MFA for VMware is no longer working, possible Azure issue

Schifter, Gabriela 165 Reputation points
2024-04-30T14:56:05.5233333+00:00

Our SAML certificate in Azure for Single Sign on for VMware expired yesterday. We created a new certificate and set it to be Active, and then downloaded the metadata for that certificate and uploaded it to our UAG. Unfortunately, this did not work as expected, so currently our MFA for VMware has been turned off to allow our users to login to our environment.

Azure VMware Solution
Azure VMware Solution
An Azure service that runs native VMware workloads on Azure.
362 questions
Microsoft Entra
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,480 questions
0 comments No comments
{count} votes

Accepted answer
  1. Gowtham CP 5,375 Reputation points
    2024-05-13T09:30:29.7766667+00:00

    Hello @Schifter, Gabriela ,

    Thanks for reaching out in the Microsoft Q&A!

    Ah, it seems like there's an issue with Multi-Factor Authentication (MFA) for VMware using Azure Active Directory (Azure AD) Single Sign-On (SSO). The trouble arose because of an expired SAML certificate in Azure AD, even though a new one was created. Possible reasons could include mistakes in setting up the new certificate, problems with the metadata uploaded to the Universal Access Gateway (UAG), or temporary glitches on Azure's end. To fix it, you should check the certificate configuration in Azure AD, ensure the UAG has the correct metadata, keep an eye on any changes. It might also help to consult below documentation:

    1. Manage app registrations in Azure Active Directory
    2. Azure AD single sign-on SAML configuration
    3. VMware Identity Manager documentation

    Hopefully, you can get MFA working smoothly again soon!

    If you found this solution helpful, consider accepting it.

    0 comments No comments

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.