question

MarianHercek-3024 avatar image
0 Votes"
MarianHercek-3024 asked ·

Remote Desktop Services with Azure MFA architecture

What is minimum number of servers to deploy Remote Desktop Services (Session-based) with Azure MFA?
What is recommended server roles location?

Example: minimum number of server is 3; recommended roles location: server 1: RD Connection Broker, RD Gateway, server 2: RD Session Host, RD Web Access, server 3: NPS

windows-remote-desktop-servicesazure-ad-multi-factor-authentication
· 1
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi,
Have you checked if below answers help?
If they are helpful, please do not forget to accept the answers.

Thanks

0 Votes 0 ·

1 Answer

amanpreetsingh-msft avatar image
0 Votes"
amanpreetsingh-msft answered ·

Hi @MarianHercek-3024 · Thank you for reaching out.

You need minimum 3 servers to deploy Remote Desktop Services with Azure MFA as mentioned below:

Server 1 - Domain Controller with NPS Role and NPS Extension installed. (On-premises AD must be synced to Azure AD)
Server 2 - RD Gateway and NPS Role.
Server 3 - RD Sessions Host and RD Web Role.

  • NPS role must be installed on at least 2 servers, one can be DC or Member server and the other needs to be RD Gateway.

  • NPS extension cannot be installed on RD Gateway.

  • If you are going to use only one RD Sessions host, you don't need to install RD Connection Broker as it is required when multiple RD Session hosts are in a load balanced environment.


Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.