?
Solved

ADFS or similar to log into windows via RDP?

Posted on 2016-10-31
3
Medium Priority
?
69 Views
Last Modified: 2016-11-04
Hi folks, I have a question that is turning out to be WAY more difficult to answer than I expected. We have a need to have centralized user management as a Managed Service Provider, that would allow us to log into any of the windows servers, across any of our customers, with the same creds. There are all kinds of hokey user management systems out that that will remotely manage AD but we have a whole bunch of other restrictions that don't allow that (HIPAA PCI BLAH BLAH BLAH). Every single thing I read is related to application logins and websites. We don't have that, although we do have citrix, but that is not the question since we know that is actually possible.

So, the root question. Is it possible to log into a windows server via RDP, with credentials provided via Federated Services?

If so, can you point me to a couple tutorial/examples/help that would be awesome. Or, if not possible, any alternatives that would?
0
Comment
Question by:David Barchas
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 59

Accepted Solution

by:
Cliff Galiher earned 1000 total points
ID: 41867724
No. You could establish domain trusts, and do so in a way that complies with regulations. But that'd still ultimately be a Kerberos based login. Not one provided by ADFS or any of the protocols (such as SAML) it supports.
0
 
LVL 82

Assisted Solution

by:David Johnson, CD, MVP
David Johnson, CD, MVP earned 1000 total points
ID: 41867750
You need some way of authenticating yourself so you will need something that gives you a credential to login. From there you can use logmein rescue, Citrix GotoAssist, TeamViewer etc.  You can't just hop in and out of their managed systems.
0
 

Author Closing Comment

by:David Barchas
ID: 41875101
Thanks guys. I just needed confirmation that domain trust is the only option for what we need. SAML/ADFS will let us do citrix, but will not provide windows desktop login capability.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
Let's recap what we learned from yesterday's Skyport Systems webinar.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question