I have an issue with client PC's getting multiple login requests to get an RDP session via RD gateway.
This configuration only uses RDGW and RDweb roles. there is no RDS deployment, we only use this gateway for remote desktop passthough.
I have a valid, trusted 3rd party certificate for the external DNS name.
Forms authentication is enabled on RDWEB site in IIS.
The RDgw server is a domain member and can authenticate logins to AD directly.
Client logs in to RDweb with domain credentials, tries to 'Connect to remote PC' then gets prompted for credentials for the RD GW server then again for the destination server to rdp (2008r2).
From here the behaviour is inconsistent depending what OS the client pc is.
On a windows 10 client, if I check 'remember password' from then on in it works seamlessly (although I shouldn't be getting requested to authenticate again in the 1st place)
On Win7 client, after authenticating multiple times and checking remember password, the destination internal server kicks back a message saying the 'admin does not allow saved credentials'. If I supply the password again I can get in.
Note that connecting RDP to the SAME server from the same client when directly attached to the internal network either locally or via VPN I do not get this message about not allowing saved creds and it just connects RDP session so this only occurs when coming in via the RDgw. (NB it also happens when just using mstsc.exe client)
How do I get SSO working with Rdweb, and why does this message about 'admin does not allow saved creds' only occur on Win7 clients, and then only when accessing via the RDGW
There are many posts about this same issue but I haven't seen any fixes applicable to my case
thanks