Host Control Panel Authentication Considerations for RDS Sessions
If the Host Control Panel is launched from a Remote Desktop Services server console session, it will attempt to connect to the Root Host service running in the console session. Because the Root Host is capable of listening for connections, the Host Control Panel can use a peer-to-peer connection to communicate with the Root Host. By default, the Host Control Panel will attempt to use the credentials that were used to log into the console session; if this is disabled (either by deselecting this option under Simple Password Configuration on the Security tab or disabling the Access Host Tray Icon permission on the Admin Security tab for Windows Authentication Configuration), the Host Control Panel user will be asked to authenticate directly to the Root Host for access.
If the Host Control Panel is launched inside a Remote Desktop Services session with a Host instance running, two different sets of credentials may be required. First, the Host Control Panel user will need to present credentials to authenticate to the Gateway; if accepted, the user will then need to present credentials to authenticate to the Host instance (similar to Master connecting through the Gateway to a Host configured for Windows Authentication). If the credentials used to authenticate to the Gateway are also acceptable by the Host instance (which would be the case if the Gateway and the RDS server are in the same domain), then only one set of credentials will be needed. However, if they are not acceptable (i.e. the Gateway and RDS server are in different domains), then Host Control Panel user will be asked to present a second set of credentials specifically for authenticating to the Host instance. In general, the configuration options for Host instance are similar to those available for installed Host application. Please refer to specific tabs below to see any differences.
