Your network consists of a single Active Directory domain. The network contains a Remote Desktop
Session Host Server that runs Windows Server 2008 R2, and client computers that run Windows 7.
All computers are members of the domain. You deploy an application by using the RemoteApp
Manager. The Remote Desktop Session Host Server’s security layer is set to Negotiate. You need to
ensure that domain users are not prompted for credentials when they access the application. What
should you do?
A.
On the server, modify the Password Policy settings in the local Group Policy.
B.
On the server, modify the Credential Delegation settings in the local Group Policy.
C.
On all client computers, modify the Password Policy settings in the local Group Policy.
D.
On all client computers, modify the Credential Delegation settings in the local Group Policy.
Explanation:
Configuration
CredSSP policies, and by extension the SSO functionality they provide to Terminal Services, are
configured via Group Policy. Use the Local Group Policy Editor to navigate to Local Computer
Policy\Computer Configuration\Administrative Templates\System\Credentials Delegation , and
enable one or more of the policy options.
Source: http://technet.microsoft.com/en-us/library/cc749211(WS.10).aspx
One needs to enable the policy on the client computers, because one want to allow the client
computer to reuse the credentials.
Navigate to Computer Configuration | Administrative Templates | System | Credentials Delegation
Enable the Allow Delegating Default Credentials Setting
Add all servers who are trusted for Credential Delegation.
Source: http://technet.microsoft.com/en-us/library/cc749211(WS.10).aspx
