Our organization is trialing Royal Server to enforce MFA for our admins that connect to servers with the document store. I've forced MFA and am using Generic TOTP Authenticator. I've enrolled myself, and I see myself in user management, and my MS Authenticator app has Royal Server registered and shows my domain/username, however, when accessing a remote host via RDP, I don't get an approval popup on my phone, and the connection goes through just fine, but without MFA.
In Royal TS, I've added a Royal Server which tests fine, then for each of the remote machines, I've specified to use that Royal Server and Secure Gateway. I see them in the Royal Server, and when I connect, I see them in the active tunnels.
I'm sure I'm missing something simple here. Is there anything I need to do on the remote end? Anything in Azure AD? Anything on our local DCs? An MFA agent of some kind? Or did I auto-approve when I connected my authenticator app?
Thanks for your help!
Multi-Factor authentication is only available for accessing documents in the Document Store, it is not supported for other any connection types.