SOLVED
Home

Configure AD FS 2016 and Azure MFA - How do I get the guid for Azure Multi-Factor Auth Client?

%3CLINGO-SUB%20id%3D%22lingo-sub-178987%22%20slang%3D%22en-US%22%3EConfigure%20AD%20FS%202016%20and%20Azure%20MFA%20-%20How%20do%20I%20get%20the%20guid%20for%20Azure%20Multi-Factor%20Auth%20Client%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-178987%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20All%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EI%20am%20trying%20to%26nbsp%3B%3CSPAN%3EConfigure%20AD%20FS%202016%20and%20Azure%20MFA%3C%2FSPAN%3E%20as%20shown%20on%20the%20Microsoft%20site%3A%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows-server%2Fidentity%2Fad-fs%2Foperations%2Fconfigure-ad-fs-and-azure-mfa%23step-1-generate-a-certificate-for-azure-mfa-on-each-ad-fs-server-using-the-new-adfsazuremfatenantcertificate-cmdlet%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows-server%2Fidentity%2Fad-fs%2Foperations%2Fconfigure-ad-fs-and-azure-mfa%23step-1-generate-a-certificate-for-azure-mfa-on-each-ad-fs-server-using-the-new-adfsazuremfatenantcertificate-cmdlet%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EIt%20says%20%22%3CSPAN%3E981f26a1-7f43-403b-a875-f8b09b8cd720%20is%20the%20guid%20for%20Azure%20Multi-Factor%20Auth%20Client%22%20but%20doesn't%20show%20how%20we%20get%20this%20GUID.%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%3EWhen%20I%20try%20the%20command%20I%20get%20an%20error%20message%20I%20think%20is%20related%20to%20the%20GUID.%20How%20do%20I%20get%20the%26nbsp%3Bguid%20for%20Azure%20Multi-Factor%20Auth%20Client%3F%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%3CSPAN%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F31484i7EE46D61573E7F40%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20alt%3D%22AAAAAAAAA.png%22%20title%3D%22AAAAAAAAA.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EI%20hope%20you%20can%20help%3CBR%20%2F%3EColin%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-178987%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EActive%20Directory%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EAD%20Azure%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EADFS%202016%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EAzure%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Emfa%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMulti-Factor%20Authentication%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EPoweShell%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-179158%22%20slang%3D%22en-US%22%3ERe%3A%20Configure%20AD%20FS%202016%20and%20Azure%20MFA%20-%20How%20do%20I%20get%20the%20guid%20for%20Azure%20Multi-Factor%20Auth%20Client%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-179158%22%20slang%3D%22en-US%22%3E%3CP%3EThe%20screenshot%20you%20posted%20uses%20a%20different%20GUID%2C%20make%20sure%20you%20provide%20exactly%20%22981f26a1-7f43-403b-a875-f8b09b8cd720%22%20as%20the%20value%20for%20-AppPrincipalID.%20As%20explained%20in%20the%20article%2C%20this%20is%20the%20id%20of%20the%20Azure%20MFA%20application%20that%20exists%20in%20your%20tenant%3A%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CPRE%3EGet-MsolServicePrincipal%20-AppPrincipalId%20981f26a1-7f43-403b-a875-f8b09b8cd720%0A%0AExtensionData%20%20%20%20%20%20%20%20%20%3A%20System.Runtime.Serialization.ExtensionDataObject%0AAccountEnabled%20%20%20%20%20%20%20%20%3A%20True%0AAddresses%20%20%20%20%20%20%20%20%20%20%20%20%20%3A%20%7BMicrosoft.Online.Administration.RedirectUri%7D%0AAppPrincipalId%20%20%20%20%20%20%20%20%3A%20981f26a1-7f43-403b-a875-f8b09b8cd720%0ADisplayName%20%20%20%20%20%20%20%20%20%20%20%3A%20Azure%20Multi-Factor%20Auth%20Client%0AObjectId%20%20%20%20%20%20%20%20%20%20%20%20%20%20%3A%2081376720-790b-4752-bce1-a769de2bb39b%0AServicePrincipalNames%20%3A%20%7B981f26a1-7f43-403b-a875-f8b09b8cd720%2C%20AzureMulti-FactorAuthClient%7D%0ATrustedForDelegation%20%20%3A%20False%3C%2FPRE%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
C Edwards
Contributor

Hi All,

 

I am trying to Configure AD FS 2016 and Azure MFA as shown on the Microsoft site:

 

 

https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/configure-ad-fs-and-azure-...

 

It says "981f26a1-7f43-403b-a875-f8b09b8cd720 is the guid for Azure Multi-Factor Auth Client" but doesn't show how we get this GUID.

 

When I try the command I get an error message I think is related to the GUID. How do I get the guid for Azure Multi-Factor Auth Client? 

AAAAAAAAA.png

 

I hope you can help
Colin

1 Reply
Highlighted
Solution

The screenshot you posted uses a different GUID, make sure you provide exactly "981f26a1-7f43-403b-a875-f8b09b8cd720" as the value for -AppPrincipalID. As explained in the article, this is the id of the Azure MFA application that exists in your tenant:

 

Get-MsolServicePrincipal -AppPrincipalId 981f26a1-7f43-403b-a875-f8b09b8cd720

ExtensionData         : System.Runtime.Serialization.ExtensionDataObject
AccountEnabled        : True
Addresses             : {Microsoft.Online.Administration.RedirectUri}
AppPrincipalId        : 981f26a1-7f43-403b-a875-f8b09b8cd720
DisplayName           : Azure Multi-Factor Auth Client
ObjectId              : 81376720-790b-4752-bce1-a769de2bb39b
ServicePrincipalNames : {981f26a1-7f43-403b-a875-f8b09b8cd720, AzureMulti-FactorAuthClient}
TrustedForDelegation  : False

 

Related Conversations
SharePoint 2016 / sharepoint online
Share24x7 in SharePoint on
1 Replies
Get the user role from Azure AD by Laravel azure ad oauth
Arulraj123 in Azure on
0 Replies
Microsoft Developer Virtual Conference
Jenn Jinhong in Community Events List on
0 Replies
MFA device details
Maarten Faes in Microsoft Identity Manager on
0 Replies
Multi table query
sundarzee in Access on
3 Replies