Can I use my existing MFA Server with Remote Desktop Gateway without storing users in the cloud? How will the licensing work if I am no longer able to create new auth providers?

Ryan Hill 25,216 Reputation points Microsoft Employee
2019-10-29T22:38:04.62+00:00

Can I use my existing MFA Server with Remote Desktop Gateway without storing users in the cloud? How will the licensing work if I am no longer able to create new auth providers?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,102 questions
0 comments No comments
{count} votes

Accepted answer
  1. Marilee Turscak-MSFT 33,211 Reputation points Microsoft Employee
    2019-10-29T22:40:22.553+00:00

    You cannot create an auth provider but it is still supported to use MFA Server with RDG. MFA is per user licensing now, rather than auth providers. An Azure MFA Auth provider is used to take advantage of the features provided by Azure MFA for users who do not have licenses.

    You do need either a Premium P1 or P2 license because MFA is sold as part of those licenses. New customers may no longer purchase Azure Multi-Factor Authentication as a standalone offering effective September 1st, 2018. Multi-factor authentication MFA will continue to be an available feature in Azure AD Premium License. You get a subset of features in Office 365 subscriptions with MFA.

    It is full MFA or nothing going forward. If you have an authentication provider you can keep using it but you cannot create any new ones, even with the Premium license.

    Source: MSDN https://social.msdn.microsoft.com/Forums/vstudio/en-US/f163c764-caab-44b3-8eda-b7a589b70115/azure-mfa-server-licenses?forum=windowsazureactiveauthentication

    0 comments No comments

0 additional answers

Sort by: Most helpful