Skip to main content

I have a windows 2019 server enabled with RDS services and password safe for users that need to have privileged access to cloud apps that are onboarded as enterprise apps in Entra / Azure. How can i give users a single on sign experience when they do not have access to the account password? 

I am trying to avoid published apps and keep my admin overheads as low as possible.

Has any here been able to make this happen? 

I had something running to support this when we had ADFS, but sadly we have moved on.

Hello Andrew,

To provide access to your Web Applications you can use Password Safe (Applications). Create the application on your RDS server and automate the login processes with the ps_automate utility.

Have a look at here at our documentation for more details.

Add Applications to Password Safe

Hi jchandler, Im aware of the published apps feature of password safe, but i really was aiming at a true desktop experience for a privileged user. I think i found what i needed to take to my infrastructure team. I found a Microsoft solution to a pass through authentication. for reference https://learn.microsoft.com/en-us/entra/identity/devices/hybrid-join-plan#review-supported-devices

If this works out I can keep my admin overheads low, i don’t have to rely on scripts and broken browser support and still provide a managed privilege environment.

Reply


Badge Earners

  • BCIE: Privileged Remote Access
    Bruceyhas earned the badge BCIE: Privileged Remote Access
  • BCIE: Remote Support
    Bruceyhas earned the badge BCIE: Remote Support
  • BCA: Privileged Remote Access
    linehas earned the badge BCA: Privileged Remote Access
  • BCA: Password Safe
    linehas earned the badge BCA: Password Safe
  • BCA: Password Safe
    MedBouhas earned the badge BCA: Password Safe
Show all badges
Terms & ConditionsCookie settings