Browser rendered RDP and single-sign-on
Im trying to setup browser rendered RDP for on-premises Active Directory domain joined windows server. My users don't know their passwords and they use PIV with Yubikeys to sign in to the workstations and remote desktops.
I don't have Hybrid environment for EntraID (yet).
It seems like my users could use the Browser rendered RDP only when they have domain password.
Im currently using cloudflared access rdp for my users. They bring up the cloudared service on their workstations and connect to rdp using the localhost service. They authenticate in cloudflare access and then sign in using piv with the native remote desktop application on windows.
Does anyone have any success with using browser rendered rdp with piv? Or am i barking under wrong tree and i need to change my approach to get truly passwordless and single sign on solution?
NB! Users might login from devices that are not domain joined.
0 Replies