RDS 2012r2 installation



I have a RDS2012r2 and I want to install DUO on it. I have no idea which is the best way to do.
(1) I have users direct connect to the RDS server using RDP connection.
(2) I have users use RemoteAPP on Android to connect RDS server
(3) I have users use RDWEB to connect RDS server

My best guess is to install Microsoft RD Gateway + Microsoft RDP. the question is if it is possible to install both onto the same server?

Or any idea?


Hi Daniel,

Great question. There’s quite a few options for protecting RDS with Duo, and due to limitations of RDS, a caveat comes with each.

If you’d like to continue to use RemoteApp, installing Duo on RD Web is not a great option. Installation of Duo Authentication for RD Web effectively disables the use of RemoteApp because there is not a method for two-factor authentication when the RemoteApp and Desktop Connections client accesses the “/rdweb/pages/webfeed.aspx” or “rdweb/feed/webfeed.aspx” URLs.

If you opt to instead install Duo on the RD Gateway, your authentication factors are limited to Duo auto-mode (automatically receiving a push or a phonecall on your default device).

How many session hosts do you have? Unless it’s an unmanagable amount, due to the use cases you’re trying to support, I’d actually recommend looking at our RDP/Winlogon integration route: installing Duo for Windows Logon and RDP (duo.com/docs/rdp) on each of your session hosts. In this instance, regardless of how an end-user connects to the host, they will be challenged for 2FA.

Interested to hear your thoughts on this suggestion!



Thank Greg,

So, Can I install “Microsoft RD Gateway” and “Microsoft RDP” onto the same server?



Hey Dan, sure thing. There’s no technical limitation preventing Duo for RD Web and Duo for RDP/Winlogon being installed on the same server. That said, it might be redundant or unnecessary. Is your RD Gateway the same server as your session host? If so, consider the RDP/Winlogon route.



Yes, RDWEB, session host, RD gateway, RDP are on the same server