Multi Factor Authentication Failed

Questions
1

I am trying to authenticate a Proxmox VM with Okta via RDP. I have followed the instructions in this article:
https://help.okta.com/en/prod/Content/Topics/Security/proc-mfa-win-creds-rdp.htm
The VM is not associated with AD and is a standalone Windows 10 VM in default WORKGROUP.
I have configured the Okta Credentials Provider for Windows correctly.
The username on the VM is: Administrator
Best practice: Okta recommends using a username prefix, as Windows uses the SAMAccountName for login.
The RDP session fails with the error “Multi Factor Authentication Failed”.
image
I have tried different names, but can’t seem to figure out what the SAMAccountName should be. Any ideas on how to troubleshoot this?
Are there any debugging tools in Okta to see what is being received for authentication from the VM’s credentials provider agent?

2

Tried the following things so far:

Any other ideas?

3

Per the Help Center doc you linked to, MFA RDP will only work with Windows Server 2008, 2012, 2016, and 2019.

4

Hi Andrea,

Thank you for responding. I am still stuck and had no luck with the Windows 10 VM. So, I had switched to Windows Server 2019 VM and tried the above steps. I have been able to look at the Okta Logs. It appears that the local Windows user that I created on the standalone VM has the computer name attached to it.
Excerpt from Oktacp.log:
[Timestamp] Serialized credential domain \username=System Name\Username

Somebody had tried to filter out the Domain name using Expression language.


I thought I could do the same by filtering out the System Name. https://developer.okta.com/docs/reference/okta-expression-language/
Unfortunately, Okta does not accept “\” as a valid expression. Trying to escape it by using “\\” does not work.
image
image734×408 16.5 KB

Any other ideas?

5

Unfortunately, this isn’t my area of expertise. You can however reach out to support@okta.com to get further assistance on this particular issue.