You can publish an RDP gateway with the Web Application Proxy. There is example here.
That's for the access to the gateway. This does not provide SSO when you connect from this gateway to the actual target hosts.
RDS presented to customer org, using ADFS for sso
Hi
We have an RDS 2012R2 environment that we need to present a customer org. for ~ 1000 x users.
Will be RDS web or the RDAC used by customer.
We also have an ADFS farm, externally accessible.
We can add in the customer's ADFS as a claims provider trust, so that when they enter their creds at our ADFS it redirects to theirs for auth > send token back to our ADFS and hopefully logs them into our RDS web environment? Is this supported?!
Are we able to use WAP in conjunction with RDS to present ADFS authentication to our customers?
As obviously we don't wish to enter 1000 x users into our AD.
End goal being that joe@customerorg.uk can authenticate as himself to our RDS Web or RDAC.
However, in this scenario not sure how we would assign resources to the customer given they are not known by our AD/RDS for group assignment?
2 answers
Sort by: Most helpful
-
Pierre Audonnet - MSFT 10,166 Reputation points Microsoft Employee
2020-08-04T20:15:08.447+00:00 -
9704244848 186 Reputation points
2020-08-09T13:14:08.393+00:00 In addition to piaudonn's comment, I can recommend the following links:
https://web.archive.org/web/20180619155432/http://blog.tmurphy.org/2015/06/securing-rd-gateway-with-web.html
https://www.petenetlive.com/KB/Article/0001143