none
Azure MFA with RDS only works when Gateway is Specified RRS feed

  • Question

  • I have deployed an RDS server with all the roles installed including the Gateway , this Terminal server wont be externally available i have a local Azure MFA server which is working i can get an MFA request on my phone with no problem 

    However my issue is , this only works when the Gateway is specified e.g 

    In the connection settings if i do not specify my gateway remote.mydomain The MFA will not kick in the connection to the Terminal server will just go straight through , which makes the MFA pretty much pointless if a user will only get prompted for MFA if the Gateway is specified.What i want to know is , is there a way to force it to always use the Gateway or force MFA to be enforced regardless on the sever

    Has anyone else encountered this ?

    Thursday, July 11, 2019 11:45 PM

All replies

  • Hi,

     

    I am not sure if you have met the prerequisites when integrating RD Gateway with MFA:

    • A domain-joined Azure MFA Server. If you don't have one installed already, follow the steps in Getting started with the Azure Multi-Factor Authentication Server.
    • An existing configured NPS Server.
    • A Remote Desktop Gateway that authenticates with Network Policy Services.

     

    And may I know how you set up this RDS environment with MFA? Per my understanding, we need to perform configuration on Gateway, NPS as well as Azure Multi-Factor Authentication.

     

    Reference article:

    https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfaserver-nps-rdg

     

    Thanks,

    Jenny


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, July 12, 2019 5:36 AM
  • Hi,

    Is there any update? Please feel free to let us know if more assistance needed.

     

    Have a nice day.

     

    Thanks,

    Jenny


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, July 15, 2019 6:43 AM
  • Hi,

    Just checking in to see if the information provided was helpful.

    Please let us know if you would like further assistance.

     

    Thanks,

    Jenny


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, July 17, 2019 2:53 AM