Integrate Azure Application proxy with remote desktop service and enable SSO

Question

Hi all.

I have setup 3 windows server 2022 for my 3 remote desktop services components ( 1 for Croker, 1 for host and 1 for gateway and web client), Also I successfully integrated with azure application proxy.

My question: is there anyway that I can enable SSO so the users when verified their identity through azure doesn't prompt to put their username and password again in the web client page ?

Answer 1

Hello,

Yes, you can configure Single Sign-On (SSO) to streamline user authentication so that users do not need to enter their credentials multiple times. Here are the steps you can follow to enable SSO for Remote Desktop Services (RDS) when integrated with Azure AD Application Proxy:

1. Configure Azure AD:

Make sure your RDS setup is properly integrated with Azure AD. This involves setting up Azure AD Application Proxy and ensuring your applications are correctly published.

2. Enable Azure AD Seamless SSO:

In the Azure AD portal, navigate to Azure Active Directory > Azure AD Connect > Seamless single sign-on.

Make sure the feature is enabled and properly configured.

3. Add a Kerberos Authentication:

In the Azure AD portal, under Azure AD Connect, configure the Azure AD Seamless SSO Kerberos authentication.

4. Make Use of AD FS (Active Directory Federation Services):

If you're using AD FS, make sure it is configured with Azure AD to support SSO.

5. Configure Remote Desktop Web Client for SSO:

On your RDS deployment, ensure that the Web Access role is properly configured to use integrated authentication.

Update the Web Access configuration to pass through the authenticated user's credentials to the remote resources.

6. Testing:

Test the configuration by signing in to the Azure portal and accessing your RDS Web Client to ensure users are not prompted for credentials again.

---

If the Answer is helpful, please click Accept Answer and upvote it.