We required users to install the Duo app on their phones since we wanted everyone to have the seamless experience of getting push notifications for authentication (our users would have complained incessantly if the MFA process took more than a few seconds). It was easy to push the Duo client via GPO. As I mentioned, our goal was using MFA for remote logins via RDC and Duo MFA fit perfectly and is only $3/per user/month. While I got helpful answers.they weren't what I wanted to hear! I have dumped the MS 365 MFA and we are now using Duo MFA. Please be kind.this is my first experience with Azure AD and MFA. If the user logs in to they are prompted for MFA but when they login to their PC they are not. Once the user registers the user state changes to Enforced in AAD. We are already using SSO and I have enabled password write-back in both on-prem & Azure AD. We want to use MFA when users login to there PC's (eventually we will only want MFA when accessed remotely but just trying to get it working on-premise now)Īccording to the Microsoft document entitled "Enable per-user Azure Multi-Factor Authentication to secure sign-in events" it is as easy as turning on MFA per user in Azure AD, having the user register their authentication methods and voila it should work, but it doesn't. Windows Server 2019 Standard on-premises with Azure AD Connect installed & current
Microsoft 365 Business Premium - all apps installed/accessed on-premises with current updates and Exchange Online.
I am hoping this will be easy for all of you experts out there.
0 kommentar(er)
