Month: June 2011

Microsoft RDWeb Access , TMG 2010 & RSA Keys

A client recently needed to upgrade a  Server 2008 R2 RDWeb access to a two factor authentication solution. We decided to go down the TMG 2010 with RSA secure ID route.

After some googling I found this paper Its a great walk thru but leaves out some key steps. Also for 2008 R2 replace wherever he put TS with RDWeb. But the clients always need to logon twice once at the TMG and they are prompted with the RDweb Access form page. To remove this form page we will take a look at this C:\Windows\Web\RDWeb\Pages\web.config file scroll down to and you will find this, wow great! a few comments here and there and all of the sudden the

To turn on Windows Authentication:
              - uncomment <authentication mode="Windows"/> section
              - and comment out:
              1) <authentication mode="Forms"> section.
              2) <modules> and <security> sections in <system.webServer> section at the end of the file.
              3) Optional: Windows Authentication will work in https.  However, to turn off https, disable 'Require SSL' for both RDWeb and RDWeb/Pages VDIR.
                 Launch IIS Manager UI, click on RDWeb VDIR, double click on SSL Settings in the middle pane, uncheck 'Require SSL' and
                 click Apply in the top right in the right pane.  Repeat the steps for RDWeb/Pages VDIR.

After completing the comments restart the IIS session and tada! the forms based logon is gone.