Comments (9)
redhook62
commented on July 28, 2024
1
Hi All,
Sorry, i was in holidays.
Version 2.2
The UI is now fixed.
But we are in late with MMC and PowerShell modules.
Without this, it should be difficult to use new features.
Update on some planned features
-
The model for MFA providers completely redesigned to support more scenarios as well as better customization possibilities in the extensions that you have / will develop
-
Additional verification support with PIN codes
-
Wizards for registration and validation on each MFA provider, activatable at each MFA provider
-
Data encryption in SQL mode, if you use the SQL Server 2016 "Always Encrypted" feature (more compliance with RGPD)
-
More features to register / register users to the MFA, especially when using an administrative configuration
-
Multi domain and multi forest support when using Active Directory mode
-
The support for the new model for Azure MFA (well, if you use this component, it's probably that you do not trust Microsoft, I'll talk about this new model in detail and that will surely comfort you your choices ...)
-
Perhaps, German translation ressources
-
And more...
Linked to the workload we have in talking about it, the beta is postponed until the end of June
from adfsmfa.
anorstrom
commented on July 28, 2024
1
Eager to test the new version ;)
Do you have any update on when you can make the beta available?
Kind Regards,
Andreas
from adfsmfa.
redhook62
commented on July 28, 2024
1
Hi
I think that the new version 2.2 early beta will be available at the beginning of the next week (Monday or Tuesday with basic documentation)
Regards
from adfsmfa.
redhook62
commented on July 28, 2024
Hi
Thank you for this return.
We will not be able to make this type of change quickly, we are very busy. on the other hand, version 2.2 will be available soon.
We will not make any more changes on version 2.0, except for blocking bugs.
We will take inspiration from your proposall, for the management of QRcode (especially in administrative mode) in version 2.2,
Normally as soon as the QRcode is displayed, the key must be changed for privacy reasons. We will implement this, as we have been asked before.
It will also have to be suitable for biometric recording (fingerprint or face) that we plan for next 2.5 version.
Regards
from adfsmfa.
anorstrom
commented on July 28, 2024
Thank you for your response.
Looking forward to that.
from adfsmfa.
Ikke
commented on July 28, 2024
Thanks for your work on this!
Any update on when the beta will be released?
Kevin.
from adfsmfa.
kalsure
commented on July 28, 2024
Hi,
I have installed adfsmfa.3.1.2112.0.msi package and configured MFA. It is working for users who are activated with Email and Google app.
We are enabling MFA on email office 365? At first time login office365 it asking code and code already into the email.
Due to this option, the user is unable to log in. even we are sending a Security key for Google App on the same email. How users can activate apps.
Is there any option user can register self its own? After login ADFS password and one time default/generate code for only one session The next page is the QR code with an explanation on how to configure your Authenticator App. User scans, click OK and is then taken back to the first OTP page where he types an OTP code from the Authenticator App and clicks Sign In and logged into office365.
Thank you in advance.
from adfsmfa.
redhook62
commented on July 28, 2024
Hi,
In this case, you should not use an email subject to the MFA ... Let your users use a personal address.
You can also manage which domains are authorized or blaklisted.
If you want users to register a TOTP code and an Email. Check at provider level that the "required" option is active
from adfsmfa.
kalsure
commented on July 28, 2024
Hi,
Thank you for your comment.
We can not use any personal email address here.
So, deactivate the email provider. you will no longer be able to have notifications.
Can we generate a one-time standard code for one session only for all MFA users ?
No, there is one key per user which is linked internally to the user. it's a matter of security.
Not sure why I can not see "Enroll Authenticator App" in Options Management. Even I am using the latest one package.
In "Global Parameters / Management Options" Be sure to have activated "Registration Wizards" and possibly "User Management Options" but it is not necessary.
Then, go to "MFA Providers", make sure that for each provider you want to use, it is marked as active. And also activate "Required" on no, and also activate "Enrollement Wizard" if necessary.
So for you, deactivate the Email Provider, activate the TOTP and Biometric providers, mark them as required for TOTP. and enable Enrollment Wizard on both.
One more, Can we get a report or some audit on which users registered MFA using QR code/Secretkey on google apps on their mobile devices?
No, not currently.
It is possible either by the console or in powershell to filter on the email, the phone number or the name. may be that in the future, additional filtering for the existence of a TOTP key and registered Biometric Devices.
By default, a TOTP key is generated automatically, the user must still be able to scan it ... as to send it by email, this will not be possible in your case
If you have the SQL configuration, just look in the database.
Thank you again.
from adfsmfa.
Related Issues (20)
- MFA Login is denied - Password expired HOT 2
- Disable automatic User Import HOT 11
- Fresh install breaks ADFS completely (adfssrv fails to start: error code 1067) HOT 9
- Prevent forrest wide User Lookup? (MMC and cmdlet long loading time) HOT 2
- MFA Not working on clustered ADFS with MDA HOT 5
- Unable to update e-mail Templates HOT 2
- Issue sending email - requires tls 1.2 HOT 4
- Timeouts if primary ADFS member is not online (Event ID 2011/1011) HOT 9
- MFA new domain in forest HOT 2
- MMC Crash HOT 5
- Initial MFA page shows with delay HOT 1
- PowerShell Add-MFAUsers - Error adding user not found HOT 6
- Login Password issue HOT 5
- The MFA wizard is skipped. HOT 8
- "The process cannot access the file" when trying to run Register-MFASystem HOT 4
- Register-MFASystem - BUG
- Operation Completed Successfully HOT 1
- Biometric auth - Requested value '00000000-0000-0000-0000-000000000000' was not found. HOT 7
- Email provider HOT 5
- Configuration for External Multi-Factor Provider plug HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from adfsmfa.