Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2158
Views
0
Helpful
4
Replies

RDS 2012r2 installation

Daniel_Leung
Level 1
Level 1

‎09-21-2016 10:38 AM

Hi,

I have a RDS2012r2 and I want to install DUO on it. I have no idea which is the best way to do.
(1) I have users direct connect to the RDS server using RDP connection.
(2) I have users use RemoteAPP on Android to connect RDS server
(3) I have users use RDWEB to connect RDS server

My best guess is to install Microsoft RD Gateway + Microsoft RDP. the question is if it is possible to install both onto the same server?

Or any idea?

Labels:
0 Helpful
4 Replies 4

Greg9
Level 1
Level 1

‎09-22-2016 08:45 AM

Hi Daniel,

Great question. There’s quite a few options for protecting RDS with Duo, and due to limitations of RDS, a caveat comes with each.

If you’d like to continue to use RemoteApp, installing Duo on RD Web is not a great option. Installation of Duo Authentication for RD Web effectively disables the use of RemoteApp because there is not a method for two-factor authentication when the RemoteApp and Desktop Connections client accesses the “/rdweb/pages/webfeed.aspx” or “rdweb/feed/webfeed.aspx” URLs.

If you opt to instead install Duo on the RD Gateway, your authentication factors are limited to Duo auto-mode (automatically receiving a push or a phonecall on your default device).

How many session hosts do you have? Unless it’s an unmanagable amount, due to the use cases you’re trying to support, I’d actually recommend looking at our RDP/Winlogon integration route: installing Duo for Windows Logon and RDP (duo.com/docs/rdp) on each of your session hosts. In this instance, regardless of how an end-user connects to the host, they will be challenged for 2FA.

Interested to hear your thoughts on this suggestion!

-Greg

0 Helpful

Daniel_Leung
Level 1
Level 1
In response to Greg9

‎09-22-2016 10:40 AM

Thank Greg,

So, Can I install “Microsoft RD Gateway” and “Microsoft RDP” onto the same server?

Daniel.

0 Helpful

Greg9
Level 1
Level 1

‎09-22-2016 12:10 PM

Hey Dan, sure thing. There’s no technical limitation preventing Duo for RD Web and Duo for RDP/Winlogon being installed on the same server. That said, it might be redundant or unnecessary. Is your RD Gateway the same server as your session host? If so, consider the RDP/Winlogon route.

-Greg

0 Helpful

Daniel_Leung
Level 1
Level 1

‎09-22-2016 03:08 PM

Yes, RDWEB, session host, RD gateway, RDP are on the same server

0 Helpful
Quick Links
     
                  Duo Release Notes   Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents