Skip to content

Commit ded69c1

Browse files
JustinhaJustinha
committed
Update howto-mfaserver-adfs-2.md
1 parent 939e28f commit ded69c1

File tree

1 file changed

+3
-3
lines changed

1 file changed

+3
-3
lines changed

articles/active-directory/authentication/howto-mfaserver-adfs-2.md

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
---
22
title: Use Azure MFA Server with AD FS 2.0 - Azure Active Directory
3-
description: This is the Azure Multi-Factor authentication page that describes how to get started with Azure MFA and AD FS 2.0.
3+
description: Describes how to get started with Azure MFA and AD FS 2.0.
44

55
services: multi-factor-authentication
66
ms.service: active-directory
@@ -88,10 +88,10 @@ You enabled IIS authentication, but to perform the pre-authentication to your Ac
8888

8989
1. Next, click the **Company Settings** icon and select the **Username Resolution** tab.
9090
2. Select the **Use LDAP unique identifier attribute for matching usernames** radio button.
91-
3. If users enter their username in "domain\username" format, the Server needs to be able to strip the domain off the username when it creates the LDAP query. That can be done through a registry setting.
91+
3. If users enter their username in "domain\username" format, the Server needs to be able to strip the domain off the username when it creates the LDAP query, which can be done through a registry setting.
9292
4. Open the registry editor and go to HKEY_LOCAL_MACHINE/SOFTWARE/Wow6432Node/Positive Networks/PhoneFactor on a 64-bit server. If on a 32-bit server, take the "Wow6432Node" out of the path. Create a DWORD registry key called "UsernameCxz_stripPrefixDomain" and set the value to 1. Azure Multi-Factor Authentication is now securing the AD FS proxy.
9393

94-
Ensure that users have been imported from Active Directory into the Server. See the [Trusted IPs section](#trusted-ips) if you would like to allow internal IP addresses so that two-step verification is not required when signing in to the website from those locations.
94+
Make sure users are imported from Active Directory into the Server. To allow users to skip two-step verification from internal IP addresses, see the [Trusted IPs](#trusted-ips).
9595

9696
![Registry editor to configure company settings](./media/howto-mfaserver-adfs-2/reg.png)
9797

0 commit comments

Comments
 (0)