How to apply MFA for RemoteApp

From UserLock version 12.1, you can protect RemoteApp sessions with MFA with all available methods: push notifications, OTP codes and USB keys.

Pre-requisites

The UserLock desktop agent must be installed on the RD Host server.

How to

To enable MFA for these connections, first create a protected account for the user, group or OU that you wish to protect. Then, under multi-factor authentication, select "enable." RemoteApp sessions are considered as Terminal sessions, so under session type "Server", enable the connection types and frequency to prompt users for MFA.

Notes

• In the case of concurrent RemoteApp sessions, only one will be visible in the UserLock console and the MFA will only be asked for the first connection, even if the MFA frequency is set to "At every logon."
• Enabling MFA for server connections will apply this setting to all servers that have the UserLock desktop agent.
• When a RemoteApp windows is closed, it can be reopened within 30s without prompt a password.

Limitations

• Users cannot enroll in MFA via a RemoteApp session. For general information about enrollment, see this page. For remote users, see this page for ways to enroll them in MFA.
• It is not possible to use MFA for RemoteApp sessions that require privilege escalation (UAC).

• Multi-Factor Authentication
  • Implementing Multi-Factor Authentication
  • UserLock Push App
  • How to apply MFA for VPN
  • How to configure and install VPN Connect for MFA
  • How to apply MFA for IIS Apps such as OWA, RDWeb and Sharepoint
  • How to enable MFA for SSO
  • How to apply MFA for RemoteApp
  • How to apply MFA to Remote Desktop Gateway sessions
  • How to enroll remote users
  • Onboarding for End Users - Push Notifications with UserLock Push
  • Onboarding for End Users – with an Authenticator Application
  • Onboarding for End Users – with a Token2 programmable token
  • Onboarding for End Users – with HOTP Token2
  • Onboarding for End Users – with YubiKey
  • Onboarding for End Users - Recovery codes