This post is more than 5 years old
43 Posts
0
181968
Two factor authentication (2FA) based on group member ship
Hi everyone,
We implemented 2FA, but I do not want to use it for all my customers, just a few need 2FA.
So I disabled the option "Require all users to be two-factor authenticated", and I created a Advanced target.
That advanced target is connected to my test RDS. but when I login into the app portal that test RDS is still visible and accessible without 2FA.
Do I forget something?
DELL-Paul Fi
101 Posts
0
October 29th, 2014 10:00
Hi,
Try creating a rule like this:
and then apply this to your desktop application. Ensure your desktop application its not targeted to anything else.
Regards
Paul
DELL-Paul Fi
101 Posts
0
October 23rd, 2014 03:00
Hi,
Looking at your advanced target it looks like you have the APP_2FA in a number of times using "OR" so as long as the user is a member of the APP_2FA group they will be presented with the desktop application.
Also do you have the Application published to any other targets?
Regards
Paul
sader82
43 Posts
0
October 24th, 2014 02:00
Hi Paul,
I understand what you are saying. What I try to accomplish is that when a user is member of a specific group it is required to use 2FA.
And all other user use normal authentication. but I think that I miss something.
sader82
43 Posts
1
October 30th, 2014 01:00
Paul,
I did that also yesterday and it worked!