A. When users click an application in RDS Web Access with normal RDS Web Access (formally known as TS Web Access), they're prompted for their credentials, even though they already entered their credentials when they accessed RDS Web Access using form-based authentication.

In Server 2008, you had to follow a complex set of instructions around configuring Kerberos delegation for the terminal servers to enable SSO for TS Web Access, but the situation with Server 2008 R2 is much easier. The only requirements for SSO are that the published applications are signed using an SSL certificate and the RDS Web Access server is a member of the TS Web Access Computers group on the Remote Desktop session hosts.

If both of the above criteria are met, when users click a published application on RDS Web Access, they won't be prompted for credentials. The application will automatically launch using the credentials entered in the RDS Web Access logon form.

Related Reading:

Check out hundreds more useful Q&As like this in John Savill's FAQ for Windows. Also, watch instructional videos made by John at ITTV.net.