If operational requirements mandate continued use of RD CAPs/RAPs, you may want to consider installing Duo for Windows Logon at your RDS Session Hosts instead. The CAPs and RAPs become inaccessible from the Remote Desktop Gateway Manager and previously configured policy settings are ignored by Remote Desktop Gateway. Installing Duo's RD Gateway plugin disables Remote Desktop Connection Authorization Policies (RD CAP) and Resource Authorization Policies (RD RAP). This configuration does not support inline self-enrollment, nor the use of other Duo authentication methods like SMS passcodes, hardware token passcodes, YubiKey passcodes, passcodes generated by Duo Mobile, U2F and WebAuthn security keys, and bypass codes. Users automatically receive a 2FA prompt in the form of a push request in Duo Mobile or a phone call when logging in. OverviewÄuo Authentication for Remote Desktop Gateway adds two-factor authentication to your RemoteApp Access logons, and blocks any connections to your Remote Desktop Gateway server(s) from users who have not completed two-factor authentication when all connection requests are proxied through a Remote Desktop Gateway. Duo integrates with Remote Desktop Web Access (previously Terminal Services) and Remote Desktop Gateway to add two-factor authentication to RD Web and RemoteApp logons.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |