• Task Detailed Steps
  • WindowsAzureMultiFactorAuthentication Note
  • Sign in On the AD FS sign-in page, sign in as JohnF@ . Under the Multi-Factor Authentication heading, click Continue
  • Continue Note
    		•

    cd 'C:\Program Files\Multi-Factor Authentication Server' .\Register-MultiFactorAuthenticationAdfsAdapter.ps1 net stop adfssrv net start adfssrv




    Download 78.77 Kb.
    bet5/8
    Sana22.07.2021
    Hajmi78.77 Kb.
    #15678
    1   2   3   4   5   6   7   8
    cd 'C:\Program Files\Multi-Factor Authentication Server'
    .\Register-MultiFactorAuthenticationAdfsAdapter.ps1
    net stop adfssrv
    net start adfssrv


    Configure AD FS Authentication Policy and Test Multi-Factor Authentication


    Task

    Detailed Steps



    Complete these steps from an internet-connected Windows computer.

    Enforce MFA for all external users

    1. On the DC1 VM, logged on as corp\LabAdmin, open AD FS Management

    1. Click Yes

    2. In the left navigation pane, click Authentication Policies

    3. In the right actions pane, click Edit Global Multi-factor Authentication

    4. At the bottom of the dialog box, select WindowsAzureMultiFactorAuthentication

    Note: Note the various criteria which can be configured to invoke multi-factor authentication for a user at a global level.

    1. Under Locations, select Extranet

    2. Click OK

    3. Leave the AD FS page open, we will need it again

    Authenticate as an external user with multi-factor authentication and complete the fallback registration process

    1. From your local machine, open Internet Explorer and navigate to https://portal.office.com

    1. Click Continue'>Sign in

    2. On the AD FS sign-in page, sign in as JohnF@.

    3. Under the Multi-Factor Authentication heading, click Continue

    4. When you receive a text message from Microsoft, reply to the text with the six-digit verification code to complete authentication.

    5. After completing multi-factor authentication, AD FS prompts you to provide answers for a number of questions so your identity can be verified as a fallback method - supply answers for all questions and click Continue

    Note: This feature is implemented by Azure Multi-Factor Authentication, but is presented seamlessly as part of the AD FS sign-in experience.

    1. You should now be redirected to Azure AD as an authenticated user, where Azure AD will stop you to invoke its own multi-factor authentication which we configured for JohnF already - complete authentication

    2. Close Internet Explorer

    Add a new claim rule to supress the AAD MFA


    Download 78.77 Kb.
    1   2   3   4   5   6   7   8




    Download 78.77 Kb.
    Bosh sahifa
    Aloqalar
        Bosh sahifa
    Dərs
    Mühazirə
    Qaydalar
    Referat
    Xülasə
    Yazı


    cd 'C:\Program Files\Multi-Factor Authentication Server' .\Register-MultiFactorAuthenticationAdfsAdapter.ps1 net stop adfssrv net start adfssrv

    Download 78.77 Kb.