Azure MFA with Azure AD and RDS

-

i have setup following lab in azure , need help.

a server (domain controller) , remote desktop services.

and server multi factor authentication server.

i have setup following one http://www.rdsgurus.com/uncategorized/step-by-step-using-windows-server-2012-r2-rd-gateway-with-azure-multifactor-authentication/

and when im connecting got following error.

the user "domain\username", on client computer "xxx.xxx.xxx.xxx", did not meet connection authorization policy requirements , therefore not authorized access rd gateway server. authentication method used was: "ntlm" , connection protocol used: "rpc-http". following error occurred: "23003".

also on security log i've got following

authentication details:
connection request policy name: ts gateway authorization policy
network policy name: -
authentication provider: radius proxy
authentication server: test.test.local
authentication type: -
eap type: -
account session identifier: -
reason code: 113

reason: the remote radius (remote authentication dial-in user service) server group not exist.

i have setup cap allow domain users... register nps active directory....

i don't know else do.

can on that?

thanks


hi alex,

i suggest configure remote radius server group via nps.msc following article below:

configure remote radius server groups nap

https://msdn.microsoft.com/en-us/library/dd296908(v=ws.10).aspx

in addition, when users trying connect, please ensure correct domain name has been entered part of user credentials.

best regards,

amy 

please remember mark replies answers if , un-mark them if provide no help. if have feedback technet subscriber support, contact tnmff@microsoft.com.



Windows Server  >  Remote Desktop Services (Terminal Services)



Comments

Post a Comment

Popular posts from this blog

Failed to delete the test record dcdiag-test-record in zone test.com

-
ps c:\users\administrator.test> dcdiag /test:dns directory server diagnosis performing initial setup:    trying find home server...    home server = dc02    * identified ad forest.    done gathering initial info. doing initial required tests    testing server: default-first-site-name\dc02       starting test: connectivity          ......................... dc02 passed test connectivity doing primary tests    testing server: default-first-site-name\dc02       starting test: dns          dns tests running , not hung. please wait few minutes...          ......................... dc02 passed test dns    running partition tests on : forestdnszones    running partition tests on : domaindnszones    running partition tests on : schema ...
Read more

Invalid pointer on gpresult /h gpreport.html

-
hello guys i getting following error when trying generate gpresult /h  xxx.html invalid pointer this happening on windows 7 pc using test group policy. tried pc same thing when same gpo applied . hi, try apply some other gpo clients, html report generated succefully? if no, may caused unregistered .dll files, try register .dll files previous thread suggested: http://social.technet.microsoft.com/forums/en-us/winservergp/thread/0ea20c5d-c0ae-457d-89d4-a1686a359e72 if yes, please tell detailed information problematic gpo settings reproduce problem , troubleshooting it. regards, cicely Windows Server  >  Group Policy
Read more