Home

Azure Active Directory Domain Services + Azure Multi-Factor Authentication (MFA) ??

%3CLINGO-SUB%20id%3D%22lingo-sub-148773%22%20slang%3D%22en-US%22%3EAzure%20Active%20Directory%20Domain%20Services%20%2B%20Azure%20Multi-Factor%20Authentication%20(MFA)%20%3F%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-148773%22%20slang%3D%22en-US%22%3E%3CP%3EHi!%3C%2FP%3E%0A%3CP%3Emy%20scenario%3A%3C%2FP%3E%0A%3CP%3E%E2%80%9CAzure%20Active%20Directory%20Domain%20Services%E2%80%9D%20is%20ready%20setup%20in%20Azure.%20A%20VM%20is%20added%20to%20Azure%20and%20added%20to%20the%20Azure%20AD.%20On%20this%20VM%20is%20running%20a%20website%20on%20IIS%20that%20is%20public%20facing%20(443).%20User%20can%20logon%20to%20this%20with%20his%20Azure%20AD%20user%20accounts.%20All%20user%20has%20%E2%80%9CAzure%20Multi-Factor%20Authentication%E2%80%9D%20(MFA)%20enabled%20in%20Azure.%3CBR%20%2F%3ENow%3A%20How%20I%20can%20configure%20the%20IIS%20site%20to%20use%20%E2%80%9CAzure%20Multi-Factor%20Authentication%E2%80%9D%3F%3C%2FP%3E%0A%3CP%3ERegards%2C%3C%2FP%3E%0A%3CP%3EPawel%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-148773%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EIdentity%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMulti-Factor%20Authentication%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESecurity%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-149778%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20Active%20Directory%20Domain%20Services%20%2B%20Azure%20Multi-Factor%20Authentication%20(MFA)%20%3F%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-149778%22%20slang%3D%22en-US%22%3E%3CP%3Ethen%20you%20need%20to%20add%20your%20App%20(IIS%20Website)%20to%20Azure%20AD%20first%3A%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fdevelop%2Factive-directory-integrating-applications%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fdevelop%2Factive-directory-integrating-applications%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-149762%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20Active%20Directory%20Domain%20Services%20%2B%20Azure%20Multi-Factor%20Authentication%20(MFA)%20%3F%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-149762%22%20slang%3D%22en-US%22%3E%3CP%3EThere%20is%20no%20App.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-149757%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20Active%20Directory%20Domain%20Services%20%2B%20Azure%20Multi-Factor%20Authentication%20(MFA)%20%3F%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-149757%22%20slang%3D%22en-US%22%3E%3CP%3ESo%20you%20have%20your%20app%20registered%20in%20Azure%20AD%2C%20right%3F%20then%20is%20just%20a%20few%20more%20steps%20to%20require%20MFA%20for%20your%20app%2C%20using%20Access%20Rules%20and%20Conditional%20Access%3A%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Factive-directory-applications-guiding-developers-for-lob-applications%23configure-access-rules%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Factive-directory-applications-guiding-developers-for-lob-applications%23configure-access-rules%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
Pawel Bojkowski
Occasional Contributor

Hi!

my scenario:

“Azure Active Directory Domain Services” is ready setup in Azure. A VM is added to Azure and added to the Azure AD. On this VM is running a website on IIS that is public facing (443). User can logon to this with his Azure AD user accounts. All user has “Azure Multi-Factor Authentication” (MFA) enabled in Azure.
Now: How I can configure the IIS site to use “Azure Multi-Factor Authentication”?

Regards,

Pawel

3 Replies

So you have your app registered in Azure AD, right? then is just a few more steps to require MFA for your app, using Access Rules and Conditional Access:

 

https://docs.microsoft.com/en-us/azure/active-directory/active-directory-applications-guiding-develo...