Exchange 2019 On Premise 2FA activation only for some mailboxes users
Hi ! We have an AD Forest with Exchange 2019 containing multiple MBX and CAS Server with multiple DAG as a Hosted Exchange for our customers. We want to enable 2FA on one of our client's hosted domains. Apparently we can activate it on all CAS for all mailboxes but not only for some. We have tested activating 2FA with ADFS on two CAS servers and it works. Now we want to restrict users using 2FA to only use these two CASs and block access on CASs that do not have 2FA enabled. Because otherwise it is possible to log in via the other CASs on their mailboxes. Does anyone have a solution to do this? I tried to do it with Exchange 2019 new-clientaccessrule commands but it is not possible with Exchange 2019 On Premise servers, some parameters like ExceptAnyOfAuthenticationTypes are not available. We also considered doing: - A second Exchange organization in the same forest (this is not possible).- A second forest with other Exchange servers (new organization) but this involves a lot of servers in our case. Thanks for your advice and help!
Exchange Server 2016 On-Premise and 2FA/MFA
Hi I am trying to find some specific info with regards to Exchange Server 2016 on-premise implementation and 2FA/MFA and not finding much luck. I have a client who is looking to implement a 2FA solution for their on-premise exchange environment. They currently have PingFederate in the environment and are implementing Symantec 2FA as the MFA provider. From my understanding I believe that we can implement 2FA without any problems for OWA but I have also been asked to investigate the implementation of 2FA for EWS, ActiveSync and the Outlook Mobile app. This is where I cannot find information. Is it possible to implement 2FA for these services? Please advise
