A RADIUS client must be configured in the NPS for the ADSelfService Plus server.The server configured as the NPS must have the Azure NPS extension installed and configured using these steps.With pre-existing configuration and user enrollment information in Azure, you can enable Azure AD MFA as an ADSelfService Plus identity verification method using the following steps: Prerequisites: Once Azure AD MFA is successful, the NPS extension returns a RADIUS accept response to the ADSelfService Plus server and the user is granted access.If Microsoft Authenticator verification code, hardware token-based, or SMS-based verification code methods are enabled for Azure AD MFA, the NPS extension returns a RADIUS challenge response to the ADSelfService Plus server and the user is prompted for the verification code.If Microsoft Authenticator push notification or phone call-based verification methods are enabled for Azure AD MFA, the verification request is triggered directly.The NPS extension for Azure MFA contacts the Azure cloud and triggers an MFA request.The ADSelfService Plus server sends a RADIUS request to the Network Policy Server (NPS).The multi-factor authentication page is loaded, and the user initiates Azure AD MFA.The user attempts to log in or perform self-service password reset or account unlock.
Azure AD MFA can be used for identity verification during: This simplifies the configuration process for administrators and provides a familiar authentication experience for end users. If your organization employs Microsoft Azure Active Directory (AD) and uses Azure AD multi-factor authentication (MFA) to secure sign-ins, you can extend Azure AD MFA's use by configuring it as an authentication method for ADSelfService Plus' MFA feature.
0 kommentar(er)
