![]() ![]() So the first authentication is on the website, and when you click the link you are presented by the RDP login where you use the Tokencode to login. There is 1 workaround and that is not doing the 2FA against the RDS gateway, but do this in the RDS Servers. so when you open the RDP link localy you bypass the 2FA. I have not found a solution for this yet. With 2FA you only authenticate with 2FA against the RDWEB, not the RDP. this RDP link can also be opened directly without going to the RDWEB web page. this because of the RDP authentication is different then the RDWEB authentication part.Īnother thing to consider is the RDP part, without 2FA you click on the RDP link and the RDP link is downloaded to the client. You just need to point authentication traffic to NPS (RADIUS) and users will be prompted for MFA in the same manner. ![]() ![]() You would use the same NPS server to authenticate users logging into RDS. This works fine, only as far as i know there is no SSO yet. See the 'Azure AD' link, comparing available MFA functionality between tiers for more details. (the connection is devided into 2 parts, first the RDWEB authentication (IIS) and then a RDP, AD vcuramichael, It is also possible to do this with the NPS and forward the radius request to the Fortiauthenticator. 1) Click the Search Windows Button in the Windows Task Bar. Any current connections through RD Gateway being updated will be disconnected until Server is back online and receiving connections again. The only problem is the SSO part, i did not found out yet how to push the credentials to the RDP part of the connection. A Maintenance Window will be required as server will need to be restarted. In our environment we used the Fortiweb in front of the RDS Gateway.
0 Comments
Leave a Reply. |