Can Azure AD MFA work with on-prem Active Directory? Our entire infrastructure is Microsoft on-prem solutions (AD, Exchange, SQL, SharePoint, Office, etc). We do have Microsoft 365 Basic which allows us to use the free version of Azure AD. We currently have our AD accounts synchronizing between on-prem and Azure AD. I've got MFA enabled for Azure AD, but it only works when signing into something Azure related. If I sign into an on-prem AD-joined device, it doesn't recognize I have MFA enabled in Azure AD for my user account.
1 Answers
0
votes
we have two options available.
- To trigger Azure MFA on RDP to On-premises VMs or to connect to On-premises VPN etc.The Network Policy Server (NPS) extension for Azure allows customers to safeguard Remote Authentication Dial-In User Service (RADIUS) client authentication using Azure's cloud-based Multi-Factor Authentication (MFA). this enables secure verification for users attempting to sign in to a Remote Desktop Gateway. check This to Integrate your Remote Desktop Gateway infrastructure using the Network Policy Server (NPS) extension and Azure AD
- To protect On-premises web applications, such as OWA, SharePoint etc., they need to federate the web applications to ADFS and configure ADFS to use Azure MFA for 2nd factor of authentication. If your organization is federated with Azure AD, you can use Azure Multi-Factor Authentication to secure AD FS resources, both on-premises and in the cloud. reference
