Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1096
Views
0
Helpful
3
Replies

SSO for OWA or RDP?

Go to solution
mauricej341
Level 1
Level 1

‎12-03-2021 11:27 AM

Hello all,

We’re using Duo SSO for our VPN authentication, and I was wondering if there is a way to use SSO for either Outlook Web Access or RDP connections as well? Looking at the list of supported applications in our portal, I didn’t see SSO as an option for either, but, was curious if anyone had managed to make that work with those services.

Thanks

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
jamieis
Cisco Employee
Cisco Employee
In response to mauricej341

‎12-09-2021 06:21 AM

It would get installed directly onto each host. You can do this in a few different ways but the majority deploy it via Active Directory Group Policy.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
jamieis
Cisco Employee
Cisco Employee

‎12-03-2021 12:24 PM

Hi @mauricej341,

Duo SSO can be used to protect any applications that let you set up SAML authentication. I don’t believe you can do this with Outlook Web Access but would be able to with Microsoft 365 web hosted mail using [Duo Single Sign-On for Microsoft 365 | Duo Security].

Duo SSO can’t natively work with RDP but we do have currently in Public Preview Duo Network Gateway support for RDP. The Duo Network Gateway is a customer-hosted server that can proxy connections between external users and internal services and can use Duo SSO as its SAML IdP.

In this scenario instead of using Duo Authentication for Windows Logon and RDP you’d set up the Duo Network Gateway to interface with your RDP servers and would not need to directly expose them to the public internet or require users to VPN to access them. When they go to authenticate to their RDP servers using Remote Desktop they’d have a browser window pop up to complete Duo SSO authentication before then being connected to the RDP server to complete normal authentication.

0 Helpful

Go to solution
mauricej341
Level 1
Level 1
In response to jamieis

‎12-09-2021 05:47 AM

Hi @jamie

Thank you for the info!

Another thing I was trying to figure out, with the Duo for Windows Logon and RDP – Is that installed directly on to, and enabled, per host? Or would it be applied to all RDP hosts within a domain?

Thanks

0 Helpful

Go to solution
jamieis
Cisco Employee
Cisco Employee
In response to mauricej341

‎12-09-2021 06:21 AM

It would get installed directly onto each host. You can do this in a few different ways but the majority deploy it via Active Directory Group Policy.

0 Helpful
Quick Links
     
                  Duo Release Notes   Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents