You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/active-directory/authentication/howto-mfaserver-adfs-2.md
+7-7Lines changed: 7 additions & 7 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -43,12 +43,12 @@ To secure AD FS 2.0 with a proxy, install the Azure Multi-Factor Authentication
43
43
44
44
45
45
4. To detect username, password, and domain variables automatically, enter the login URL (like `https://sso.contoso.com/adfs/ls`) within the Auto-Configure Form-Based Website dialog box and click **OK**.
46
-
5. Check the **Require Azure Multi-Factor Authentication user match** box if all users have been or will be imported into the Server and subject to two-step verification. If a significant number of users have not yet been imported into the Server and/or will be exempt from two-step verification, leave the box unchecked.
47
-
6. If the page variables cannot be detected automatically, click the **Specify Manually…** button in the Auto-Configure Form-Based Website dialog box.
46
+
5. Check the **Require Azure Multi-Factor Authentication user match** box if all users have been or will be imported into the Server and subject to two-step verification. If a significant number of users haven't yet been imported into the Server and/or will be exempt from two-step verification, leave the box unchecked.
47
+
6. If the page variables can't be detected automatically, click the **Specify Manually…** button in the Auto-Configure Form-Based Website dialog box.
48
48
7. In the Add Form-Based Website dialog box, enter the URL to the AD FS login page in the Submit URL field (like `https://sso.contoso.com/adfs/ls`) and enter an Application name (optional). The Application name appears in Azure Multi-Factor Authentication reports and may be displayed within SMS or Mobile App authentication messages.
49
49
8. Set the Request format to **POST or GET**.
50
50
9. Enter the Username variable (ctl00$ContentPlaceHolder1$UsernameTextBox) and Password variable (ctl00$ContentPlaceHolder1$PasswordTextBox). If your form-based login page displays a domain textbox, enter the Domain variable as well. To find the names of the input boxes on the login page, go to the login page in a web browser, right-click on the page and select **View Source**.
51
-
10. Check the **Require Azure Multi-Factor Authentication user match** box if all users have been or will be imported into the Server and subject to two-step verification. If a significant number of users have not yet been imported into the Server and/or will be exempt from two-step verification, leave the box unchecked.
51
+
10. Check the **Require Azure Multi-Factor Authentication user match** box if all users have been or will be imported into the Server and subject to two-step verification. If a significant number of users haven't yet been imported into the Server and/or will be exempt from two-step verification, leave the box unchecked.
52
52
53
53
54
54
@@ -58,7 +58,7 @@ To secure AD FS 2.0 with a proxy, install the Azure Multi-Factor Authentication
58
58
- Cache successful authentications to the website using cookies
59
59
- Select how to authenticate the primary credentials
60
60
61
-
12. Since the AD FS proxy server is not likely to be joined to the domain, you can use LDAP to connect to your domain controller for user import and pre-authentication. In the Advanced Form-Based Website dialog box, click the **Primary Authentication** tab and select **LDAP Bind** for the Pre-authentication Authentication type.
61
+
12. Since the AD FS proxy serverisn't likely to be joined to the domain, you can use LDAP to connect to your domain controller for user import and pre-authentication. In the Advanced Form-Based Website dialog box, click the **Primary Authentication** tab and select **LDAP Bind** for the Pre-authentication Authentication type.
62
62
13. When complete, click **OK** to return to the Add Form-Based Website dialog box.
63
63
14. Click **OK** to close the dialog box.
64
64
15. Once the URL and page variables have been detected or entered, the website data displays in the Form-Based panel.
@@ -97,14 +97,14 @@ Make sure users are imported from Active Directory into the Server. To allow use
97
97
98
98
## AD FS 2.0 Direct without a proxy
99
99
100
-
You can secure AD FS when the AD FS proxy is not used. Install the Azure Multi-Factor Authentication Server on the AD FS server and configure the Server per the following steps:
100
+
You can secure AD FS when the AD FS proxyisn't used. Install the Azure Multi-Factor Authentication Server on the AD FS server and configure the Server per the following steps:
101
101
102
102
1. Within the Azure Multi-Factor Authentication Server, click the **IIS Authentication** icon in the left menu.
103
103
2. Click the **HTTP** tab.
104
104
3. Click **Add**.
105
105
4. In the Add Base URL dialogue box, enter the URL for the AD FS website where HTTP authentication is performed (like `https://sso.domain.com/adfs/ls/auth/integrated`) into the Base URL field. Then, enter an Application name (optional). The Application name appears in Azure Multi-Factor Authentication reports and may be displayed within SMS or Mobile App authentication messages.
106
106
5. If desired, adjust the Idle timeout and Maximum session times.
107
-
6. Check the **Require Azure Multi-Factor Authentication user match** box if all users have been or will be imported into the Server and subject to two-step verification. If a significant number of users have not yet been imported into the Server and/or will be exempt from two-step verification, leave the box unchecked.
107
+
6. Check the **Require Azure Multi-Factor Authentication user match** box if all users have been or will be imported into the Server and subject to two-step verification. If a significant number of users haven't yet been imported into the Server and/or will be exempt from two-step verification, leave the box unchecked.
108
108
7. Check the cookie cache box if desired.
109
109
110
110
@@ -115,7 +115,7 @@ You can secure AD FS when the AD FS proxy is not used. Install the Azure Multi-F
115
115
116
116
Azure Multi-Factor Authentication is now securing AD FS.
117
117
118
-
Ensure that users have been imported from Active Directory into the Server. See the Trusted IPs section if you would like to allow internal IP addresses so that two-step verification is not required when signing in to the website from those locations.
118
+
Ensure that users have been imported from Active Directory into the Server. See the Trusted IPs section if you would like to allow internal IP addresses so that two-step verificationisn't required when signing in to the website from those locations.
0 commit comments