Hi PlayerOne, We are forced to use the Azure MFA Server (Legacy PhoneFactor product) for our IIS 10 secure web site. But it works fine. For everything else, including RD Gateway, we use Network Policy Server with the Azure MFA NPS Extension installed: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-nps-extension We have had “REQUIRE_USER_MATCH” set to FALSE to allow a gradual migration of our users.
A PDF is attached which includes screen shots of our NPS configuration. -David NPS_configuration_for_Guacamole_and_Azure_MFA_service.pdf <http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/file/t833/NPS_configuration_for_Guacamole_and_Azure_MFA_service.pdf> -- Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/
