tag:blogger.com,1999:blog-6293099363289106257.post1344020574534800247..comments2024-03-18T07:16:43.144+01:00Comments on The Microsoft Platform: Using Windows Server 2012 R2 RD Gateway with Azure Multifactor AuthenticationFreek Bersonhttp://www.blogger.com/profile/12038184330882338623noreply@blogger.comBlogger5125tag:blogger.com,1999:blog-6293099363289106257.post-28845666763651712442015-08-24T23:34:24.680+02:002015-08-24T23:34:24.680+02:00Have you ever attempted this with another Multi-Fa...Have you ever attempted this with another Multi-Factor vendor? I'm attempting to setup an RD Gateway environment using Symantec's multi-factor solution, and the logs on that server combined with a Wireshark trace make me believe that the RD Gateway server isn't forwarding the password attribute.Josh Mhttps://www.blogger.com/profile/15243791208036166188noreply@blogger.comtag:blogger.com,1999:blog-6293099363289106257.post-63300464985028525202015-03-04T15:18:48.480+01:002015-03-04T15:18:48.480+01:00This comment has been removed by the author.Anonymoushttps://www.blogger.com/profile/06529373671120069230noreply@blogger.comtag:blogger.com,1999:blog-6293099363289106257.post-4051382384265500862015-03-04T14:07:53.959+01:002015-03-04T14:07:53.959+01:00Hi Freek - Thank you for your response. We dont ge...Hi Freek - Thank you for your response. We dont get the second request when not using MFA. All components are using a third party wildcard SSL certificate.<br /><br />It seems that the problem is that the client passes RAP in NPS then it goes to MFA for CAP and prompts us for a OTP and then it connects to the broker. When it has connected to the broker it repeats this process and goes back to MFA for CAP when connecting to the session host.<br /><br />It seems that once it has authenticated against the broker it should then trust that authentication and pass you through to the session host?<br /><br />Do you have idea what we have configured incorrectly?<br /><br />CheersAnonymoushttps://www.blogger.com/profile/06529373671120069230noreply@blogger.comtag:blogger.com,1999:blog-6293099363289106257.post-39051314517089279242015-03-03T07:35:54.099+01:002015-03-03T07:35:54.099+01:00Yes, I have this running in multiple environments ...Yes, I have this running in multiple environments with multiple dedicated RD Connection Broker and RD Session Host servers. There should not be a second authentication request. Do you also het a second request when not using MFA? It might be related to certificated in the RDS environment.Freek Bersonhttps://www.blogger.com/profile/12038184330882338623noreply@blogger.comtag:blogger.com,1999:blog-6293099363289106257.post-37277162566593059202015-02-27T13:19:23.102+01:002015-02-27T13:19:23.102+01:00Have you got this working when you have a separate...Have you got this working when you have a separate RDS broker server? we are trying to do this but Azure MFA sends us two text messages as it authenticates with the broker server and then the session host servernigehttps://www.blogger.com/profile/18332572698153923977noreply@blogger.com