Solved

Windows 2003 Active Directory with Azure/PhoneFactor 2 stage auth log for failed login

Posted on 2014-03-10
3
68 Views
Last Modified: 2016-03-07
We just installed Windows Azure (was PhoneFator) and integrated it with Windows 2003 Active Directory.  We succeeded in enabling 2-stage SMS text-based authentication with Azure (yay!).  I used to be able to see all AD login rejections in RRAS logs but that is no longer occurring.  

I can see 2-stage auth failures in the Azure logs for actual user failures that are configured with 2 stage authentication.  I can see non-user (fake names like 'abc') attempts logged there as well.

What I cannot see in any log is when a user that is *not* configured to use 2 stage authentication has a failed login attempt.

Does anyone know where that log entry might be found?
0
Comment
Question by:FDC2005
  • 2
3 Comments
 
LVL 33

Expert Comment

by:Busbar
ID: 39920163
Hi,
by default users not configured for auth will authenticate successfully, make sure that ou disable this on users' properties.
0
 

Accepted Solution

by:
FDC2005 earned 0 total points
ID: 39921338
Thanks for your response.  We have one user who cannot use the 2 stage auth for a while, so they will need to remain as not configured to use 2 stage for now.  They will still need to present their password as previous.  My question was in regard to where I can find failed attempts for this special case of not using 2 stage auth since I am able to see the other 2 cases already of users with 2 stage auth enabled  and undefined users ( such as a fake user 'abc').  

I did figure out my own resolution.  There are 2 logs in Azure/PhoneFactor that when combined will contain all 3 categories of failures:
c:\Program Files\Multi-Factor Authentication Server\Logs\MultiFactorAuthRadiusSvc.log
c:\Program FIles\Multi-Factor Authentication Server\Logs\MultiFactorAuthSvc.log

Thanks!
0
 

Author Closing Comment

by:FDC2005
ID: 41494973
We found the log files.
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

INTRODUCTION The purpose of this document is to demonstrate the Installation and configuration of the Data Protection Manager product. Note that this demonstration was prepared on the basis of Windows OS is 2008 R2 and DPM 2010. DATA PROTECTI…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now