Azure Multi-Factor Authentication Server 7.3.0.3 with lots of improvements

After January’s Azure Multi-Factor Authentication Server version 7.2.0.1 release, over the weekend, Microsoft released version 7.3.0.0 of its on-premises Azure Multi-Factor Authentication Server with a lot of performance improvements and other fixes. 

While the changes mentioned in the change log aren’t world shocking, this release should alleviate much of the problems you might have with this product.

 

What’s New

AD FS adapter performance improvements

Azure Multi-Factor Authentication (MFA) Server’s Active Directory Federation Services (AD FS) adapter was put through its paces and several areas have been identified to improve its performance.

Since most organization get on the MFA Server bandwagon using the AD FS Adapter, this is very welcome.

Fix AD FS adapter to handle cultures that aren’t associated with a locale ID

Another improvement in the Active Directory Federation Services (AD FS) adapter has to do with multi-language setups.

Tags performance improvements

In organizations with multi-forest, multi-domain environments with many groups, assigning tags could be terribly slow. Using Global filters was the work around to this, but introduces other challenges,

Log request IDs to allow correlation with backend logs

With the advent of the Web Service SDK Logging feature in Azure Multi-Factor Authentication Server version 7.2.0.1, putting together the jigsaw puzzle with information from each of the logs is improved with the request ID.

Modified AD sync service to clear phone numbers that are cleared in the directory

When you use the Directory Integration feature, and clear the phone number attribute for a (group of) user(s), Azure Multi-Factor Authentication (MFA) Server would not clear it in its database. Starting this version, it does, overriding the ‘keep synchronized’ setting.

Fix for RADIUS one-way text message fallback to OATH token

Fallback methods play an important role in multi-factor authentication, so it’s good to see fixes and improvements in this area.

Fix for passwords that contain leading or trailing spaces

Even though passwords are securely interchanged for the initial handshake towards the Identity Provider (Active Directory, LDAP), in cases with passwords that contain leading or trailing spaces, things might go wrong. This is now fixed.

Change mobile app references from Azure Authenticator to Microsoft Authenticator

While one team may change things, another team might not be able to change gears that fast. After the change from Azure Authenticator to Microsoft Authenticator in last August, the Azure Multi-Factor Authentication (MFA) Server team has finally been able to change all the references in their user interfaces and admin interfaces.

 

Known Issues

Windows Authentication for Remote Desktop Services (RDS) is not supported for Windows Server 2012 R2.

  

Upgrade considerations

You must upgrade MFA Server and Web Service SDK before upgrading AD FS adapter.
Read the guidance in the How to Upgrade section in this blogpost for more information.

  

Download

Version 7.3.0.3 of the on-premises Azure Multi-Factor Authentication (MFA) Server can be downloaded via the old-fashioned Azure Management Portal or straight from the MFA Management Portal:

  1. Log on to the Azure Portal.
  2. In the column on the left that lists all the available items and services, scroll down until you reach ACTIVE DIRECTORY.
  3. In the main pane, select the default directory.
  4. Just above the list of directories, click the text MULTI-FACTOR AUTH PROVIDERS.
  5. Click the Multi-Factor Authentication Provider that you’ve configured for your organization and is marked as Active in the STATUS column.
  6. Click MANAGE in the bottom pane on the general settings for the Multi-Factor Authentication Provider.
  7. This will redirect you to your tenant view of the PhoneFactor Portal.
  8. In the main pane of the portal click on the Downloads header.
  9. Click the Download link below the list of supported platforms.

Save MultiFactorAuthenticationServerSetup.exe to a network location where you can use it from each of the Windows Servers that have Azure Multi-Factor Authentication installed.

 

Concluding

Azure Multi-Factor Authentication Server version 7.3.0.3 adds a lot of performance improvements and other fixes. 

While the changes aren’t world shocking, this release should alleviate much of the problems you might have with this product. I recommend to upgrade to this version to get rid of them.

Related blogposts

Azure Multi-Factor Authentication Server version 7.2.0.1 adds Oracle LDAP Support
Azure Multi-Factor Authentication Server version 7.1.2.1 for your convenience 
Azure Multi-Factor Authentication Server version 7.0.2.1 is here  
Azure Multi-Factor Authentication Server reaches version 7.0.0.9

leave your comment