Devolutions ForumDevolutions Forum

MFA for RDM Native Client

MFA for RDM Native Client

0 vote

avatar
(user deleted)
Disabled

My company would extremely benefit from the capability to have MFA when logging in and accessing the RDM Native Client.

Especially since we are storing some credentials directly into vaults, that added layer of security would be extremely beneficial.

We use Microsoft Authenticator for our MFA, so I would selfishly ask that be the first MFA implemented for the Native Client :P

All Comments (6)

avatar
Jeff Dagenais

Hello,

What type of database are you using with Devolutions Server? Is it SQL Azure or SQL Server?

I am asking this question because using SQL Azure as your backend datasource, it's possible to use your office365 account to perform the authentication, which will allow you to use Microsoft Authenticator as the 2FA since it's configured with your office365 account. We use this implementation down here and it's working pretty well.

Best regards,

Jeff Dagenais

avatar
rene1

Hi,

We have the same request. We are using RDM with Password manager Pro.
preferentially the Microsoft MFA but any will do. We had RDM with Online database and we where able to use the DUO app.

Greetings.

Rene

avatar
Jeff Dagenais

@rene1,

You have posted in the wrong section of the forum, because this section is dedicated to Devolutions Server.

For RDM, please refer you to this section
https://forum.devolutions.net/forums/17/remote-desktop-manager--feature-request

Best regards,

Jeff Dagenais

avatar
Hello,

What type of database are you using with Devolutions Server? Is it SQL Azure or SQL Server?

I am asking this question because using SQL Azure as your backend datasource, it's possible to use your office365 account to perform the authentication, which will allow you to use Microsoft Authenticator as the 2FA since it's configured with your office365 account. We use this implementation down here and it's working pretty well.

Best regards,


Apologies for the delayed response. We do use SQL Azure for the backend datasource. Let me give it a try to require the MFA on the database resource instead of the App Registration.

avatar

It did not seem to work. I may have misunderstood what you were referring to. What I am trying to accomplish, is since our RDMs are using DPS (which is using Azure SQL as its database) as their Data Source, once they access the Vault via the RDM Native client, they get prompted to logging via O365 account AND then get presented with Azure MFA.

From my Devolutions support ticket they had mentioned this was not possible and would need to suggest a feature request.

avatar
Erica Poirier

Hello,

Thank you for your feedback.

Following a discussion with teammates, would it be possible for you to test a possible workaround on your DVLS Office365 configuration?

In the Redirect URI of the Native Application section, instead of the rdm://dps URI, please try the same URL you are using for your DVLS web page.

forum image

Then please also update the URI in the Azure app for RDM.

forum image

Let me know if that helps to get the MFA in RDM.

Best regards,

Érica Poirier