Hybrid Azure MFA

vittorioaddeo94 · ‎Apr 15 2020

Hi everyone, is It possible to use the On-Premise Azure MFA Server only for some specific users and the Azure MFA cloud based for the other users of the Organization? This hybrid implementation is needed because for some specific users we need that the OTP codes or OATH codes that we generate and send to these users must be used in asynchronous mode, and this is possible only through the following configuration within the Azure MFA server:

Go to HKLM\Software\Wow6432Node\Positive Networks\PhoneFactor.
Create a DWORD registry key called pfsvc_pendingSmsTimeoutSeconds and set the time in seconds that you want the Azure MFA Server to store one-time passcodes.

Is not possible tho achieve the same result with the only use of Azure MFA cloud based service, because is not possible to set this storage time of the OTP codes or OATH codes.

Thank you in advance.

Regards,

Vittorio

Thijs Lecomte · ‎Apr 15 2020

It's not possible to configure this for AAD indeed and I doubt it will be supported in the future.

Please keep in mind that Azure MFA server is legacy and will disappear sometime.

I would advise you to keep away from it and try to find your way with AAD

vittorioaddeo94 · ‎Apr 15 2020

@Thijs LecomteThanks for the answer, yes, I know, but It is the only way that we found in order to set the time period of the OTP codes in order to use them in async mode. There are other way to achieve this goal with the Azure MFA?

Thijs Lecomte · ‎Apr 15 2020

From the limited documentation I can find, this is not possible for AAD MFA

Hybrid Azure MFA

Hybrid Azure MFA

Re: Hybrid Azure MFA

Re: Hybrid Azure MFA

Re: Hybrid Azure MFA

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Hybrid Azure MFA