cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1011
Views
0
Helpful
3
Replies

Conditional MFA

BWeaver1
Level 1
Level 1

Hello,

Lets say I have 2 applications configured. Radius for VPN and Microsoft RDP for desktop logins. I have 20 users enrolled. All 20 users must use MFA to connect to VPN. Now I only want 5 of my 20 users to require MFA for RDP. The other 15 enrolled user should be able to log into windows without MFA. How do I set this up? I have my users broken into groups but it I can’t figure out how to bypass those 15 users in the Microsoft RDP application.

Kind regards,
BWeaver

3 Replies 3

BWeaver1
Level 1
Level 1

Okay, I think I figured this out. I’d love if someone could confirm I am doing this correctly.

Microsoft RDP application policy settings:
MFA required policy applied to MFA required group
Application policy set to not require MFA for any user

Thanks!

Hi @BWeaver,

This is indeed the way I’d do it.

Regards,
Antony Gallez

Hey @BWeaver ! Your plan looks right to me.

Duo, not DUO.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Quick Links