Cantor, Scott cantor.2 at osu.edu
Tue Apr 5 19:20:21 EDT 2016

On 4/5/16, 5:49 PM, "users on behalf of Peter Schober" <users-bounces at shibboleth.net on behalf of peter.schober at univie.ac.at> wrote:

>* Joel Levin <joel.aaron.levin at gmail.com> [2016-04-05 23:07]:
>> ADFS does not appear to support RDP.
>> Is RDP an option via Shibboleth ECP?
>"Remote Desktop Protocol (RDP) is a proprietary protocol developed by
>Microsoft" -- https://en.wikipedia.org/wiki/Remote_Desktop_Protocol
>The SAML ECP (there's no such thing as "Shibboleth ECP") profile
>assumes the resource is still HTTP-based, just like the Web Browser
>SSO profile does.

Modulo that it also can be used with GSS-API/SASL for non-HTTP resources, but while RDP might support Microsoft's SSPI, none of the code needed to implement that with ECP exists for Windows SSPI or in a form you could conceivably use.

But I would imagine Microsoft is moving the RDP client to supporting web-based login at some point, like everything else is/will. I guess the RDP teams must be isolated at this point if it doesn't even support ADFS via WS-Trust by now.

-- Scott

More information about the users mailing list