i’m trying to figure out if the following scenario is possible:
i have 2 session hosts with RDP auth agents installed. i would like for:
- enrolled users who are on trusted laptops, bypass DUO 2FA, log in with AD creds
- enrolled users on untrusted laptops/desktops, challenged with AD creds and DUO 2FA
articles i’ve read so far seem to cover only online apps/browser based applications, and even with the DUO certificate installed on a trusted device, still has DUO challenge being prompted.