New version of Azure MFA Server available (7.0.0.9)

/

 

snip_20160421104046

A few weeks ago Microsoft Released a new version of the Azure Multi-Factor Authentication Server for use with on-premises implementations. This is a short post about this new version of Azure MFA Server availability and how to upgrade.

Release notes

According to the release notes the version 7.0.0.9 of the Azure Multi-Factor Authentication Server adds the following additional functionality:

This latest version has been upgraded to use .NET 4.0 instead of .NET 2.0. With extended support for
  .NET 2.0 ending 12 Apr 2016, all existing MFA customers are encouraged to upgrade to v7.0.0.
  See https://support.microsoft.com/en-us/lifecycle/search/default.aspx?alpha=.net%20framework

AD FS adapter now displays a list of MFA methods to choose from based on:

    1. options configured under the Allow users to select method checkbox and
    2. the information registered by the user

This allows users to choose a preferred authentication method each time they sign in.

Alternatively, the adapter can perform the users default MFA method immediately, then display the list of options if the user doesn’t respond.

Note: that users connecting from Windows Phone whose default method is Mobile App will always see the list of options except Mobile App due to a known issue where the App being accessed loses state when switching over to the authenticator app, thus resulting in a failed authentication after completing MFA.

The update also includes other minor bug fixes and security improvements

Known Issues:

  • Windows Authentication for Terminal Services is not supported for
      Windows Server 2012 R2

 

Upgrading MFA Servers

The upgrade can be done as an in-place upgrade and works pretty good. If you are running multiple MFA Servers, make sure to start the upgrade with the slave servers first and the promote the upgraded servers afterwards, until all servers has been updated.

snip_20160421110622

That part does not work – you still have to download the binaries yourself from the Azure MFA portal (more about that later).

When you have downloaded the binaries, make sure you have a valid backup of your MFA server, before you continue with the upgrade.

During the MFA update, you will be asked to make sure that the Windows Update (KB2919355) has been applied to the MFA server.

When the install has been started, the update process will also install Visual C++ 14 Runtime Libraries (x86/x64).

The install is pretty straightforward as an in-place upgrade.

How about the other MFA components

Fellow MVP Sander Berkouwer has already made a great blog post, with details about how to upgrade the additional components, such as:

  • Web Service SDK
  • User Portal
  • Mobile App services
  • ADFS Adapters

Please read his blog post here: Azure Multi-Factor Authentication Server reaches version 7.0.0.9.

.

Download

The new version of Azure MFA Server (7.0.0.9) can be downloaded through the Azure Management Portal or MFA Management Portal.

More about the download and where to find the Azure MFA Server binaries, see:

Comments are closed.