AWS SSO and Azure AD/MFAWindows Azure and XamppAzure AD disappeared from Azure management portalAzure AD...

Keeping a ball lost forever

Do the primes contain an infinite almost arithmetic progression?

Biological Blimps: Propulsion

Extract more than nine arguments that occur periodically in a sentence to use in macros in order to typset

Can I still be respawned if I die by falling off the map?

Fear of getting stuck on one programming language / technology that is not used in my country

What should you do if you miss a job interview (deliberately)?

What is going on with 'gets(stdin)' on the site coderbyte?

What is the evidence for the "tyranny of the majority problem" in a direct democracy context?

Is there a RAID 0 Equivalent for RAM?

Does an advisor owe his/her student anything? Will an advisor keep a PhD student only out of pity?

Is there a way to get `mathscr' with lower case letters in pdfLaTeX?

15% tax on $7.5k earnings. Is that right?

Did arcade monitors have same pixel aspect ratio as TV sets?

Are Captain Marvel's powers affected by Thanos' actions in Infinity War

Creepy dinosaur pc game identification

Has any country ever had 2 former presidents in jail simultaneously?

Limits and Infinite Integration by Parts

Electoral considerations aside, what are potential benefits, for the US, of policy changes proposed by the tweet recognizing Golan annexation?

Using substitution ciphers to generate new alphabets in a novel

Does IPv6 have similar concept of network mask?

Can a stoichiometric mixture of oxygen and methane exist as a liquid at standard pressure and some (low) temperature?

Invalid date error by date command

Need help understanding what a natural log transformation is actually doing and why specific transformations are required for linear regression



AWS SSO and Azure AD/MFA


Windows Azure and XamppAzure AD disappeared from Azure management portalAzure AD user's group membershipAzure AD - Can't make any changes to the directory from domain joined VMHow to use Azure AD SSO SAML for Jira, when Jira is also already setup to use local ADCan't join Azure Active DirectoryAzure Portal: SSO initiated login with external providerMultiple Azure AD and Managed Service IdentitiesError code AADB2C90157 from Azure AD B2C while loginSecuring access to a VM-based web server with Azure Active Directory













0















My customer is in the process of setting up AWS SSO and using Azure AD as their MFA solution.



Their issue is that their primary domain has an underscore in the name (top_something) and the AD connector in AWS will not allow the invalid character. The AD connector verifies your login credentials and then sends the secondary authentication request, via an NPS server that they have setup, to Azure AD for MFA. This is preventing them from moving forward with this solution since the user accounts are in that domain. They have tried to point the connector to the top of the forest, but it is not smart enough to discover the other trusted child domains.



Is there a workaround to solve this issue?



Thanks!









share







New contributor




José Salazar is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

























    0















    My customer is in the process of setting up AWS SSO and using Azure AD as their MFA solution.



    Their issue is that their primary domain has an underscore in the name (top_something) and the AD connector in AWS will not allow the invalid character. The AD connector verifies your login credentials and then sends the secondary authentication request, via an NPS server that they have setup, to Azure AD for MFA. This is preventing them from moving forward with this solution since the user accounts are in that domain. They have tried to point the connector to the top of the forest, but it is not smart enough to discover the other trusted child domains.



    Is there a workaround to solve this issue?



    Thanks!









    share







    New contributor




    José Salazar is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.























      0












      0








      0








      My customer is in the process of setting up AWS SSO and using Azure AD as their MFA solution.



      Their issue is that their primary domain has an underscore in the name (top_something) and the AD connector in AWS will not allow the invalid character. The AD connector verifies your login credentials and then sends the secondary authentication request, via an NPS server that they have setup, to Azure AD for MFA. This is preventing them from moving forward with this solution since the user accounts are in that domain. They have tried to point the connector to the top of the forest, but it is not smart enough to discover the other trusted child domains.



      Is there a workaround to solve this issue?



      Thanks!









      share







      New contributor




      José Salazar is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.












      My customer is in the process of setting up AWS SSO and using Azure AD as their MFA solution.



      Their issue is that their primary domain has an underscore in the name (top_something) and the AD connector in AWS will not allow the invalid character. The AD connector verifies your login credentials and then sends the secondary authentication request, via an NPS server that they have setup, to Azure AD for MFA. This is preventing them from moving forward with this solution since the user accounts are in that domain. They have tried to point the connector to the top of the forest, but it is not smart enough to discover the other trusted child domains.



      Is there a workaround to solve this issue?



      Thanks!







      azure azure-activedirectory





      share







      New contributor




      José Salazar is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.










      share







      New contributor




      José Salazar is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.








      share



      share






      New contributor




      José Salazar is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.









      asked 2 mins ago









      José SalazarJosé Salazar

      1




      1




      New contributor




      José Salazar is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.





      New contributor





      José Salazar is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.






      José Salazar is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.






















          0






          active

          oldest

          votes











          Your Answer








          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "3"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });






          José Salazar is a new contributor. Be nice, and check out our Code of Conduct.










          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1416532%2faws-sso-and-azure-ad-mfa%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          0






          active

          oldest

          votes








          0






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes








          José Salazar is a new contributor. Be nice, and check out our Code of Conduct.










          draft saved

          draft discarded


















          José Salazar is a new contributor. Be nice, and check out our Code of Conduct.













          José Salazar is a new contributor. Be nice, and check out our Code of Conduct.












          José Salazar is a new contributor. Be nice, and check out our Code of Conduct.
















          Thanks for contributing an answer to Super User!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1416532%2faws-sso-and-azure-ad-mfa%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          Popular posts from this blog

          VNC viewer RFB protocol error: bad desktop size 0x0I Cannot Type the Key 'd' (lowercase) in VNC Viewer...

          Couldn't open a raw socket. Error: Permission denied (13) (nmap)Is it possible to run networking commands...

          Why not use the yoke to control yaw, as well as pitch and roll? Announcing the arrival of...