Solved

Windows 2003 Active Directory with Azure/PhoneFactor 2 stage auth log for failed login

Posted on 2014-03-10
3
77 Views
Last Modified: 2016-03-07
We just installed Windows Azure (was PhoneFator) and integrated it with Windows 2003 Active Directory.  We succeeded in enabling 2-stage SMS text-based authentication with Azure (yay!).  I used to be able to see all AD login rejections in RRAS logs but that is no longer occurring.  

I can see 2-stage auth failures in the Azure logs for actual user failures that are configured with 2 stage authentication.  I can see non-user (fake names like 'abc') attempts logged there as well.

What I cannot see in any log is when a user that is *not* configured to use 2 stage authentication has a failed login attempt.

Does anyone know where that log entry might be found?
0
Comment
Question by:FDC2005
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 33

Expert Comment

by:Busbar
ID: 39920163
Hi,
by default users not configured for auth will authenticate successfully, make sure that ou disable this on users' properties.
0
 

Accepted Solution

by:
FDC2005 earned 0 total points
ID: 39921338
Thanks for your response.  We have one user who cannot use the 2 stage auth for a while, so they will need to remain as not configured to use 2 stage for now.  They will still need to present their password as previous.  My question was in regard to where I can find failed attempts for this special case of not using 2 stage auth since I am able to see the other 2 cases already of users with 2 stage auth enabled  and undefined users ( such as a fake user 'abc').  

I did figure out my own resolution.  There are 2 logs in Azure/PhoneFactor that when combined will contain all 3 categories of failures:
c:\Program Files\Multi-Factor Authentication Server\Logs\MultiFactorAuthRadiusSvc.log
c:\Program FIles\Multi-Factor Authentication Server\Logs\MultiFactorAuthSvc.log

Thanks!
0
 

Author Closing Comment

by:FDC2005
ID: 41494973
We found the log files.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the market for a new backup solution for Windows Server 2016? Follow these guidelines to get the most bang for your buck.
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question