After January’s Azure Multi-Factor Authentication Server version 22.214.171.124 release, over the weekend, Microsoft released version 126.96.36.199 of its on-premises Azure Multi-Factor Authentication Server with a lot of performance improvements and other fixes.
While the changes mentioned in the change log aren’t world shocking, this release should alleviate much of the problems you might have with this product.
AD FS adapter performance improvements
Azure Multi-Factor Authentication (MFA) Server’s Active Directory Federation Services (AD FS) adapter was put through its paces and several areas have been identified to improve its performance.
Since most organization get on the MFA Server bandwagon using the AD FS Adapter, this is very welcome.
Fix AD FS adapter to handle cultures that aren’t associated with a locale ID
Another improvement in the Active Directory Federation Services (AD FS) adapter has to do with multi-language setups.
Tags performance improvements
In organizations with multi-forest, multi-domain environments with many groups, assigning tags could be terribly slow. Using Global filters was the work around to this, but introduces other challenges,
Log request IDs to allow correlation with backend logs
With the advent of the Web Service SDK Logging feature in Azure Multi-Factor Authentication Server version 188.8.131.52, putting together the jigsaw puzzle with information from each of the logs is improved with the request ID.
Modified AD sync service to clear phone numbers that are cleared in the directory
When you use the Directory Integration feature, and clear the phone number attribute for a (group of) user(s), Azure Multi-Factor Authentication (MFA) Server would not clear it in its database. Starting this version, it does, overriding the ‘keep synchronized’ setting.
Fix for RADIUS one-way text message fallback to OATH token
Fallback methods play an important role in multi-factor authentication, so it’s good to see fixes and improvements in this area.
Fix for passwords that contain leading or trailing spaces
Even though passwords are securely interchanged for the initial handshake towards the Identity Provider (Active Directory, LDAP), in cases with passwords that contain leading or trailing spaces, things might go wrong. This is now fixed.
Change mobile app references from Azure Authenticator to Microsoft Authenticator
While one team may change things, another team might not be able to change gears that fast. After the change from Azure Authenticator to Microsoft Authenticator in last August, the Azure Multi-Factor Authentication (MFA) Server team has finally been able to change all the references in their user interfaces and admin interfaces.
Windows Authentication for Remote Desktop Services (RDS) is not supported for Windows Server 2012 R2.
You must upgrade MFA Server and Web Service SDK before upgrading AD FS adapter.
Read the guidance in the How to Upgrade section in this blogpost for more information.
- Log on to the Azure Portal.
- In the column on the left that lists all the available items and services, scroll down until you reach ACTIVE DIRECTORY.
- In the main pane, select the default directory.
- Just above the list of directories, click the text MULTI-FACTOR AUTH PROVIDERS.
- Click the Multi-Factor Authentication Provider that you’ve configured for your organization and is marked as Active in the STATUS column.
- Click MANAGE in the bottom pane on the general settings for the Multi-Factor Authentication Provider.
- This will redirect you to your tenant view of the PhoneFactor Portal.
- In the main pane of the portal click on the Downloads header.
- Click the Download link below the list of supported platforms.
Save MultiFactorAuthenticationServerSetup.exe to a network location where you can use it from each of the Windows Servers that have Azure Multi-Factor Authentication installed.
Azure Multi-Factor Authentication Server version 184.108.40.206 adds a lot of performance improvements and other fixes.
While the changes aren’t world shocking, this release should alleviate much of the problems you might have with this product. I recommend to upgrade to this version to get rid of them.
Azure Multi-Factor Authentication Server version 220.127.116.11 adds Oracle LDAP Support
Azure Multi-Factor Authentication Server version 18.104.22.168 for your convenience
Azure Multi-Factor Authentication Server version 22.214.171.124 is here
Azure Multi-Factor Authentication Server reaches version 126.96.36.199