Getting started I encourage you to download and install the NPS extension for Azure MFA from the Microsoft Download Center and start testing this feature. The NPS Extension for Azure MFA is available to customers with licenses for Azure Multi-Factor authentication (included with Azure AD Premium, EMS, or an MFA subscription). In addition, you will need Windows Server 2008 R2 SP1 or above with the NPS component enabled. All users using the NPS extension must be synced to Azure Active Directory using Azure AD Connect and be registered for MFA. To install the extension, simply run the installation package and the PowerShell script it generates, which associates the extension with your tenant. Then, configure your RADIUS client to authenticate through your NPS Server. The fine print This release of the NPS Extension for Azure MFA targets new deployments and does not include tools to migrate users and settings from MFA Server to the cloud. Like with MFA Server, once you enable MFA for a RADIUS client using the NPS Extension, all authentications for this client will be required to perform MFA. If you want to enable MFA for some RADIUS clients but not others, you can configure two NPS servers and install the extension on only one of them. Configure RADIUS clients that you want to use MFA with to send requests to the NPS server configured with the extension, and other RADIUS clients to send requests to the NPS server that don't have the extensions. We appreciate your feedback We would love to hear your feedback. If you have any suggestions for us, questions, or issues to report, please leave a comment at the bottom of this post, send a note to the NPS Extension team, or tweet with the hashtag #AzureAD.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.