Export (0) Print
Expand All

Windows Authentication

Published: May 20, 2013

Updated: November 6, 2014

The Windows Authentication section allows the administrator to enable and configure Windows authentication for one or more applications.

To secure an application with Windows Authentication, use the following procedure.

  1. In the Azure Multi-Factor Authentication Server click the Windows Authentication icon.

  2. Check the Enable Windows authentication checkbox. By default, this box is unchecked.

  3. The Applications tab allows the administrator to configure one or more applications for Windows Authentication.

  4. Click Add… button.

  5. Select a server or application – specify whether the server/application is enabled. Click OK.

    A reboot is needed before the Azure Multi-Factor Authentication for Terminal Services will be in effect.

    If ‘Require Azure Multi-Factor Authentication user match’ is checked and you are not in the user list, you will not be able to log into the machine after reboot.

  6. The Trusted IPs tab allows you to skip Azure Multi-Factor Authentication for Windows sessions originating from specific IPs. For example, if employees use the application from the office and from home, you may decide you don't want their phones ringing for Azure Multi-Factor Authentication while at the office. For this, you would specify the office subnet as Trusted IPs entry.

    Trusted IPs is dependent on whether the application can provide the client IP with the authentication. Currently only Terminal Services is supported.

  7. Click Add… button.

  8. Select Single IP if you would like to skip a single IP address.

  9. Select IP Range if you would like to skip an entire IP range. Example

  10. Select Subnet if you would like to specify a range of IPs using subnet notation. Enter the subnet's starting IP and pick the appropriate netmask from the drop-down list.

  11. Click the OK button.

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
© 2014 Microsoft