Gerry

My feedback

  1. 33 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    10 comments  ·  Automation » Start / Stop VM  ·  Flag idea as inappropriate…  ·  Admin →
    Gerry supported this idea  · 
  2. 254 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    40 comments  ·  Azure Active Directory » Domain Services  ·  Flag idea as inappropriate…  ·  Admin →

    CONFIRMED that NPS and Azure AD Domain Service can work with the Azure MFA NPS extension to enable MFA for RDP to virtual machines. That said, Azure Bastion Host (https://docs.microsoft.com/en-us/azure/bastion/bastion-overview) provides the same value without the additional infrastructure of NPS. We have a doc bug created to add the nuance to our documentation, which is to 1) Skip registering the NPS server and 2) ensure your network policy has “Ignore user account dial-in properties” selected.
    Leaving the topic open as we continue to investigate/validate other NPS use cases (e.g. VPN and 802.x scenarios)

    Mike Stephens
    Senior Program Manager
    Azure Identity
    IAM Core | Domain Services

    Gerry supported this idea  · 
    Gerry commented  · 

    @Mark Lawton. Yes without any on prem AD. It was about 18 months ago this was set up but its still working. I'm trying to remember if there was an issue with the NPS registration, but, it still worked regardless. In any case, we have NPS running on a windows azure VM authenticating against AADDS using radius.

    Gerry commented  · 

    We have this working. Currently have VM running NPS acting as a radius server authenticating users against AADDS.

  3. 46 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Gerry supported this idea  · 
  4. 13 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    need-feedback  ·  1 comment  ·  Azure Active Directory » Domain Services  ·  Flag idea as inappropriate…  ·  Admin →
    Gerry supported this idea  · 
  5. 32 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Virtual Machines » Windows  ·  Flag idea as inappropriate…  ·  Admin →
    Gerry shared this idea  · 
  6. 700 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    71 comments  ·  Azure Active Directory » Authentication  ·  Flag idea as inappropriate…  ·  Admin →
    Gerry supported this idea  · 
    Gerry commented  · 

    Also looking for this functionality. We have the same set up as Antonio Soares. This solution works, however, there is a catch 22 with password changes because AADDS is not a writeable directory. Also, as Azure portal users users do not get any notifications from Azure AD that the password is going to expire it makes things even worse.

  7. 1,245 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    144 comments  ·  Azure Active Directory » SaaS Applications  ·  Flag idea as inappropriate…  ·  Admin →

    We’re continuing to investigate options for adding this support. There are technical challenges to overcome in order to make this happen. We thank you for all your valuable comments so far, and welcome any additional feedback you have on what are the most important use cases involved with these scenarios.

    Gerry supported this idea  · 

Feedback and Knowledge Base