Hi @milo last
Thank you for reaching out to the Microsoft Q&A platform. Happy to answer your question.
To integrate Citrix Virtual Apps and Desktop with M365 MFA services, you can use Microsoft Entra ID as the identity provider.
This requires setting up Entra Connect sync or Microsoft Cloud sync to synchronize your on-premises AD with Entra ID. Once you have set up Entra Connect, you can enable MFA for your users in Entra ID.
Since your customer is using an on-premises AD server, they will need to synchronize their on-premises directory with Entra ID. This can be done using Entra Connect sync or Cloud sync, which will enable them to manage user identities and credentials in the cloud. Azure AD will be the backbone for implementing MFA services.
Once your directory is synchronized to Entra ID you can set up MFA in Entra ID. with the Entra ID you can create conditional access policies that define the conditions under which users can access corporate resources. These policies can enforce MFA under certain conditions, such as when users are accessing resources from outside the corporate network.
Reference: https://learn.microsoft.com/en-us/entra/identity/authentication/concept-mfa-howitworks
https://learn.microsoft.com/en-us/entra/identity/authentication/tutorial-enable-azure-mfa
https://www.microsoft.com/en-us/security/business/identity-access/microsoft-entra-mfa-multi-factor-authentication
Hope this helps. Do let us know if you any further queries.
Thanks,
Akhilesh.
If this answers your query, do click Accept Answer
and Yes
for was this answer helpful. And, if you have any further query do let us know.