Share via

Questions regarding on-prem MFA integrated with on-prem Azure and credentials

Rice, Kevin J 20 Reputation points
2024-01-08T19:59:32.2633333+00:00

I need to change the credentials used by MFA ADFS Adapter on my on-prem ADFS farm. The farm consists of 3 Windows Server 2016 systems using a WID database. Would it just be a matter of updating the relevant config file and running the registration cmdlet again or would the adapter need to be un-registered first? If it needs to be un-registered, would any access control policies be affected by un-registering in that case?

Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,213 questions
0 comments
Accepted answer
  1. Azar 20,665 Reputation points
    2024-01-08T20:07:21.59+00:00

    Hi
    Rice, Kevin J

    I think its better to start with unregistering the existing MFA ADFS Adapter. This can be done using a PowerShell cmdlet provided by the MFA solution.

    and yes unregistering an authentication, such as an MFA adapter, in ADFS can potentially affect access control policies.

    Unregister-AdfsAuthenticationProvider -TypeName <AdapterTypeName>

    Theb Update the relevant config files with the new credentials. likw the MFA Adapter configuration file and any other config files associated with your MFA solution.

    lastly Register the MFA Adapter again with the updated credentials.

    Register-AdfsAuthenticationProvider -TypeName <AdapterTypeName> -Name <AdapterName>

    If this helps kindly accept the answer thanks much.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest