Enabling MFA on ADFS v3.0 - Windows 2012 R2 RRS feed

  • Question

  •  We have existing ADFS 3.0 (win 2012 R2) working for some applications.

     One new application requires MFA (3rd party plugin for MFA from Gemalto that is installed on ADFS server).

     Part of the plugin installation steps requires to enable MFA as secondary authentication in Global Authentication settings for ADFS.

     Question is: if this will impact existing applications (as we don't have MFA or any impact to them)? 

     Also incase if MFA is going to get enabled for all, is there a way to exempt applications from it?

    Shahid Roofi

    Wednesday, October 9, 2019 12:43 PM


  • You can chose what relying party trust will require MFA: https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/configure-authentication-policies#to-configure-multi-factor-authentication-per-relying-party-trust

    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Friday, October 11, 2019 10:40 PM