Existing Azure MFA Server deployments stop working starting September 30, 2024

Microsoft announced the final stage of deprecating Azure Multi-Factor Authentication (MFA) Server.   Deprecating Azure MFA Server Deprecating a crucial element in crucial processes for organizations is not something that Microsoft takes lightly: Since MFA Server 8, released on April 10, 2018. MFA registrations for the Authenticator app flow through the Azure MFA infrastructure instead of … Continue reading "Existing Azure MFA Server deployments stop working starting September 30, 2024"

Multi-Factor Authentication Server version 8.1.1.1 offers migration functionality to seamlessly switch to Azure MFA

On August 30th, 2022, Microsoft released version 8.1.1.1 of its Azure MFA Server product that allows organization to add multi-factor authentication to RADIUS-, AD FS-, IIS-based and other on-premises authentication scenarios. What’s New The release notes mention one change: MFA Server Migration Utility Public Preview The MFA Server Migration Utility helps synchronize multi-factor authentication registrations … Continue reading "Multi-Factor Authentication Server version 8.1.1.1 offers migration functionality to seamlessly switch to Azure MFA"

Manage the use of your AD FS MFA Adapter towards Azure AD with the new federatedIdpMfaBehavior setting

Last month, Microsoft introduced a new setting in Azure AD to protect against by-passing of Azure MFA for organizations who have federated between Azure AD and their on-premises environment. In most cases, organizations who have federated one or more DNS domains with Microsoft 365 (and thus Azure AD) use AD FS to host the ‘Microsoft … Continue reading "Manage the use of your AD FS MFA Adapter towards Azure AD with the new federatedIdpMfaBehavior setting"

Requirements to use Passwordless Phone Sign-in for multiple Work or School accounts

This week, Microsoft announced the availability of Passwordless Phone Sign-in for multiple Work or School accounts in the Microsoft Authenticator app on Apple iOS-based devices. For the Public Preview of this feature, meet the following requirements to be able to use the Authenticator App for Passwordless Sign-ins to multiple Work or School accounts during the … Continue reading "Requirements to use Passwordless Phone Sign-in for multiple Work or School accounts"

Multi-Factor Authentication Server version 8.0.8.1 is here

On March 16th, 2022, Microsoft released version 8.0.8.1 of its Azure MFA Server product that allows organization to add multi-factor authentication to RADIUS-, AD FS-, IIS-based and other on-premises authentication scenarios. What’s New The release notes mention one change: Microsoft fixed an issue with IIS Authentication passed sessions to User Portal. Known Issues Windows Authentication … Continue reading "Multi-Factor Authentication Server version 8.0.8.1 is here"

Multi-Factor Authentication Server version 8.0.7.1 fixes an issue with One-Way SMS Performance

After 8 months, it’s time for an update to Microsoft’s product that allows organization to add multi-factor authentication to RADIUS-, AD FS-, IIS-based and other on-premises authentication scenarios. Last week, Microsoft released version 8.0.7.1 of it’s Azure MFA Server as an update to Azure MFA Server version 8.0.6.1. What’s New The release notes mention one … Continue reading "Multi-Factor Authentication Server version 8.0.7.1 fixes an issue with One-Way SMS Performance"

KnowledgeBase: Windows Hello for Business satisfies Smartcard is required for interactive logon requirements

One of the main strategies for securing privileged accounts in Active Directory Domain Services seems to enable the Smartcard is required for interactive logon option on members of the Domain Admins security group. Typically, that required deploying (virtual) smartcards, but there is a far easier way that is currently being wildly adopted: Windows Hello for … Continue reading "KnowledgeBase: Windows Hello for Business satisfies Smartcard is required for interactive logon requirements"

TODO: Migrate from Azure MFA Server to Azure multi-factor authentication

This week, Microsoft made available guidance to migrate from Azure MFA Server to Azure multi-factor authentication (Azure MFA). While Microsoft officially still supports its on-premises Azure MFA Server product, the reality for organizations using MFA Server for multi-factor authentication purposes is harsh: Since MFA Server 8, released on April 10, 2018. MFA registration for the … Continue reading "TODO: Migrate from Azure MFA Server to Azure multi-factor authentication"

Multi-Factor Authentication Server version 8.0.6.1 fixes an issue on Slave Servers

Roughly 6 months ago, on August 25th 2020, we saw the release of Microsoft Multi-factor Authentication Server (MFA Server) version 8.0.5.1. Now it’s time for an update to Microsoft’s product that allows organization to add multi-factor authentication to RADIUS-, AD FS-, IIS-based and other on-premises authentication scenarios. This week, Microsoft released version 8.0.6.1. What’s New … Continue reading "Multi-Factor Authentication Server version 8.0.6.1 fixes an issue on Slave Servers"

KnowledgeBase: Some users receive an "We're sorry, we ran into a problem" error when registering Azure MFA

Today, Raymond and I troubleshooted an issue for several people who received the ‘Sorry, we ran into a problem’ error when trying to register their security information. As is our mutual expectation, I decided to document the issue. When you run into the same situation, you might find it helpful.   The situation An Azure … Continue reading "KnowledgeBase: Some users receive an "We're sorry, we ran into a problem" error when registering Azure MFA"