Seamless SSO and Azure MFA

DT_Support 21 Reputation points


We are testing staged Seamless SSO. It appears to be passing though our passwords just fine but we are getting MFA'ed when accessing any O365 resource. We have a conditional access rule setup and our local network IPs are added to the trusted locations lists but it does not appear to be working. As soon I I remove my account from the group we are testing seamless SSO with we no longer see the MFA prompt from an on-premise domain joined machine.

If I test seamless SSO and turn off the conditional access rule for MFA, it passing everything right through. Is their something with seamless SSO and Azure MFA that inst supported or is this the expected result. Microsoft said Seamless SSO is still in preview so I am curious if anyone else can share their experience.

We are looking to move from on-prem ADFS to Azure Cloud Auth with Password Hash and Seamless SSO.

Appreciate any feedback or help.

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
13,557 questions
No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Jai Verma 451 Reputation points

    Do you mean Hyrbrid AADJ machine? Did you check if your machine is HAADJ and if the user has a valid PRT? Run below command to check if your user has PRT

    dsregcmd /status

    AzurePRT: Yes <<<<<<This should be yes.

    Also check the sign in logs what policy and control is applying and why?