This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(220.8, 54%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EK%3C/text%3E%3C/svg%3E)
I am trying to enable Azure MFA for one of our on-premise Sharepoint sites. I am following below answer which I raised some time back.
In this process, I have failed to create the ADFS certificate in our ADFS server. I receive the following error.
Would you be able to give me a suggestion to resolve this error. Many thanks
Hi @Kani · ADFS on Windows Server 2012 doesn't support Azure MFA which is why it is failing to run New-AdfsAzureMfaTenantCertificate. You need to use either Windows server 2016 or 2019 OS for this to work.
This is documented in below paragraph of this doc: Configure Azure MFA as authentication provider with AD FS
Unlike with AD FS in Windows Server 2012 R2, the AD FS 2016 Azure MFA adapter integrates directly with Azure AD and does not require an on premises Azure MFA server. The Azure MFA adapter is built in to Windows Server 2016, and there is no need for additional installation.
-----------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
@AmanpreetSingh-MSFT Thank you for the confirmation. I will check the possibilities of upgrading the server to Windows Server 2016.
BDW is there a workaround to enable this on Server 2012 R2. I mean by installing a specific service pack etc.
Thanks again.
@Kani · Updating service pack won't help. It has to be Windows Server 2016 and the farm behavior level (FBL) needs to be 3.
Which ADFS version is that? Afaik the cmdlet is only available on AD FS v4/Windows Server 2016, older version do not support Azure MFA as provider anyway.
Hi @Vasil Michev ,
Thank you for your answer. We have ADFS version 6.3.0.0 running on Windows server 2012 R2.
In order to fix it would you recommend installing ADFS the same version(6.3.0.0 > V4) in Windows Server 2016. Further our application is hosted on Sharepoint 2016 farm (Windows and form-based users) and I am trying to configure Azure MFA to it.
Thank you,
Hi @Kani ,
This error simply indicates that your PowerShell does not recognize the New-AdfsAzureMfaTenantCertificate PowerShell cmdlet, make sure you have imported the ADFS PowerShell module, this module should also be found if you run the PowerShell cmdlet on your ADFS server.
----------
(If the reply was helpful please don't forget to upvote or accept as answer, thank you)
Best regards,
Leon
Hi @Leon Laude ,
I see thank you. When I type
Get-Module -ListAvailable | select name
I can see ADFS also listed there. 
Would you able to let me know I need to install and import another module.
Thank you,
Try importing the module:
Import-Module -Name ADFS
. Am I missing something else?