Hi David,
Thank you for that, interesting
------ Original Message ------
From: "drhy" <[email protected]>
To: [email protected]
Sent: 3/4/2020 2:52:28 PM
Subject: Re: Using 2 factor authentication with Active Directory
CAUTION: This email originated from outside your organization. Exercise caution
when opening attachments or clicking links, especially from unknown senders.
We are using 2 factor authentication for all access outside of our secure
offices. The 2FA is Microsoft Azure MFA for all access except our IIS
extranet which uses the installed Microsoft Authentication Server
(previously "PhoneFactor"), and both methods use the Microsoft Authenticator
app on iOS and Android.
The latest 1.1.0 version of Guacamole is providing a very performant means
of securing RemoteDesktop access to Microsoft Windows computers and Windows
Servers, so we no longer need to allow users direct access to RDP from
outside our secured offices. Our Guacamole server is accessing our Windows
Network Policy Server ("NPS") which is authenticating against Windows Active
Directory. Installing the Azure MFA plugin into NPS triggers Azure MFA
authentication before a user is fully authenticated.
We also use Azure AD Connect to sync the AD to Azure AD for Office 365
authentication, which is configured to use Microsoft MFA.
As an aside, our VPNs authenticate against the same NPS, therefore also
using Azure MFA authentication.
Notes on what we've done can be found in the post:
http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/Guacamole-1-1-0-with-MySQL-Radius-and-https-Step-by-step-tp7151.html
-David
--
Sent from:
http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
