{"id":119,"date":"2020-04-22T17:34:00","date_gmt":"2020-04-22T15:34:00","guid":{"rendered":"http:\/\/ygr-tech-blog.azurewebsites.net\/?p=119"},"modified":"2020-05-06T21:20:22","modified_gmt":"2020-05-06T19:20:22","slug":"integration-azure-mfa-in-rds","status":"publish","type":"post","link":"https:\/\/www.graber.cloud\/en\/integration-azure-mfa-in-rds\/","title":{"rendered":"Integration of Azure MFA in an RDS environment"},"content":{"rendered":"<p class=\"translation-block\">This blog post explains how to set up <em>Azure Multi-Factor Authentication <\/em> for your On-Premises Remote Desktop Service (RDS) environment. The blog post is intended for understanding and shows the most important steps for preparation as a step-by-step guide.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Multi-factor authentication<\/h2>\n\n\n\n<p class=\"translation-block\">The concept of <em>Multi-Factor Authentication <\/em>(MFA) is already very common and highly regarded today. Such an authentication consists of several components, not only username and password. Typically these are...<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Something you know (password)<\/li><li>Something you own (a trusted device, e.g. smartphone)<\/li><li>Something you are (fingerprint, face recognition, etc.)<\/li><\/ul>\n\n\n\n<p class=\"translation-block\">The risk of unauthorized access is minimized many times over with the advanced factors of authentication. The Microsoft product <em>Azure Multi-Factor Authentication <\/em> offers exactly these possibilities, both for cloud and their on-premises services. This article focuses on the integration of <em>Azure Multi-Factor Authentication <\/em> into an existing <em>Remote Desktop Service (RDS)<\/em> environment.\n\nTranslated with www.DeepL.com\/Translator (free version)<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Initial situation &amp; requirements<\/h2>\n\n\n\n<p>To use Azure MFA for the existing RDS environment, there are a handful of requirements:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li class=\"translation-block\">Synchronization of the <em>Onsite Active Directory<\/em> and <em>Azure Active Directory<\/em><\/li><li class=\"translation-block\">At least two Windows Server 2008 R2 servers or newer with the <em>Network Policy and Access Services<\/em> (NPS) role installed - for example, on the <em>Remote Desktop Gateway <\/em>and <em>Azure Active Directory Connect <\/em>(AADC) or another server in the domain<\/li><li class=\"translation-block\">Licenses for <em>Azure MFA<\/em> - This can be done e.g. with <em>Azure AD Premium <\/em> or another license plan containing <em>Azure MFA <\/em>. &lt;The consumption-based license for <em>Azure MFA<\/em> is not compatible with NPS.<\/li><\/ul>\n\n\n\n<p class=\"translation-block\">The following chapters assume that the prerequisites are met, the synchronization of the directories is already configured, an existing RDS infrastructure exists and the <em>NPS<\/em> role is installed on two servers.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Authentication method with Azure MFA<\/h2>\n\n\n\n<p class=\"translation-block\">By integrating <em>Azure Multi-Factor Authentication<\/em> into the existing <em>RDS<\/em> solution, the authentication process extends into the Microsoft cloud. The advantages of MFA are thus available. The procedure is structured as follows:<\/p>\n\n\n\n<ol class=\"wp-block-list\"><li class=\"translation-block\">The <em>Remote Desktop Gateway<\/em> receives the authentication request and forwards it to the server on which the <em>NPS extension <\/em> is installed. From <em>NPS <\/em> the request is forwarded to <em>DC<\/em>.<\/li><li class=\"translation-block\">The <em>DC<\/em> checks the login information and reports the result back to the <em>NPS.<\/em><\/li><li class=\"translation-block\">If the result is positive, the <em>NPS <\/em> triggers a request to <em>Azure Active Directory<\/em> for further authentication.