MFA Support for Azure AD DS joined virtual machines

0
votes

My current setup is a cloud-only Azure AD and Intune managed small organization. We use Azure AD DS services for remote LDAPS sessions for some local authentication needs. We recently set up our first virtual machine Azure. This machine is joined to the Azure AD DS-manged domain. Login is done with the Microsoft account.

Is it a supported functionality to use Azure MFA to secure the login to the virtual machine? The desired functionality would be to have the AD DS authentication to be compatible with the 'normal' azure AD login.

1
azureazure-active-directorymulti-factor-authentication
Hi @jmmanni. Welcome to Stackoverflow. Your question is more suited for ServerFault.com, since it seems to be about user/server administration, and not about programming. Stackoverflow is intended for software development related questions.RasmusW

1 Answers

0
votes

You can technically use Azure MFA for RDP Login. The real question is - do you really want to do that given the complexity of the solution?

I would suggest that you stay to MFA only for the real Azure AD Login, and implement Azure Securty Center JIT Admin for securing the DRP access. You would have much better user experience and much better protected VMs.