Question

There are big question marks above my head regarding SharePoint 2019 and Azure MFA...

We're running a three tier SharePoint Single Server Farm, each with a High Trust Provider Hosted App. After that's finished and everything runs smoothly the Multi-Factor-Authentication should come on top. But unfortunately I can't find (maybe I searched the wrong way) any usable informations to do so. Here and there are some forum topics which aren't clear enough for me (like this: https://social.msdn.microsoft.com/Forums/en-US/0dde4b1b-c144-44c6-a169-ef88d5cc9aff/mfa-for-sharepoint-server-2019-in-azure-vms?forum=WindowsAzureAD).

Maybe some of you have some other sources where to look and how to get MFA working with SharePoint 2019 hosted on Azure VMs.

No correct solution

OTHER TIPS

You can either use the Azure AD integration (I don't recommend this due to needing to configure SAML on SharePoint) or use Azure AD App Proxy which will let you use Kerberos Constrained Delegation, but requires you to deploy additional VMs to support the farm. For the Azure AD App Proxy tutorial with SharePoint, you do not need to use a different name for the internal and external URLs, their tutorial just shows that path.

With either solution, you will use the standard Microsoft Online login screen where your MFA policy is enforced. You can also add Conditional Access Policies, if required.

Licensed under: CC-BY-SA with attribution
Not affiliated with sharepoint.stackexchange
scroll top