<\/li><li class=\"translation-block\">The <em>Multi-Factor Authentication <\/em> is requested by the <em>Azure Active Directory <\/em> using one of the supported and configured options (push notification, call, SMS, code, ...) and the result is sent to the <em>NPS <\/em> if successful.<\/li><li class=\"translation-block\">The <em>NPS server <\/em> sends the message of successful authentication to the <em>RDS<\/em>, which grants access to the user authenticated via <em>MFA<\/em>.<\/li><\/ol>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"853\" height=\"480\" src=\"\/wp-content\/uploads\/2020\/04\/Auth-Flow-1.gif\" alt=\"RDS and Azure MFA Authentication flow\" class=\"wp-image-121\"\/><\/figure><\/div>\n\n\n\n<p><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Azure MFA Configuration<\/h2>\n\n\n\n<p class=\"translation-block\">Before the <em>NPS <\/em> extension can be installed and used, <em>MFA<\/em> must be set up for the Azure accounts. For the setup to work, at least one user must be successfully registered for <em>Azure MFA <\/em>. To achieve this the user has to log in at <a rel=\"noreferrer noopener\" href=\"https:\/\/aka.ms\/mfasetup\" target=\"_blank\">https:\/\/aka.ms\/mfasetup<\/a>. The user can then configure his desired authentication method, e.g. via token or Authenticator App.<\/p>\n\n\n\n<p>Somit ist die Vorarbeit bereits geleistet. Die <em>Conditional Access Policy<\/em> ist bei der <em>NPS Konfiguration<\/em> und Authentifizierung nicht ber\u00fccksichtigt. Daher ist die Einrichtung einer solchen nicht notwendig. Ist der <em>NPS<\/em> Server korrekt konfiguriert, muss sich jeder User nach der Authentifizierung \u00fcber den <em>NPS<\/em> Server zus\u00e4tzlich mittels <em>MFA<\/em> authetifizieren. Ist Azure MFA f\u00fcr einen User nicht konfiguriert, so kann der User die zus\u00e4tzliche Authentifizierung nicht durchf\u00fchren. Der Benutzer wird dadurch abgelehnt. F\u00fcr Testzwecke gibt es aber eine M\u00f6glichkeit dies zu umgehen. Daf\u00fcr muss man aber erst die <em>NPS <\/em>Erweiterung installieren. Diese M\u00f6glichkeit ist daher im Folgekapitel als &#171;Optional&#187; aufgef\u00fchrt.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Installation and Configuration NPS Extension<\/h2>\n\n\n\n<p class=\"translation-block\">For successful setup, the <em>NPS extension <\/em> is started on the <em>NPS <\/em> server. For this purpose the extension can be downloaded from <a rel=\"noreferrer noopener\" href=\"https:\/\/aka.ms\/npsmfa\" target=\"_blank\">this link<\/a> on the <em>NPS <\/em>server. Then, the <strong>NpsExtnForAzureMfaInstaller.exe<\/strong> is executed and installed. <br><span class=\"has-inline-color has-vivid-red-color\"><strong> CAUTION: The <em>NPS extension <\/em>must NEVER be installed on the <em>RD gateway <\/em>server.<\/strong><\/span><\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"572\" height=\"355\" src=\"\/wp-content\/uploads\/2020\/04\/NPS-Extension-Installation.png\" alt=\"NPS Extension for Azure MFA\" class=\"wp-image-163\" srcset=\"https:\/\/www.graber.cloud\/wp-content\/uploads\/2020\/04\/NPS-Extension-Installation.png 572w, https:\/\/www.graber.cloud\/wp-content\/uploads\/2020\/04\/NPS-Extension-Installation-300x186.png 300w\" sizes=\"auto, (max-width: 572px) 100vw, 572px\" \/><\/figure><\/div>\n\n\n\n<p class=\"translation-block\">Optional:<br>If a certain registry key is available, the <em>NP<\/em>S server does not require every user to authenticate via <em>MFA<\/em>. It is important to understand that this option is a security vulnerability. Therefore, the option should only be configured for testing during implementation to avoid a limitation of the existing operation.