![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 37%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
4,591 questions
Hi @Suresh S ,
New installation of on-premise MFA is deprecated by Microsoft. Now you need to use Azure MFA Service to implement MFA for your on-premises SharePoint server. Which means, you don't have to install MFA on a server in your on-premises environment and you can leverage MFA cloud offering by Microsoft.
Please refer to this article to use Form-Based IIS Authentication with Azure Multi-Factor Authentication Server:Configure Azure Multi-Factor Authentication Server for IIS web apps
==============
Update
You need to federate your SharePoint server with ADFS and configure Azure MFA as authentication provider with AD FS. All the step-by-step instructions are mentioned in this doc:
Configure Azure MFA as authentication provider with AD FS
There is a prerequisite saying "Your on-premises environment is federated with Azure AD" in the article above,but the public users you configure with FBA are not in Active Directory to sync with Azure AD.Since we are using Azure MFA Service, user identity must be present in the Azure AD tenant. In your case, you can add the external users as Guest users to your tenant by sending invitation to their email address. Once they redeem the invitation, you can configure conditional access policy to trigger MFA for guest users. Please refer to below docs for this purpose:
Add Azure Active Directory B2B collaboration users in the Azure portal
Enforce multi-factor authentication for B2B guest users
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.