we got to work MFA on Windows Server 2016, with NPS, IIS, MFA, Azure etc. and the verification via phone call works great. Now we have problem with Mobile phone authentication.
When I log in to the appropriate web site with my domain\login and password (which is synchronized to Azure), I authenticate via phone call and in the next step I click on "Activate Mobile App" and then "Generate authentication code". I get a QR code, which I scan with MFA mobile application. After few seconds I get an error message "Unable to add the account" - Unexpected error. Please contact your local IT administrator to resolve the problem."
In the MultiFactorAuthSvc log is this message:
WMI error: -2147217394
Couldn't read credential identified by 'PfSmtp'. Element not found.
The time in log is 1 hour late. I don't know if this could be the problem.
We used this tutorial to install MFA: https://docs.microsoft.com/en-us/azure/multi-factor-authentication/multi-factor-authentication-get-started-server-webservice
Thank you for any advice.