<br>For configuration, only the <em>registry key<\/em> <code>HKLM\\Software\\Microsoft\\AzureMFA\\REQUIRE_USER_MATCH<\/code> must be set from <code>TRUE<\/code> to <code>FALSE<\/code>. This <em>key <\/em> controls what should happen to users who are not registered for <em>MFA <\/em>. The values mean the following.<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table><thead><tr><th>Value<\/th><th>User MFA Status<\/th><th>Effect<\/th><\/tr><\/thead><tbody><tr><td>Der <em>key<\/em> existiert nicht<\/td><td>Nicht registriert<\/td><td><em>MFA <\/em>ist nicht erforderlich<\/td><\/tr><tr><td>TRUE<\/td><td>Nicht registriert<\/td><td><em>MFA<\/em> ist nicht erforderlich<\/td><\/tr><tr><td>FALSE<\/td><td>Nicht registriert<\/td><td>Authentifizierung ohne<em> MFA<\/em><\/td><\/tr><tr><td>FALSE<\/td><td>Registriert<\/td><td>Authzentifizierung mit <em>MFA<\/em> erforderlich<\/td><\/tr><tr><td>TRUE<\/td><td>Registriert<\/td><td>Authentifizierung mit <em>MFA <\/em>erforderlich<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">Self-signed certificate<\/h3>\n\n\n\n<p>Nachdem die Erweiterung installiert wurde, wird ein Zertifikat ben\u00f6tigt. Die heruntergeladene Erweiterung enth\u00e4lt ein PowerShell Skript, welches direkt ein selbstsigniertes Zertifikat erstellt, speichert und installiert. Das Skript erstellt im <em>Azure AD<\/em> zudem ein Dienstprinzipal. Dieses Prinzipal wird dem Zertifikat anschliessend automatisch zugeordnet. Weiter gew\u00e4hrt das Skript dem &#171;<em>NETWORK SERVICE&#187; <\/em>Zugriff auf das neu erstellte Zertifikat.<br>Das Skript l\u00e4sst sich wie folgt finden:<\/p>\n\n\n\n<p><code>C:\\Program Files\\Microsoft\\AzureMfa\\Config\\AzureMfaNpsExtnConfigSetup<\/code><\/p>\n\n\n\n<p><strong><span class=\"has-inline-color has-vivid-red-color\">ACHTUNG:<\/span> <span class=\"has-inline-color has-vivid-red-color\">Bei Servern in deutscher Sprache (nicht empfehlenswert), muss das Skript zuerst noch editiert werden, da das deutsche System keinen &#171;<em>NETWORK SERVICE&#187; <\/em>kennt. Der <em>&#171;NETWORK SERVICE&#187;<\/em> muss entsprechend im Skript mit dem deutschen \u00c4quivalent ersetzt werden (Netzwerkdienst).<\/span><\/strong><\/p>\n\n\n\n<p class=\"translation-block\">The script then prompts you to log in to the <em>Azure Active Directory <\/em> with an <em>Azure AD Admin <\/em>. If the authentication is successful, the script asks for the <em>Tenant ID<\/em>. This can be found in the Azure Portal by navigating to <em>Azure Active Directory &gt;&gt; Properties <\/em>Navigate and copying the value under <em>Directory ID <\/em>.<\/p>\n\n\n\n<div class=\"wp-block-image is-style-default\"><figure class=\"aligncenter size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"\/wp-content\/uploads\/2020\/04\/Azure-Tenant-ID.png\" alt=\"Azure AD Tenant ID. Azure Directory ID\" class=\"wp-image-164\" width=\"747\" height=\"392\" srcset=\"https:\/\/www.graber.cloud\/wp-content\/uploads\/2020\/04\/Azure-Tenant-ID.png 996w, https:\/\/www.graber.cloud\/wp-content\/uploads\/2020\/04\/Azure-Tenant-ID-300x157.png 300w, https:\/\/www.graber.cloud\/wp-content\/uploads\/2020\/04\/Azure-Tenant-ID-768x403.png 768w\" sizes=\"auto, (max-width: 747px) 100vw, 747px\" \/><\/figure><\/div>\n\n\n\n<p>Diese ID muss im Skript angegeben werden um die Verbindung zum <em>Azure Active Directory <\/em>herzustellen. Mit &#171;Enter&#187; best\u00e4tigt, erstellt das Skript das selbstsignierte Zertifikat und es kann mit dem n\u00e4chsten Schritt fortgefahren werden.<\/p>\n\n\n\n<p>You can then continue with the configuration. A step-by-step guide from Microsoft already exists for this. The configuration should be carried out in the following order.