Recently, I’ve been involved in some larger on-premises Azure Multi-Factor Authentication (MFA) Server projects as a senior engineer with a couple of demanding customers. It’s been a lot of fun and quite the roller coaster ride.
One of the things I noticed while consulting on Microsoft’s Azure Multi-Factor Authentication Server, is that its marketing department is doing a really great job on positioning the product as the all-in-one solution for all multi-factor authentication needs a Microsoft technology-oriented organization might have.,
The truth is that the product is not there, yet.
The table below states the authentication methods possible per supported protocol with the on-premises Multi-Factor Authentication Server, based on version 7.1.2.1:
1 If the RADIUS client supports entering an OTP together with the password in the password field, this authentication method is supported.
Additionally, please note that, currently, the only way to enable multi-factor authentication for Windows-integrated or Forms-based authentication for web apps, is to install the Azure Multi-Factor Authentication Server product onto a server running Internet Information Services (IIS). The IIS Module is not a separately installable module, like the AD FS adapter is. Also, you can enforce multi-factor authentication on other types of web servers (Apache, NGINX, etc.) using ARR on the Server running IIS and the Azure Multi-Factor Authentication Server.
Related blogposts
Azure Multi-Factor Authentication Server version 7.1.2.1 for your convenience
Choosing the right Azure MFA authentication methods
Further reading
Azure Multi-Factor Authentication – Part 1: Introduction and licensing
Azure Multi-Factor Authentication – Part 2: Components and traffic flows
Azure Multi-Factor Authentication – Part 3: Configuring the service and server
Azure Multi-Factor Authentication – Part 4: Portals
Azure Multi-Factor Authentication – Part 5: Settings
Azure Multi-Factor Authentication – Part 6: Onboarding
Azure Multi-Factor Authentication – Part 7: Securing AD FS
Azure Multi-Factor Authentication – Part 8: Delegating Administration
This article is quite dated. Is there an updated version of this information? I know some things have changed with Azure MFA since 2016. Also, is the table information above dependent upon which version you have, on prem vs Cloud?
This resource is awesome! Thanks!