Remote Desktop access Prompts for double login when Credential Provider is installed.
Article ID: 281568
Updated On: 04-03-2024
Products
Issue/Introduction
After implementing Credential Provider users are getting Prompted twice for their Credentials. Without Credential Provider they are only prompted once.
Environment
Identity Manager Credential Provider.
Resolution
This is expected behavior.
Since Credential Provider is installed on the Remote machine it is not called to check passwords until you have actually reached the remote server. When using the Default Windows Credential provider Windows is able to prompt for the password on the same system where the remote desktop connection originates from.
When we setup Credential Provider and then attempt to Remote Desktop into that server we are presented first with the Remote Desktop dialog which is prompting for Computer and Username:
Then once Remote Desktop has established a connection to the remote server, the CA Credential Provider is called and prompts for the password:
This is the same functionality that we see with the default Windows Credential Provider, the only difference is where the Password prompt appears.
We are first prompted for the Computer and Username:
Then Windows Credential Provider prompts for the Password:
The difference is that the Windows default credential provider will prompt for Password on the originating system, whereas the CA Credential Provider is not invoked, and therefor cannot prompt for Password, until you actually reach the remote server.
Additional Information
This functionality can also be impacted by Single Sign on configurations. With an Single Sign on configuration the default Windows Credential Provider might get the users credentials from the originating system making it appear that no credentials needed to be entered into the Remote Desktop connection.
Feedback
