AWS SSO and Azure AD/MFAWindows Azure and XamppAzure AD disappeared from Azure management portalAzure AD...
Keeping a ball lost forever
Do the primes contain an infinite almost arithmetic progression?
Biological Blimps: Propulsion
Extract more than nine arguments that occur periodically in a sentence to use in macros in order to typset
Can I still be respawned if I die by falling off the map?
Fear of getting stuck on one programming language / technology that is not used in my country
What should you do if you miss a job interview (deliberately)?
What is going on with 'gets(stdin)' on the site coderbyte?
What is the evidence for the "tyranny of the majority problem" in a direct democracy context?
Is there a RAID 0 Equivalent for RAM?
Does an advisor owe his/her student anything? Will an advisor keep a PhD student only out of pity?
Is there a way to get `mathscr' with lower case letters in pdfLaTeX?
15% tax on $7.5k earnings. Is that right?
Did arcade monitors have same pixel aspect ratio as TV sets?
Are Captain Marvel's powers affected by Thanos' actions in Infinity War
Creepy dinosaur pc game identification
Has any country ever had 2 former presidents in jail simultaneously?
Limits and Infinite Integration by Parts
Electoral considerations aside, what are potential benefits, for the US, of policy changes proposed by the tweet recognizing Golan annexation?
Using substitution ciphers to generate new alphabets in a novel
Does IPv6 have similar concept of network mask?
Can a stoichiometric mixture of oxygen and methane exist as a liquid at standard pressure and some (low) temperature?
Invalid date error by date command
Need help understanding what a natural log transformation is actually doing and why specific transformations are required for linear regression
AWS SSO and Azure AD/MFA
Windows Azure and XamppAzure AD disappeared from Azure management portalAzure AD user's group membershipAzure AD - Can't make any changes to the directory from domain joined VMHow to use Azure AD SSO SAML for Jira, when Jira is also already setup to use local ADCan't join Azure Active DirectoryAzure Portal: SSO initiated login with external providerMultiple Azure AD and Managed Service IdentitiesError code AADB2C90157 from Azure AD B2C while loginSecuring access to a VM-based web server with Azure Active Directory
My customer is in the process of setting up AWS SSO and using Azure AD as their MFA solution.
Their issue is that their primary domain has an underscore in the name (top_something) and the AD connector in AWS will not allow the invalid character. The AD connector verifies your login credentials and then sends the secondary authentication request, via an NPS server that they have setup, to Azure AD for MFA. This is preventing them from moving forward with this solution since the user accounts are in that domain. They have tried to point the connector to the top of the forest, but it is not smart enough to discover the other trusted child domains.
Is there a workaround to solve this issue?
Thanks!
azure azure-activedirectory
New contributor
add a comment |
My customer is in the process of setting up AWS SSO and using Azure AD as their MFA solution.
Their issue is that their primary domain has an underscore in the name (top_something) and the AD connector in AWS will not allow the invalid character. The AD connector verifies your login credentials and then sends the secondary authentication request, via an NPS server that they have setup, to Azure AD for MFA. This is preventing them from moving forward with this solution since the user accounts are in that domain. They have tried to point the connector to the top of the forest, but it is not smart enough to discover the other trusted child domains.
Is there a workaround to solve this issue?
Thanks!
azure azure-activedirectory
New contributor
add a comment |
My customer is in the process of setting up AWS SSO and using Azure AD as their MFA solution.
Their issue is that their primary domain has an underscore in the name (top_something) and the AD connector in AWS will not allow the invalid character. The AD connector verifies your login credentials and then sends the secondary authentication request, via an NPS server that they have setup, to Azure AD for MFA. This is preventing them from moving forward with this solution since the user accounts are in that domain. They have tried to point the connector to the top of the forest, but it is not smart enough to discover the other trusted child domains.
Is there a workaround to solve this issue?
Thanks!
azure azure-activedirectory
New contributor
My customer is in the process of setting up AWS SSO and using Azure AD as their MFA solution.
Their issue is that their primary domain has an underscore in the name (top_something) and the AD connector in AWS will not allow the invalid character. The AD connector verifies your login credentials and then sends the secondary authentication request, via an NPS server that they have setup, to Azure AD for MFA. This is preventing them from moving forward with this solution since the user accounts are in that domain. They have tried to point the connector to the top of the forest, but it is not smart enough to discover the other trusted child domains.
Is there a workaround to solve this issue?
Thanks!
azure azure-activedirectory
azure azure-activedirectory
New contributor
New contributor
New contributor
asked 2 mins ago
José SalazarJosé Salazar
1
1
New contributor
New contributor
add a comment |
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
José Salazar is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1416532%2faws-sso-and-azure-ad-mfa%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
José Salazar is a new contributor. Be nice, and check out our Code of Conduct.
José Salazar is a new contributor. Be nice, and check out our Code of Conduct.
José Salazar is a new contributor. Be nice, and check out our Code of Conduct.
José Salazar is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1416532%2faws-sso-and-azure-ad-mfa%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown