Azure Active Directory – Multi Factor Authentication through SmartPhone App

Hi there,

today I would like to show, how End-Users can configure their Multi Factor Authentication for Windows Azure Logons. This might be important for them, because they could have different choices on how they would get contacted.
First they can login to their Azure Active Directory Profile, which is available as Users from your On-Premise Active Directory, but also for Users which resides only in the cloud. The URL of the Profile is the following:
https://account.activedirectory.windowsazure.com/profile/default.aspx
The following Webpage appears:
Azure AD Profile
In a DirSync Scenario you can have configured the Password Write-Back to your Active Directory if the Passwort Reset Functionality is needed. But for the purpose of this topic, we need to click on “Additional security verification”. You will find the following options to use a additional verification:
MFA options
We will choose the option to “Notify me through app”, which is the most laziest, in my point of view. When you have selected this option, you have to activate the check Box beyond “Mobile App” and click on configure:
Configure
You will then get the information, what to do, to use the app as an authentication method:
Configure Mobile App
You will also find the three Application Links which you can add to a SCCM Application, this application you can then deploy to your mobile Device Users:
SCCM Application
When you have installed the app on your favorite device, you can then add your account. When this is done, you can click “Save” on the Webpage, and your configured App will be checked for a verification, if you have allowed the Push Notification for the MFA, you get notified and can answer:
AzureMFA06 AzureMFA07
That’s it, lazy MFA is coming 😉
Martin

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s