Jon Webster

My feedback

  1. 5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Networking » VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
  2. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Azure Active Directory » Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
    Jon Webster shared this idea  · 
  3. 271 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    48 comments  ·  Azure Active Directory » Domain Services  ·  Flag idea as inappropriate…  ·  Admin →

    CONFIRMED that NPS and Azure AD Domain Service can work with the Azure MFA NPS extension to enable MFA for RDP to virtual machines. That said, Azure Bastion Host (https://docs.microsoft.com/en-us/azure/bastion/bastion-overview) provides the same value without the additional infrastructure of NPS. We have a doc bug created to add the nuance to our documentation, which is to 1) Skip registering the NPS server and 2) ensure your network policy has “Ignore user account dial-in properties” selected.
    Leaving the topic open as we continue to investigate/validate other NPS use cases (e.g. VPN and 802.x scenarios)

    Mike Stephens
    Senior Program Manager
    Azure Identity
    IAM Core | Domain Services

    Jon Webster commented  · 

    Using the Azure MFA Server is also not possible because NPS requires "Enterprise Admin" rights.

    Jon Webster supported this idea  · 
    Jon Webster commented  · 

    The following article describes how to configure NPS/RADIUS. However, due to limitations with AAD:DS we are unable to complete the setup successfully.

    https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-nps-extension-rdg

    I posed an issue to the document for assistance configuring the NPS Extension after the ICM request to assist with the necessary change was rejected.

    https://github.com/MicrosoftDocs/azure-docs/issues/13203

    The lack of NPS/RADIUS support is a major challenge in pitching the solution to upper management

  4. 241 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    43 comments  ·  Azure Active Directory » Azure AD Join  ·  Flag idea as inappropriate…  ·  Admin →
    Jon Webster supported this idea  · 
  5. 26 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Networking » VPN Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    Jon Webster supported this idea  · 
  6. 75 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    triaged  ·  2 comments  ·  Networking » Network Security Groups  ·  Flag idea as inappropriate…  ·  Admin →
    Jon Webster supported this idea  · 
  7. 30 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Jon Webster supported this idea  · 
  8. 12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Azure Backup » MARS  ·  Flag idea as inappropriate…  ·  Admin →
    Jon Webster commented  · 

    We currently use IaaS Azure Backup of VMs, which is limited to backing up to the local datacenter. We looked at using the Azure Backup Agent as a means to backup VMs to an alternate datacenter after the recent issue with storage layer in our current azure region recently.

    Jon Webster supported this idea  · 
  9. 30 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Networking » Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    Jon Webster shared this idea  · 
  10. 8 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Logic Apps » Designer  ·  Flag idea as inappropriate…  ·  Admin →
    Jon Webster shared this idea  · 
  11. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Logic Apps » Designer  ·  Flag idea as inappropriate…  ·  Admin →
    Jon Webster shared this idea  · 
  12. 2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Logic Apps » Designer  ·  Flag idea as inappropriate…  ·  Admin →
    Jon Webster shared this idea  · 
  13. 33 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Azure Backup » Management  ·  Flag idea as inappropriate…  ·  Admin →
    Jon Webster shared this idea  · 
  14. 4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    started  ·  1 comment  ·  Azure Active Directory » Azure AD Connect  ·  Flag idea as inappropriate…  ·  Admin →
    Jon Webster supported this idea  · 

Feedback and Knowledge Base