dougdog
asked on
365 MFA roll out problems and best practice
advice on configuring and using 365 MFA
We are currently testing MFA
We have an issue where when a user changes their password or when they are getting prompted for MFA
Multiple Applications are popping up asking for MFA
sometimes the user gets so many prompts they are entering the wrong code
so when a password is changed or the policy is changed
outlook pops up looking MFA
Skype pops up looking MFA
SharePoint Online Pops up looking MFA
We are also using ADFS and sometimes the federated login can get in a loop asking users to sign in repeatedly
I seen an article about caching but i think this may be only related to MFA on prm server
Im just looking advice and best practice on getting MFA rolled out to all users with as little pain as possible
We are currently testing MFA
We have an issue where when a user changes their password or when they are getting prompted for MFA
Multiple Applications are popping up asking for MFA
sometimes the user gets so many prompts they are entering the wrong code
so when a password is changed or the policy is changed
outlook pops up looking MFA
Skype pops up looking MFA
SharePoint Online Pops up looking MFA
We are also using ADFS and sometimes the federated login can get in a loop asking users to sign in repeatedly
I seen an article about caching but i think this may be only related to MFA on prm server
Im just looking advice and best practice on getting MFA rolled out to all users with as little pain as possible
Last Comment
You can search experts-exchange.com for modern authentication and you will find lots post
ASKER
looking to hear from people using it
why would it be popping up multiple times etc
how did people find implementing it
why would it be popping up multiple times etc
how did people find implementing it
If u have not enabled modern authentication you will face issues after u enabling mfa
However modern authentication itself have its own requirements
Hence at start i asked you question.. But you didn't answered that
However modern authentication itself have its own requirements
Hence at start i asked you question.. But you didn't answered that
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
we have modern auth turned on for exchange and skype
does the caching work with cloud mfa or is it on prem mfa
was confused by the mfa server settings in the azure portal
does the caching work with cloud mfa or is it on prem mfa
was confused by the mfa server settings in the azure portal
Works for both. The settings you should be looking at are the ones in the O365 portal: https://account.activedirectory.windowsazure.com/UserManagement/MfaSettings.aspx?culture=en-US&BrandContextID=O365
ASKER
we do use adfs
sometime i notice outlook can get in a loop and keep prompting for codes
does caching work with the cloud though?
is it a good idea to remember devices and skip if users are federated
sometime i notice outlook can get in a loop and keep prompting for codes
does caching work with the cloud though?
is it a good idea to remember devices and skip if users are federated
SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Security
Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection. Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.
32K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
Enable it and ensure that you will enable mfa only for those users who have latest office software installed like O365, office 2016 or 2013 sp1 with latest patches