I am unable to use SSO to connect to any of my Terminal Servers. I am always\nprompted to logon to the server even though the RDP client says "your windows\nlogon credentials will be used to connect".\n\n- Terminal Server\n- Win2k8x64 SP2\n- Credentials Delegation (any service) using kerberos enabled through AD\n- TS Security Layer = Negotiate\n- TS Encryption Level = Client compatible\n- TS set to "Use client-provided log on information"\n- Kerberos logging enabled\n- kerberos debug logging enabled\n- Client (Vista or Win2k8 server... both produce the same results)\n- Default and Fresh credentials set for delegation to TS for both kerberos\nand NTLM-only.\n- kerberos logging enabled\n- kerberos debug logging enabled\n\nWhen I attempt the connection, I get the Win2k8 logon screen. The TS logs\nan error - Security-Kerberos Event ID 3, 0xd KDC_ERR_BADOPTION, 0xc00000bb\nKLIN(0). The client doesn't log anything. I show an appropriate TERMSRV\nticket on the client. Neither the TS or the client are logging anything in\nthe LSASS.log file even though debug logging is enabled through the registry\n(LogToFile = 1, KerbDebugLevel = 0xc0000043).