Azure mfa NPS extension RDS Gatway method

larsjuhk 1 Reputation point
2020-07-09T09:50:32.133+00:00

Hi there,
I´ve setup RDS Gateway onprem with Azure MFA NPS extension, but it seems it only works with Auth. App as method ? so no txt or call ? is that true?
Thank you

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,650 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Sander Berkouwer 166 Reputation points
    2020-07-09T10:42:03.267+00:00

    The available methods depend on:

    • The methods available through the interface of the RADIUS client (the appliance/device/server being signed in to). If this interface does not offer to insert a text value, then you can't use the SMS-based one-time password or the hardware token-based one-time password verification method.
    • The verification options available in the legacy PhoneFactor portal experience. When a method is disabled there, than it won't be available for any multi-factor authentication prompt, including through NPS.
    • Security Defaults. When this Azure AD feature is enabled, than the Authenticator App notification is the only method available for multi-factor authentication.
    0 comments
  2. AmanpreetSingh-MSFT 56,311 Reputation points
    2020-07-09T11:07:10.12+00:00

    @geniadk RDP interface don't have an option to type in the OTP that you receive via SMS. So, in case of RDP, you can use only those methods which don't require user input for second factor authentication.

    Supported methods are: Phone call, Authenticator app with notification.
    Unsupported methods are: SMS, Authenticator app with PIN.

    Please do not forget to "Accept the answer" wherever the information provided helps you. This will help others in the community as well.

    0 comments