Share via

Is MFA possible with on-prem Active Directory, if you sync your AD with Azure AD (but dont use anything else in Azure)?

James Auman 6 Reputation points
2021-07-08T17:35:38.39+00:00

Can we use MFA if we don't use Azure for anything other than basic Azure Active Directory services? I can see where you can enable MFA, but it appears that only supports logins to Azure-related services. If I sign into an on-prem AD-joined device, I don't get prompted for MFA. Today we only have the free version of Azure AD (via Microsoft 365 basic)

Microsoft Security | Microsoft Entra | Microsoft Entra ID

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Leon Laude 86,026 Reputation points
    2021-07-08T17:48:22.143+00:00

    Hi @James Auman ,

    You'll find the prerequisites for different deployment scenarios of Azure AD MFA over here:

    Prerequisites for deploying Azure AD MFA
    https://learn.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-getstarted#prerequisites-for-deploying-azure-ad-mfa

    ----------

    If the reply was helpful please don't forget to upvote and/or accept as answer, thank you!

    Best regards,
    Leon

    0 comments
  2. Manu Philip 20,206 Reputation points MVP Volunteer Moderator
    2021-07-08T17:52:04.81+00:00

    On-Premises MFA Server is deprecated. So, Microsoft does not support MFA server for new deployments. Existing implementations of MFA server would still work.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.