JeremyH.86309 (Customer) asked a question.
Hello,
I have installed the Okta RDP MFA agent on a number of local servers successfully. It is set to prompt for MFA both through RDP and interactive login.
I have another machine I have installed it on and it work perfectly when the machine is on network. When it is on another network (my hotspot etc) it does not work. I don't even see the Okta pop-up. It just says bad username and password. The second I connect it to my internal network it works perfectly again.
It appears to be related to the machine being able to talk to AD. However, if the machine can't reach AD then it should use my cached credentials to still allow me to logon.
I have verified that this is the behavior without the Okta Windows Credential Provider installed, but with it installed it says bad username and password if I am off my network.
I have checked the Okta app logs and it doesn't even show in the logs. It is like the Okta Windows Credential Provider is blocking my ability to login with cached creds.
Please advise
Through further testing I found that with the Okta Windows Credential Provider installed you have to specify the domain in order to use cached credentials. So for my username I have to type XYZ\JSmith instead of just JSmith. On network I only have to use JSmith as my username. Without Okta Windows Credential Provider installed I only have to use JSmith off network. Can anyone speak to why this is?