![]() ![]() True SSO Integration: Enable this setting on the connection broker to allow SSO to the desktop using True SSO.For more information, see the Microsoft documentation Note: If channel binding is enabled, confirm that NTLMv2 is turned on using the LMCompatibilityLevel switch and that the security level 3 or higher in the user environment. On the connection broker instance, enable the Accept logon as current user setting to allow the connection broker instance to accept the user identity and credential information that is passed when users select Log in as current user in the Options menu in Horizon Client.The session object resides in volatile memory and is not stored in Horizon LDAP or in a disk file. The session object is destroyed when the user logs out, the session times out, or authentication fails. The credentials are added when authentication occurs and are purged when the session object is destroyed. ![]() On the connection broker instance, user credentials are encrypted and stored in the user session along with the username, domain, and optional UPN.To support this feature, user credentials are stored on both the connection broker instance and on the client system. For more information, see "Authentication with Windows Hello for Business" in the Horizon Administration document. If you are enrolled with Windows Hello for Business with certificate trust on the client system, Windows Hello for Business issued user logon certificate is used for single sign-on to the Horizon Agent system. No further user authentication is required. With Horizon Client for Windows, when users select Log in as current user in the Options menu, the credentials that they provided when logging in to the client system are used to authenticate to the connection broker instance and to the remote desktop using Kerberos. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |