Forum Discussion

Nimbostratus

Sep 30, 2020

Access Policy for Remote Desktop with Azure MFA

I have an access policy for my remote desktop service which is relatively straighforward - logon page (user, password and 2FA token) > AD Auth > Vasco Auth > Resource Assign (Remote Desktop and Webto...

MVP

Feb 27, 2021

no that is not possible as the SAML assertion wont contain the password. it can contain many things (i.e. sAMAccountName if known at the IdP (for Azure AD yes), the domain) but not the password.

a common case to solve SSO after SAML is to use Kerberos delegation, but that doesn't seem possible for RDP.

https://devcentral.f5.com/s/question/0D51T00006j4Kf0/kerberos-support-for-big-ip-rdp-gateway-for-rds-host

https://devcentral.f5.com/s/question/0D51T00007MzgEx/kerberos-auth-for-microsoft-remote-desktop-services-

Forum Discussion

Access Policy for Remote Desktop with Azure MFA

Recent Discussions

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Open Redirection Mitigation

F5Access | MacOS Sonoma

enable tls1.2 on management interface on F5 ltm running version 10.x

[ASM] - what is "Browser Challenge file" ?

Related Content

Federated AWS Console Access Made Easy: F5 BIG-IP Access Policy Manager Access Guided Configurations

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

F5 BIG-IP Access Policy Manager (APM) Machine Tunnels for Windows

Access policy, LTM policy and iRules

APM-DHCP Access Policy Example and Detailed Instructions