Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SSO to Terminal services with SAML authentication

SOLVED
Go to solution
roms
Occasional Contributor
‎05-20-2021 08:14:AM
‎05-20-2021 08:14:AM

SSO to Terminal services with SAML authentication

Hi forum,

I have a question regarding Terminal Services authentication (SSO) while I am authenticating users with an external Idp (okta) which is running with login = email adresses.

Internally my users are authenticating to Termainal Servies with their AD account which has nothing to do with email.

Is there a chance we can send someting to the terminal services to allow autneitcation of these users?

I am able to send some information to the Pulse Secure Server through SAML but looks the PCS is not able to use them.

Any idea?

How are you doing such use cases?

Regards

Labels:
Tags (3)
0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions
zanyterp
Moderator
Moderator
‎05-21-2021 12:48:AM
‎05-21-2021 12:48:AM

Re: SSO to Terminal services with SAML authentication

unfortunately, no, it is not possible to do SSO to terminal services when using only SAML for login
when SAML is used, the PCS does not have access to the password
in order to not require users to enter their username & password on the RDP login page/use SSO, you will need to enable a second authentication on the realm and then configure the RDP bookmark with the variable <username[2]> and <password[2]>

View solution in original post

2 REPLIES 2
zanyterp
Moderator
Moderator
‎05-21-2021 12:48:AM
‎05-21-2021 12:48:AM

Re: SSO to Terminal services with SAML authentication

unfortunately, no, it is not possible to do SSO to terminal services when using only SAML for login
when SAML is used, the PCS does not have access to the password
in order to not require users to enter their username & password on the RDP login page/use SSO, you will need to enable a second authentication on the realm and then configure the RDP bookmark with the variable <username[2]> and <password[2]>
roms
Occasional Contributor
‎05-21-2021 01:08:AM
‎05-21-2021 01:08:AM

Re: SSO to Terminal services with SAML authentication

Hello Zanyterp,

Thanks for the response.

That makes sense that the password is not sent over SAML.

I was on the way to add the second Auth Server and play with <password2>

Not really friendly for user as they have to type several pasword, but did the job

 

© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.