<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li class=\"translation-block\"><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/de-de\/azure\/active-directory\/authentication\/howto-mfa-nps-extension-rdg#configure-nps-components-on-remote-desktop-gateway\" target=\"_blank\">Configuration of <em>NPS components<\/em> auf dem Remotedesktopgateway<\/a><\/li><li class=\"translation-block\"><a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/de-de\/azure\/active-directory\/authentication\/howto-mfa-nps-extension-rdg#configure-nps-on-the-server-where-the-nps-extension-is-installed\" target=\"_blank\">Configuring <em>NPS <\/em> on the server where the <em>NPS extension <\/em> was installed<\/a><\/li><li><a href=\"https:\/\/docs.microsoft.com\/de-de\/azure\/active-directory\/authentication\/howto-mfa-nps-extension-rdg#verify-configuration\" target=\"_blank\" rel=\"noreferrer noopener\">Checking the configuration<\/a><\/li><\/ul>\n\n\n\n<p class=\"translation-block\">After these configurations have been made, <em>Azure MFA<\/em> is successfully integrated into the existing <em>RDS environment<\/em>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Good to know - Summary<\/h2>\n\n\n\n<ul class=\"wp-block-list\"><li class=\"translation-block\">To configure an <em>RDS environment <\/em> with <em>Azure MFA <\/em>, it requires at least two servers. One server is required as <em>RDS gateway <\/em>with installed <em>NPS role <\/em>, the other as another <em>NPS server <\/em> on which the <em>NPS extension<\/em> is installed. The extension must NOT be installed on the <em>RDS gateway <\/em>.<\/li><li class=\"translation-block\">Defined <strong> <em>Conditional Access<\/em> <em>Policies<\/em> <\/em> <\/em> in <em>Azure AD<\/em> are NOT considered in the <em>Azure MFA<\/em> integration using <em>NPS <\/em><strong>.<\/li><\/ul>\n\n\n\n<pre class=\"wp-block-preformatted\">Sources:\n<a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/authentication\/concept-mfa-howitworks\" target=\"_blank\">https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/authentication\/concept-mfa-howitworks<\/a> \n<a rel=\"noreferrer noopener\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/authentication\/howto-mfa-nps-extension-rdg\" target=\"_blank\">https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/authentication\/howto-mfa-nps-extension-rdg<\/a>\n<a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/authentication\/howto-mfa-nps-extension\">https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/authentication\/howto-mfa-nps-extension<\/a><\/pre>\n\n\n\n<p><\/p>","protected":false},"excerpt":{"rendered":"<p>This blog post explains how to set up Azure Multi-Factor Authentication for your On-Premises Remote Desktop Service (RDS) environment. The blog post is intended to help you understand and shows the most important steps for preparation as a step-by-step guide. Multi-Factor Authentication The concept of Multi-Factor Authentication (MFA) is already widely used and respected today. Such an authentication consists of several components, not ... <a title=\"Integration of Azure MFA in an RDS environment\" class=\"read-more\" href=\"https:\/\/www.graber.cloud\/en\/integration-azure-mfa-in-rds\/\" aria-label=\"Read more about Integration von Azure MFA in eine RDS-Umgebung\">Read more<\/a><\/p>","protected":false},"author":1,"featured_media":166,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[7],"tags":[3,15,13,14,17,50,16,18,19],"class_list":["post-119","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology","tag-azure","tag-azuread","tag-azuremfa","tag-howto","tag-hybrid-cloud","tag-nps","tag-rds","tag-remotedesktop","tag-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Integration von Azure MFA in eine RDS-Umgebung<\/title>\n<meta name=\"description\" content=\"Post \u00fcber &quot;Integration von Azure MFA in eine RDS-Umgebung&quot; - erstellt von Yannic Graber auf dem Blog &quot;Cloud Business &amp; Technology&quot;\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.graber.cloud\/en\/integration-azure-mfa-in-rds\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Integration von Azure MFA in eine RDS-Umgebung\" \/>\n<meta property=\"og:description\" content=\"Post \u00fcber &quot;Integration von Azure MFA in eine RDS-Umgebung&quot; - erstellt von Yannic Graber auf dem Blog &quot;Cloud Business &amp; Technology&quot;\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.graber.cloud\/en\/integration-azure-mfa-in-rds\/\" \/>\n<meta property=\"og:site_name\" content=\"Cloud Business &amp; Technology\" \/>\n<meta property=\"article:published_time\" content=\"2020-04-22T15:34:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-05-06T19:20:22+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.graber.cloud\/wp-content\/uploads\/2020\/04\/Titelbild-MFA-RDS.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1814\" \/>\n\t<meta property=\"og:image:height\" content=\"859\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Yannic Graber\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@GraberYannic\" \/>\n<meta name=\"twitter:site\" content=\"@GraberYannic\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Yannic Graber\" \/>\n\t<meta name=\"twitter:label2\" content=\"Estimated reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.graber.cloud\/en\/integration-azure-mfa-in-rds\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.graber.cloud\/en\/integration-azure-mfa-in-rds\/\"},\"author\":{\"name\":\"Yannic Graber\",\"@id\":\"https:\/\/www.graber.cloud\/en\/#\/schema\/person\/50b8d88e3d433af9d16d73f354d897fe\"},\"headline\":\"Integration von Azure MFA in eine RDS-Umgebung\",\"datePublished\":\"2020-04-22T15:34:00+00:00\",\"dateModified\":\"2020-05-06T19:20:22+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.graber.cloud\/en\/integration-azure-mfa-in-rds\/\"},\"wordCount\":1124,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.graber.cloud\/en\/#\/schema\/person\/50b8d88e3d433af9d16d73f354d897fe\"},\"image\":{\"@id\":\"https:\/\/www.graber.cloud\/en\/integration-azure-mfa-in-rds\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.graber.cloud\/wp-content\/uploads\/2020\/04\/Titelbild-MFA-RDS.png\",\"keywords\":[\"Azure\",\"AzureAD\",\"AzureMFA\",\"HowTo\",\"Hybrid-Cloud\",\"NPS\",\"RDS\",\"RemoteDesktop\",\"Security\"],\"articleSection\":[\"Technology\"],\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.graber.cloud\/en\/integration-azure-mfa-in-rds\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.graber.cloud\/en\/integration-azure-mfa-in-rds\/\",\"url\":\"https:\/\/www.graber.cloud\/en\/integration-azure-mfa-in-rds\/\",\"name\":\"Integration von Azure MFA in eine RDS-Umgebung\",\"isPartOf\":{\"@id\":\"https:\/\/www.graber.cloud\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.graber.cloud\/en\/integration-azure-mfa-in-rds\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.graber.cloud\/en\/integration-azure-mfa-in-rds\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.graber.cloud\/wp-content\/uploads\/2020\/04\/Titelbild-MFA-RDS.png\",\"datePublished\":\"2020-04-22T15:34:00+00:00\",\"dateModified\":\"2020-05-06T19:20:22+00:00\",\"description\":\"Post \u00fcber \\\"Integration von Azure MFA in eine RDS-Umgebung\\\" - erstellt von Yannic Graber auf dem Blog \\\"Cloud Business &amp; Technology\\\"\",\"breadcrumb\":{\"@id\":\"https:\/\/www.graber.cloud\/en\/integration-azure-mfa-in-rds\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.graber.cloud\/en\/integration-azure-mfa-in-rds\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.graber.cloud\/en\/integration-azure-mfa-in-rds\/#primaryimage\",\"url\":\"https:\/\/www.graber.cloud\/wp-content\/uploads\/2020\/04\/Titelbild-MFA-RDS.png\",\"contentUrl\":\"https:\/\/www.graber.cloud\/wp-content\/uploads\/2020\/04\/Titelbild-MFA-RDS.png\",\"width\":1814,\"height\":859,\"caption\":\"Azure MFA mit RDS\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.graber.cloud\/en\/integration-azure-mfa-in-rds\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.graber.cloud\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Integration