question

DTSupport-3094 avatar image
0 Votes"
DTSupport-3094 asked ·

Seamless SSO and Azure MFA

Hello,

We are testing staged Seamless SSO. It appears to be passing though our passwords just fine but we are getting MFA'ed when accessing any O365 resource. We have a conditional access rule setup and our local network IPs are added to the trusted locations lists but it does not appear to be working. As soon I I remove my account from the group we are testing seamless SSO with we no longer see the MFA prompt from an on-premise domain joined machine.

If I test seamless SSO and turn off the conditional access rule for MFA, it passing everything right through. Is their something with seamless SSO and Azure MFA that inst supported or is this the expected result. Microsoft said Seamless SSO is still in preview so I am curious if anyone else can share their experience.

We are looking to move from on-prem ADFS to Azure Cloud Auth with Password Hash and Seamless SSO.

Appreciate any feedback or help.

azure-active-directory
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

JaiVerma-7010 avatar image
0 Votes"
JaiVerma-7010 answered ·

Do you mean Hyrbrid AADJ machine? Did you check if your machine is HAADJ and if the user has a valid PRT? Run below command to check if your user has PRT

dsregcmd /status

AzurePRT: Yes <<<<<<This should be yes.

Also check the sign in logs what policy and control is applying and why?

· Share
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.