Event banner

The evolution of Windows authentication

Event Ended
Wednesday, Mar 27, 2024, 03:30 PM PDT
Online

Event details

As the security landscape evolves, Windows must continue to change to protect users and organizations. Foundational to this is user authentication. In Windows Server 2025 and Windows vNext, we have c...
Heather_Poulsen
Updated Dec 27, 2024
AlexBarthUT's avatar
AlexBarthUT
Copper Contributor
Mar 27, 2024
While Remote Desktop supports Kerberos today, it will fall back to NTLM in IP-based scenarios or when the target is not joined to a domain. Will the RDP client and server be adopting IAKerb to replace NTLM? To expand on that, it would be very beneficial to modern authentication scenarios to see the RDP gateway be able to redirect clients to Azure AD or ADFS for rich authentication at the gateway level then permit the client to authenticate to the target with IAKerb.
Joseph Towns's avatar
Joseph Towns
Brass Contributor
Mar 27, 2024
This is what I was getting at. Kerberos support for AzureAD joined machines, connecting through the RDP gateway to on-prem servers when "cloud trust" authentication is setup. I can use Windows Hello auth for most everything except for RDP through the gateway which still reverts to NTLM.
Date and Time
Mar 27, 20243:30 PM - 4:00 PM PDT