Just a question about the effectiveness of using MFA with Royal. Is there a way to prevent admins from simply using mstsc or other RDP remote application to bypass Royal and the MFA requirement?
Royal Server provides MFA authentication only for Document Store access, it is not supported for other connection types. (see also https://docs.royalapps.com/r2021/royalserver/components/document-store/multi-factor-authentication/index.html)
In order to generally ensure MFA for RDP sessions, the RDP Server would have to enforce this.