von Azure MFA in eine RDS-Umgebung\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.graber.cloud\/en\/#website\",\"url\":\"https:\/\/www.graber.cloud\/en\/\",\"name\":\"Cloud Business &amp; Technology\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.graber.cloud\/en\/#\/schema\/person\/50b8d88e3d433af9d16d73f354d897fe\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.graber.cloud\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\/\/www.graber.cloud\/en\/#\/schema\/person\/50b8d88e3d433af9d16d73f354d897fe\",\"name\":\"Yannic Graber\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.graber.cloud\/en\/#\/schema\/person\/image\/\",\"url\":\"\/wp-content\/uploads\/2020\/03\/Techdata-Yannic_Graber_downsized.jpg\",\"contentUrl\":\"\/wp-content\/uploads\/2020\/03\/Techdata-Yannic_Graber_downsized.jpg\",\"width\":264,\"height\":267,\"caption\":\"Yannic Graber\"},\"logo\":{\"@id\":\"https:\/\/www.graber.cloud\/en\/#\/schema\/person\/image\/\"},\"description\":\"Experienced technical cloud consultant, certified Azure solutions architect and MCT, focusing on Microsoft Cloud related topics. As a graduate business informatics specialist HF, I consider both the technology and economics. Born in Lucerne, Switzerland and still living there.\",\"sameAs\":[\"https:\/\/www.graber.cloud\",\"https:\/\/www.linkedin.com\/in\/ygr\/\",\"https:\/\/x.com\/GraberYannic\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Integration of Azure MFA in an RDS environment","description":"Post \u00fcber \"Integration von Azure MFA in eine RDS-Umgebung\" - erstellt von Yannic Graber auf dem Blog \"Cloud Business &amp; Technology\"","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.graber.cloud\/en\/integration-azure-mfa-in-rds\/","og_locale":"en_GB","og_type":"article","og_title":"Integration von Azure MFA in eine RDS-Umgebung","og_description":"Post \u00fcber \"Integration von Azure MFA in eine RDS-Umgebung\" - erstellt von Yannic Graber auf dem Blog \"Cloud Business &amp; Technology\"","og_url":"https:\/\/www.graber.cloud\/en\/integration-azure-mfa-in-rds\/","og_site_name":"Cloud Business &amp; Technology","article_published_time":"2020-04-22T15:34:00+00:00","article_modified_time":"2020-05-06T19:20:22+00:00","og_image":[{"width":1814,"height":859,"url":"https:\/\/www.graber.cloud\/wp-content\/uploads\/2020\/04\/Titelbild-MFA-RDS.png","type":"image\/png"}],"author":"Yannic Graber","twitter_card":"summary_large_image","twitter_creator":"@GraberYannic","twitter_site":"@GraberYannic","twitter_misc":{"Written by":"Yannic Graber","Estimated reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.graber.cloud\/en\/integration-azure-mfa-in-rds\/#article","isPartOf":{"@id":"https:\/\/www.graber.cloud\/en\/integration-azure-mfa-in-rds\/"},"author":{"name":"Yannic Graber","@id":"https:\/\/www.graber.cloud\/en\/#\/schema\/person\/50b8d88e3d433af9d16d73f354d897fe"},"headline":"Integration von Azure MFA in eine RDS-Umgebung","datePublished":"2020-04-22T15:34:00+00:00","dateModified":"2020-05-06T19:20:22+00:00","mainEntityOfPage":{"@id":"https:\/\/www.graber.cloud\/en\/integration-azure-mfa-in-rds\/"},"wordCount":1124,"commentCount":0,"publisher":{"@id":"https:\/\/www.graber.cloud\/en\/#\/schema\/person\/50b8d88e3d433af9d16d73f354d897fe"},"image":{"@id":"https:\/\/www.graber.cloud\/en\/integration-azure-mfa-in-rds\/#primaryimage"},"thumbnailUrl":"https:\/\/www.graber.cloud\/wp-content\/uploads\/2020\/04\/Titelbild-MFA-RDS.png","keywords":["Azure","AzureAD","AzureMFA","HowTo","Hybrid-Cloud","NPS","RDS","RemoteDesktop","Security"],"articleSection":["Technology"],"inLanguage":"en-GB","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.graber.cloud\/en\/integration-azure-mfa-in-rds\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.graber.cloud\/en\/integration-azure-mfa-in-rds\/","url":"https:\/\/www.graber.cloud\/en\/integration-azure-mfa-in-rds\/","name":"Integration