Posts Tagged ‘2fa’

 

 

Here are the steps to remove unnecessary Authenticator app/OAuth hardware token so that we can register new Authenticator app for this account:

 

  1. Visit https://myapps.microsoft.com login with account
  2. Click on the account at upper right corner, then click on “Profile”:

  1. Click on “Additional security verification” or “Edit security info”, pass MFA with SMS message.

  1. Now we will be able to manage Authenticator app/OAuth hardware token for this account, remove unnecessary ones so that we can register a new Authenticator app. Depending on whether the tenant has enabled converged registration experience, it will look like this:

 

Or this:

 

n the end I had to follow this link:L

 

https://account.activedirectory.windowsazure.com/proofup.aspx?proofup=1

 

From this post:

 

https://docs.microsoft.com/en-us/azure/active-directory/user-help/multi-factor-authentication-end-user-manage-settings

 

It enabled me to re-very my mobile number and take me to this page where I could delete the Auth app device:

 

 

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Error

that determining the Current Master Multi-Factor Authentication Server. the user interface will close

Things to check 

  1. Make sure the server can access via IE

2. Make sure you have a valid Subscription in Azure

If you have been using a Trial this might of expired , you need to be at least on a pay as you go subscription. You need to manually change this

3. Make sure you have a Multi-Factor Auth Provider in your Azure Login

Login to https://manage.windowsazure.com/

New Portal 

https://aad.portal.azure.com/#blade/Microsoft_AAD_IAM/MultifactorAuthenticationMenuBlade/Providers/fromProviders//hasMFALicense/

Just follow the steps

  1. Jump into C:\Program Files\Multi-Factor Authentication Server\Data
  2. Unhide the all folders and files
  3. Rename the LicenseKey to Licensekey.old
  4. Re Open Program
  5. skip the wizard and configure components manually so I choose to check the box and choose next.

image

Go back to the Azure Portal and select manage multifactor provider:

image

Then under download settings you have the option to generate an activation code:

image

Enter the activation details in the MFA server tool and click activate:

image

After activation I choosed to use the default group, you can create your own groups if you want:

image

 

You can check the status via https://pfweb.phonefactor.net/framefactory

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

When enabling Two Factor Authentication for a user in Azure for 365 when trying to activate Office for a user the following error display : 

Enable on Tenant

Make sure you login to Powershell for the tenant and Enable 2fa on the 365 Organisation : Set-OrganizationConfig -OAuth2ClientProfileEnabled $true

Enable on Outlook Client

You need to turn modern authentication on for the User via the Registry : 

Office 2013 ( ADAL not enabled by default ) 

HKCU\SOFTWARE\Microsoft\Office\15.0\Common\Identity\EnableADAL. REG_DWORD. 1

Office 2016 ( Should be enabled by default but can enable just in case via ) 

HKCU\SOFTWARE\Microsoft\Office\16.0\Common\Identity\EnableADAL. REG_DWORD. 1

Turn of WAM

[HKCU\SOFTWARE\Microsoft\Office\16.0\Common\Identity\DisableADALatopWAMOverride] – REG_DWORD “1”
 

Enable on Skype for Business 

Set-ExecutionPolicy remotesigned

Import-Module SkypeOnlineConnector

$sfbSession = New-CsOnlineSession

Import-PSSession $sfbSession

Get-CsOAuthConfiguration

Set-CsOAuthConfiguration -ClientAdalAuthOverride Allowed

Enable on OneDrive

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

The Exchange Online Remote PowerShell Module needs to be installed on your computer:

  1. Open the Exchange admin center (EAC) for your Exchange Online organization. For instructions, see Exchange admin center in Exchange Online.

  2. In the EAC, go to Hybrid > Setup and click the appropriate Configure button to download the Exchange Online Remote PowerShell Module for multi-factor authentication.

    Download the Exchange Online PowerShell Module from the Hybrid tab in the EAC
  3. In the Application Install window that opens, click Install.

    Click Install in the Exchange Online PowerShell Module window

Open

C:\Users\%username%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation\Microsoft Exchange Online Powershell Module.appref-ms

Run

Connect-EXOPSSession -UserPrincipalName chris@contoso.com

Powershell

https://gallery.technet.microsoft.com/Office-365-Connection-47e03052

Video to Send User

https://channel9.msdn.com/posts/Multi-Factor-Account-Setup
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Upon enabling two-factor authentication, when trying to open Outlook  you get the following error

Invalid Request: The request Tokens do not match the user context.

This is due to your existing password conflicting.

If you close down outlook

Open up command prompt and enter :   control /name Microsoft.CredentialManager

Clear out MicrosoftOfficeXX_Data:ADL and  MicrosoftOfficeXX_Data:ordid password

Start Outlook again

VN:F [1.9.22_1171]
Rating: 3.0/10 (1 vote cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)