AD-Joined server connections

After a team configures Advanced Server Access to work with an Active Directory (AD) domain, users can create Remote Desktop Protocol (RDP) connections to Windows servers. If a teams adds a passwordless certificate for the AD domain, users can connect without needing to enter a password. If a team doesn't add a certificate, users must manually enter their password to authenticate their RDP connection. Users will always need to sign in to their Okta account before connecting to a server.


  • A project configured for AD support
  • A gateway able to resolve and forward RDP connections
    • If the gateway isn't on the same subnet as the server, Network Level Authentication (NLA) must be disabled.
  • A device running the Advanced Server Access client (v1.59.0 or later)
  • A device running a supported RDP client
    • MacFreeRDP (v2.4.0 only)
    • Windows Desktop RDP client

Advanced Server Access does not currently support connections to discovered servers from other RDP clients.


Related topics