May 30 2023 02:17 PM
Currently we have ADFS server running on Windows 2012. The plan is to get off DUO MFA and onto Azure MFA.
What is the best approach to this in a staged migration, with the end goal to get rid of Federation all together
Thanks
Jun 02 2023 12:16 AM - edited Jun 02 2023 12:24 AM
The below article outlines steps on how to move away from AD FS to Azure AD
AD FS Decommission Reference | Microsoft Learn
Migrate from MFA Server to Azure AD Multi-Factor Authentication - Microsoft Entra | Microsoft Learn
I would still recommend to keep Duo as for MFA for on-prem Infra MFA like VPN access or network admin for on-prem devices , where Azure AD might be bit tough to handle unless you introduce Azure Arc which is mostly restricted to on-prem VMs windows/linux
Please "Accept as Answer" if it helped so it can help others in community looking for help on similar topics.