TruGrid SecureRDP - Directory Services Integration & Sizing Requirements

TruGrid SecureRDP - Directory Services Integration & Sizing Requirements



TruGrid Secure RDP requires integration with a Directory Service in order to function. TruGrid SecureRDP currently supports Microsoft Active Directory Domain or Azure Active Directory. Integration with Active Directory allows end users to use included TruGrid MFA. Integration with Azure AD allows end users to use MFA integrated with Azure AD.


Integration with Active Directory

Integration with Active Directory requires the installation of TruGrid Sentry software on a domain-joined server. The TruGrid Sentry software handles authentication and secure RDP brokering for domain-joined RDP computers. Below are the requirements, recommendations, and sizing guidelines for TruGrid Sentry software installation.

TruGrid Sentry installation requires a user account with Active Directory Domain Admin rights

TruGrid recommends the following minimum specification for the TruGrid Sentry server. For redundancy, TruGrid recommends at least two servers per domain. A TruGrid Sentry server does not need to be dedicated:
A fully-patched 64-bit Windows server OS. Windows Server 2012 R2 or later is supported. Windows Server 2019 or later is highly recommended.
16GB of RAM, 2CPUs, disk with high IOPS. Please do NOT use a server that is already resource-overloaded. It is recommended that CPU and memory utilization on a TruGrid Sentry server not exceed 70%
Ensure that DNS is properly configured for your Active Directory environment and that DNS resolution works for the machines that you wish to access via RDP. The network card DNS property page of TruGrid Sentry server must point to one or more Active Directory DNS servers and not Google or external DNS. The same DNS requirement is true of RDP hosts on the network. This is recommended Active Directory practice.
TruGrid Secure RDP does NOT require external / inbound firewall exposure. TruGrid Secure RDP eliminates the need to expose RDP over the public internet. However, ensure that the RDP feature (protocol) over default port 3389 is enabled only on the computers that you wish to access via RDP.



Integration with Azure AD

Integration with Azure AD requires connecting TruGrid to Azure AD as an Enterprise Application. A TruGrid SecureConnect agent is then installed on any remote Windows computer to be accessed via RDP. Below are requirements, recommendations, and guidelines for Azure AD integration.

Adding TruGrid as an Azure Enterprise Application requires a user account with Global Admin rights in Azure AD. The account must use the same UPN as the domain being connected to TruGrid. The account is only required to automate the creation of TruGrid Enterprise Application in Azure AD. Thereafter, TruGrid performs read operations against Azure AD. During the integration, the installing user will provide consent as required by Microsoft Azure.

In order to securely connect to remote RDP computers without external firewall exposure, install TruGrid SecureConnect on the remote computers.
TruGrid SecureConnect is supported on 64-bit versions of Windows that are in-support by Microsoft. Examples are Windows 8 and later & Windows Server 2012 R2 or later
TruGrid Secure RDP does NOT require external / inbound / edge firewall exposure. TruGrid Secure RDP eliminates the need to expose RDP over the public internet. However, ensure that the RDP feature (protocol) over default port 3389 is enabled only on the computers that you wish to access via RDP.


In order to get started, please use LIVE CHAT below to schedule your on-boarding session.


If you prefer do-it-yourself for Active Directory setup, please follow self-installation steps for Active Directory integration

If you prefer do-it-yourself for Azure AD setup, please follow self-installation steps for Azure AD integration

Updated on: 22/09/2023

Was this article helpful?

Share your feedback

Cancel

Thank you!