This forum has migrated to Microsoft Q&A. Visit Microsoft Q&A to post new questions.

Remove From My Forums

Authentication policy locations

Question
0

Sign in to vote

I am wondering how ADFS sets or uses to determine the locations. The Intranet and Extranet locations do not seem to affect machines internally.

In Authentication Policy, if I set Extranet location or Unregistered devices, I get MFA prompt from outside.

If I just select Intranet location, I do not get MFA prompt from outside. This tells me the Extranet location works from outside.

Selecting all or any options, I cannot get MFA prompt from inside.

Wednesday, October 31, 2018 9:13 AM

All replies

0

Sign in to vote

Extranet policy = the connexion is coming through a WAP server, the WAP servers add some headers and the ADFS servers will know it's coming from them.

Intranet policy = the connexion is hitting directly ADFS servers, no WAP involved.
Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

Thursday, November 1, 2018 12:47 AM
0

Sign in to vote

Hi , Thanks for that.

I am not getting a MFA prompt from inside. How can I diagnose where this is going wrong?

Thursday, November 1, 2018 1:38 AM
0

Sign in to vote

Can you share your policies details?
Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

Thursday, November 1, 2018 2:56 AM
0

Sign in to vote

Hi

Does this cover what you are looking for?

Thursday, November 1, 2018 3:12 AM