Forum Discussion

Nimbostratus

Sep 30, 2020

Access Policy for Remote Desktop with Azure MFA

I have an access policy for my remote desktop service which is relatively straighforward - logon page (user, password and 2FA token) > AD Auth > Vasco Auth > Resource Assign (Remote Desktop and Webto...

application delivery

Azure

BIG-IP Access Policy Manager (APM)

boneyard

MVP

Feb 27, 2021

no that is not possible as the SAML assertion wont contain the password. it can contain many things (i.e. sAMAccountName if known at the IdP (for Azure AD yes), the domain) but not the password.

a common case to solve SSO after SAML is to use Kerberos delegation, but that doesn't seem possible for RDP.

https://devcentral.f5.com/s/question/0D51T00006j4Kf0/kerberos-support-for-big-ip-rdp-gateway-for-rds-host

https://devcentral.f5.com/s/question/0D51T00007MzgEx/kerberos-auth-for-microsoft-remote-desktop-services-

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Access Policy for Remote Desktop with Azure MFA

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

GRPC through F5 Virtual Server [RST_STREAM with error code: INTERNAL_ERROR]

[ASM] - How to disable the SQL injection attack signatures

[ASM] : SQL-INJ "end-quote UNION" - How to allow this signature to specific url/uri/parameter only

Changes to DO and AS3 GitHub - no longer monitored

[ASM] : "Request length exceeds defined buffer size " - How to increase the limit ?

Related Content

APM-DHCP Access Policy Example and Detailed Instructions

KASM Workspaces Integration with F5 BIG-IP Access Policy Manager (APM)

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

F5 BIG-IP Access Policy Manager (APM) Machine Tunnels for Windows

Federated AWS Console Access Made Easy: F5 BIG-IP Access Policy Manager Access Guided Configurations

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS