In this video, Pete Zerger explains Multi-Factor Authentication (MFA) in the federated identity model with Active Directory Federation Services. Learn the authentication process flow and additional MFA features that come in the federated identity model.
- [Instructor] Let's talk about multi-factor authentication…in the Federated Identity model.…In this scenario, the model requires a synchronized identity…but with one major difference,…the user password is verified by…the on-premises identity provider,…Windows Server Active Directory.…Federated Identity requires…Active Directory Federation Services or ADFS.…ADFS also brings support for…additional factors of authentication to MFA…that we don't see in the synchronized module,…such as the addition of certificate based authentication…or use of hardware tokens.…
In the Federated model, the ADFS server is called…the Secure Token Service.…The active directory server is the identity provider,…and in this example Office 365…is known as the relying party.…The relying party, Office 365 in this example,…receives tokens for identification and authorization.…Both internal and external client will access…the ADFS server by the same name, in our case,…fed.kinetecoinc.com…which means we'll use split brain DNS…so internal and external clients…
In this course—the first in the series—Microsoft MVP Pete Zerger takes you through the basics of setting up endpoint protection. He begins by explaining how to set up Azure Active Directory Premium. Next, he goes into enabling multi-factor authentication, followed by setting conditions for secure access. To wrap up, Pete covers managing mobile devices with Intune, and publishing applications with Azure AD App Proxy.
- Setting up Azure Active Directory for an organization
- Enabling user-level and application-level multi-factor authentication
- Setting conditions for secure access
- Planning a mobile device management (MDM) strategy
- How Intune (standalone) MDM works
- How Intune mobile application management works
- Publishing applications with Azure AD App Proxy
- Assigning users and groups