When looking back, I realized we’ve been working with Microsoft’s on-premises Azure Multi-Factor Authentication (MFA) Server version 7.3.0.3 for a year. This week, Microsoft released a new version of it’s on-premises authentication security product: version 8.0.0.3.
What’s New
Registration experience improvements on mobile
Using MFA Server’s mobile portal, end-users may register the authenticator app on their mobile device using a QR-code. This experience has been improved.
Improved interaction with AD Sync
Azure MFA Server leverages MFA Providers in Azure Active Directory. Azure AD Connect offers synchronization of user objects (and, in some scenarios, password hashes) from Active Directory to Azure Active Directory. To allow both products to work optimally together, several changes have been made to MFA Server.
Support for TLS 1.2 for LDAP, User Portal to Web Service SDK, and SChannel replication
As MFA Server communicates to back-end systems and allows communication to its Web Service SDK, it’s imperative to allow the strongest available encryption for data in transit. MFA Server 8 now offers TLS 1.2 support for:
- Communication from MFA Server to LDAP stores
- Communication to MFA Server’s User Portal and Web Service SDK
- Communication with Active Directory Domain Controllers
Compliance with General Data Protection Regulation
MFA Server is now in compliance with Europe’s General Data Protection Regulation (GDPR). The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union.
The proposed new EU data protection regime extends the scope of the EU data protection law to all foreign companies processing data of EU residents. It provides for a harmonization of the data protection regulations throughout the EU. GDPR is implemented per EU country and has different names in some of them
Accessibility improvements to User Portal, MFA Server management, and installation
To allow people with disabilities, like impairments, activity limitations, and participation restrictions, to use MFA Server, Microsoft has made several improvements to the User Portal, Management Console and Installation Wizard.
As Microsoft believes 25% of people live with disabilities, not just limited to speech, hearing or eyesight, but also autism and ADHD. these improvements are welcome, even though they might break your current branding strategy.
Miscellaneous bug fixes and improvements
Several more bug fixes and improvements have been made to MFA Server 8.
Known Issues
Windows Authentication for Remote Desktop Services (RDS) is not supported for Windows Server 2012 R2.
Upgrade considerations
You must upgrade MFA Server and Web Service SDK before upgrading the User Portal or AD FS adapter.
Read the guidance in the How to Upgrade section in this blogpost for more information.
Download
You can download Azure Multi-Factor Authentication Server 8.0.0.3 here.
The download weighs 182.2 MB.
Version information
This is version 8.0.0 of Azure Multi-Factor Authentication Server.
It was signed off on April 10, 2018.
I've heard that version 8 is the last version for Azure MFA on-premise. Microsoft direction is to deprecate the on-premise version and only continue developing Azure AD MFA.
Have you heard of this?