of Azure MFA in an RDS environment","isPartOf":{"@id":"https:\/\/www.graber.cloud\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.graber.cloud\/en\/integration-azure-mfa-in-rds\/#primaryimage"},"image":{"@id":"https:\/\/www.graber.cloud\/en\/integration-azure-mfa-in-rds\/#primaryimage"},"thumbnailUrl":"https:\/\/www.graber.cloud\/wp-content\/uploads\/2020\/04\/Titelbild-MFA-RDS.png","datePublished":"2020-04-22T15:34:00+00:00","dateModified":"2020-05-06T19:20:22+00:00","description":"Post \u00fcber \"Integration von Azure MFA in eine RDS-Umgebung\" - erstellt von Yannic Graber auf dem Blog \"Cloud Business &amp; Technology\"","breadcrumb":{"@id":"https:\/\/www.graber.cloud\/en\/integration-azure-mfa-in-rds\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.graber.cloud\/en\/integration-azure-mfa-in-rds\/"]}]},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.graber.cloud\/en\/integration-azure-mfa-in-rds\/#primaryimage","url":"https:\/\/www.graber.cloud\/wp-content\/uploads\/2020\/04\/Titelbild-MFA-RDS.png","contentUrl":"https:\/\/www.graber.cloud\/wp-content\/uploads\/2020\/04\/Titelbild-MFA-RDS.png","width":1814,"height":859,"caption":"Azure MFA mit RDS"},{"@type":"BreadcrumbList","@id":"https:\/\/www.graber.cloud\/en\/integration-azure-mfa-in-rds\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.graber.cloud\/en\/"},{"@type":"ListItem","position":2,"name":"Integration von Azure MFA in eine RDS-Umgebung"}]},{"@type":"WebSite","@id":"https:\/\/www.graber.cloud\/en\/#website","url":"https:\/\/www.graber.cloud\/en\/","name":"Cloud Business &amp; Technology","description":"","publisher":{"@id":"https:\/\/www.graber.cloud\/en\/#\/schema\/person\/50b8d88e3d433af9d16d73f354d897fe"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.graber.cloud\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":["Person","Organization"],"@id":"https:\/\/www.graber.cloud\/en\/#\/schema\/person\/50b8d88e3d433af9d16d73f354d897fe","name":"Yannic Graber","image":{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.graber.cloud\/en\/#\/schema\/person\/image\/","url":"\/wp-content\/uploads\/2020\/03\/Techdata-Yannic_Graber_downsized.jpg","contentUrl":"\/wp-content\/uploads\/2020\/03\/Techdata-Yannic_Graber_downsized.jpg","width":264,"height":267,"caption":"Yannic Graber"},"logo":{"@id":"https:\/\/www.graber.cloud\/en\/#\/schema\/person\/image\/"},"description":"Experienced technical cloud consultant, certified Azure solutions architect and MCT, focusing on Microsoft Cloud related topics. As a graduate business informatics specialist HF, I consider both the technology and economics. Born in Lucerne, Switzerland and still living there.","sameAs":["https:\/\/www.graber.cloud","https:\/\/www.linkedin.com\/in\/ygr\/","https:\/\/x.com\/GraberYannic"]}]}},"_links":{"self":[{"href":"https:\/\/www.graber.cloud\/en\/wp-json\/wp\/v2\/posts\/119","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.graber.cloud\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.graber.cloud\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.graber.cloud\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.graber.cloud\/en\/wp-json\/wp\/v2\/comments?post=119"}],"version-history":[{"count":18,"href":"https:\/\/www.graber.cloud\/en\/wp-json\/wp\/v2\/posts\/119\/revisions"}],"predecessor-version":[{"id":387,"href":"https:\/\/www.graber.cloud\/en\/wp-json\/wp\/v2\/posts\/119\/revisions\/387"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.graber.cloud\/en\/wp-json\/wp\/v2\/media\/166"}],"wp:attachment":[{"href":"https:\/\/www.graber.cloud\/en\/wp-json\/wp\/v2\/media?parent=119"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.graber.cloud\/en\/wp-json\/wp\/v2\/categories?post=119"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.graber.cloud\/en\/wp-json\/wp\/v2\/tags?post=119"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}