=1&RedirectDrives=true&RedirectPrinters=true

Again, that works fine for 2003 servers..

However, we're rolling our windows 2008 r2 remote desktop servers now.  Using the same string, the printers and drives hook up just fine, however the users are prompted for their username or password, so something about 2008 doesn't like the "csco_sso=1" area there.  Anyone know if there's a new command to use for 2008 so the sso portion works?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Todd Pula Thu, 08/12/2010 - 10:44

Please provide the version of ASA code and RDP Java plug-in that you are testing with.  Thank you.

Todd Pula Thu, 08/12/2010 - 14:40

I just tested this out and was seeing a modulus error when testing against my Windows 2008 server with the RDP plug-in.  I then installed the RDP2 plug-in and modified my bookmkark accordingly and am now able to access the server.  Please give this other plug-in a try.  You can download it from the link below.

http://tools.cisco.com/support/downloads/go/ImageList.x?relVer=1.1.1&mdfid=280582808&sftType=Remote+Access+Plugins+for+Adaptive+Security+Appliance+%28ASA%29&optPlat=&nodecount=2&edesignator=null&modelName=Cisco+ASA+5505+Adaptive+Security+Appliance&treeMdfId=268438162&treeName=Security&modifmdfid=null&imname=&hybrid=Y&imst=N&lr=Y

snooter Fri, 08/13/2010 - 05:25

Did you get your criedentials to forward through to the rdp server or did you have to enter your user/pwd again?  If the forward worked for you, what did you use in the bookmark string?

Todd Pula Mon, 08/16/2010 - 08:40

I only had to enter my credentials for the initial WebVPN portal authentication.  I did not have to enter my credentials again for the RDP session.  My bookmark is as follows:

rdp2://1.1.1.1/?DesiredColor=4&DesiredHRes=1024&DesiredVRes=768&csco_sso=1

snooter Tue, 08/17/2010 - 13:22

Strange, using your above url it won't pass my credentials along.  It connects, but then displays invalid username or password, I have to hit ok and  then it shows me I'm the user "LocalServer\MyUsername" and is asking for the password.


When I sign into our webvpn portal, it authenticates to a 2008 R2 domain controller....if it matters.  For some reason it's not passing the domain\username properly for me..

rdp2://Server_IP/?csco_sso=1

Actions

This Discussion

Related Content