locked
AD FS 4.0 / 2016 Hardware tokens RRS feed

  • Question

  • Is it still necesarry to install the MFA software to use hardware tokens in AD FS 4.0? In the past you had to install the MFA software and import the serialnumber of the hardware token, but i can't find any documentation explaining how it works in AD FS 4.0. Planning on using the Deepnet SafeID OTP hardware token.
    • Edited by Marc-1983 Tuesday, March 6, 2018 1:44 PM
    Tuesday, March 6, 2018 1:44 PM

All replies

  • You'll need to install the provider on each ADFS server (it's usually registering a DLL via an installer provided by the vendor) and then run a cmdLet to register the provider with ADFS.


    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Tuesday, March 6, 2018 2:50 PM
  • Thank you for the reply. Is there a manual available or an example?

    Edit: nevermind the example, found a few. But is AD FS 4.0 fully compatible with the Azure MFA software?

    • Edited by Marc-1983 Tuesday, March 6, 2018 5:52 PM
    Tuesday, March 6, 2018 3:56 PM
  • You can use Azure MFA as an MFA provider (or even as a primary auth) as long as you have licenses for it.

    Unless you mean Azure MFA Server? In that case it is an on-prem stuff (still requires licenses but the flow works differently).


    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Tuesday, March 6, 2018 6:52 PM
  • I ment the Azure MFA server as there are no instructions on how to register for example an DLL file
    Tuesday, March 6, 2018 9:12 PM
  • I see. The default Azure MFA provider you see in ADFS on Windows Server 2016 is the cloud-based MFA.

    The Azure MFA server still need to be configured like in ADFS on Windows Server 2012 R2. See there: https://docs.microsoft.com/en-us/azure/multi-factor-authentication/multi-factor-authentication-get-started-adfs-w2k12


    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Wednesday, March 7, 2018 4:13 PM