本地RDS 2016的Azure MFA Cloud不适用于所有用户. [英] Azure MFA Cloud with on premise RDS 2016 not for all users.

问题描述

嗨

我已在本地2016域中部署了Azure MFA Cloud.在没有MFA服务器的前提下.

一切正常，但是未启用MFA的用户无法再登录.

并非每个用户都需要MFA.

我该如何解决?

解决方案

如果这是AD FS适配器，则可以使用AD FS策略仅要求特定安全组中的用户使用MFA.
如果这是NPS Extension，则可以设置2组NPS服务器，一组使用NPS Extension，而另一组不使用.然后，您可以使用领域将需要MFA的用户指向正确的NPS组，而将不需要的用户指向另一个NPS组.

请参考 为尚未注册MFA的用户做准备.您可以选择在创建用户时创建此密钥并将其设置为FALSE，并且可能尚未全部注册Azure MFA.但是，由于设置密钥允许未注册MFA的用户 要登录，您应该在生产之前删除此密钥.

------------------------------------------------- --------------------------------------------

如果此答案有帮助，请单击标记为答案"或上投票".提供其他反馈 在您的论坛体验中，点击 解决方案

If this is AD FS Adapter, then you could use AD FS policy to only require MFA for users in a particular security group.
If this is NPS Extension, then you could set up 2 groups of NPS servers, one with NPS Extension and the other without. You could then use realms to point users that require MFA to the correct NPS group and those that don't to the other.

Refer to this documentation part on Prepare for users that aren't enrolled for MFA. You can choose to create this key and set it to FALSE while your users are onboarding, and may not all be enrolled for Azure MFA yet. However, since setting the key permits users that aren't enrolled for MFA to sign in, you should remove this key before going to production.

---------------------------------------------------------------------------------------------

If this answer was helpful, click "Mark as Answer" or "Up-Vote". To provide additional feedback on your forum experience, click here

这篇关于本地RDS 2016的Azure MFA Cloud不适用于所有用户.的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！