Skip to content

Commit b66552e

Browse files
Michael9127ranbel
authored and
thomasgauvin
committed
PCX-18641: Adds limitation to browser-based RDP docs about Entra AD joined accounts (#24107)
* PCX-18641: Adds limitation to browser-based RDP docs about Entra AD joined accounts * Update src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx Co-authored-by: ranbel <[email protected]> --------- Co-authored-by: ranbel <[email protected]>
1 parent a0b1209 commit b66552e

File tree

1 file changed

+2
-1
lines changed
  • src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp

1 file changed

+2
-1
lines changed

src/content/docs/cloudflare-one/connections/connect-networks/use-cases/rdp/rdp-browser.mdx

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -223,7 +223,6 @@ Cloudflare will not configure user identifiers on the RDP target. Any user ident
223223
#### Microsoft Entra ID
224224

225225
User identifiers that are bound to Microsoft Entra ID domains must enter their username as `AzureAD\[email protected]` or `AzureAD\user`. The `AzureAD\` prefix is case-insensitive.
226-
227226
The login flow differs slightly when using an Microsoft Entra ID-bound username:
228227

229228
1. Enter your username in one of the formats outlined above.
@@ -242,3 +241,5 @@ The login flow differs slightly when using an Microsoft Entra ID-bound username:
242241
- **Clipboard size limit**: Data copied between the local machine and the browser-based RDP session may not exceed 500 KB.
243242
- **Clipboard controls**: Admins do not have the ability to restrict copy/paste actions between the remote machine and the user's local clipboard.
244243
- **File transfers**: Users cannot copy/paste files from their local machine to the remote machine and vice versa.
244+
- **Network Level Authentication for Entra-joined accounts**: Browser-based RDP does not support PKU2U authentication which is required for [Network Level Authentication (NLA)](https://learn.microsoft.com/en-us/windows-server/remote/remote-desktop-services/remotepc/remote-desktop-allow-access#why-allow-connections-only-with-network-level-authentication) with Entra-joined accounts. Connecting to Entra-joined accounts requires disabling enforcement of NLA on the remote Windows machine. You can disable NLA from **Settings** > **System** > **Remote Desktop**, or use the Local Group Policy Editor to disable **Require user authentication for remote connections by using Network Level Authentication**.
245+

0 commit comments

Comments
 (0)