Hello, Siberians. Welcome to this demonstration on Azure MFK. This lesson is part of the second Madu Off is at 500. Microsoft Azure Security Technologies casts So here the task that I'll be performing in this demonstration
how Start by using the M F A user settings configuration to enable MF A for nausea. 80. Easy
How then verify that the configuration are supplied.
How for states to configure the trust that i p m. If a service certain and finally verified that the configuration are supplied. Let's get into this
in this first ask are become figuring MM figures the settings on. I'll be using it to enable MF a Financial 80 easy.
So here's what my comment and vomits looks like. I have an urge or a detainment super cloud with X Y Z on the right hand side, and I have to test systems that I'll be using to verify the configurations that I'll be applying in the first task. I'll be a neighboring MF a visa for the user John Lakeside.
So here I am in the azure Pato. If I go ahead and click on Azure Active Directory
and just right in the top right corner. I have more the fact that indication. So if I go ahead and click on that option, this is going to open a new console. I'll make that a bit larger
now. Within this console, I can see all my current as your 80 users and I can see their multi factor authentication stages
if I cried and select John Lakeside and if I Guidant leak enable I get from tight if I want to enable multi factor authentication are great and click yes
on. If I click on close now, I can see that Emma Fay is enabled for the user John Lakeside.
So in the next task, I'll show you out of Verify that M F A user set in the by Applied now has successfully applied
and we're very fight. That is, by signing in as John Lakeside on one off the test systems that I have available That should require John to register for MF A Andi afterwards. If John TriStar access and the application there will be required to provide a second factor off authentication, So I have right air
a log in console so as you're Pato
If I griet and try to lugging his junk
and I click on next, I'll be prompted to enter Jones password. So if I quiet and type that
and if I pressed enter two deaths
now I'm getting it pumps to say My information is quiet
on. If I go ahead and click next, this is going to take junk through the process off registering for MFP So now John can either select years on authentication phone or a mobile application for guide and select mobile application if I select the option to use a verification coat and click on set up.
So now I'm prompted to scan for the cure of code. I have my authenticator hap, and if I go, I'd and click add to That's I've just can't take Your code is in my authenticator. Hap. If a quiet and click next
didn't get a hot, by the way, is what you can get for free in any off the mobile application stars. If I go ahead and leave, the option and I click on next have prompted to enter the verification court from the mobile application. If I click on very fight that
and I select a country region
are great and put in my phone number, which are bluff on the screen on the fact like next That's on Fight Week Finished on If I quiet and click yesterday at
So from now on, whenever John it's sort indicates toe, any application that uses as your a D as his identity provider, John, will be required to provide second factor authentication. The other thing to show you is that once John has gone to the registration process, if I go back to this console and if I drive a fresh,
you can see that more factors indication is now showing us in first followed and enabled
in the next task assuring you out of configure Emma Fish Service settings on in particular the trusted I've configuration. So here's what I'll be doing. I have a system here with a static public I p address our configuring Memphis service settings Toe excludes that i p address from multi factor authentication.
So back under the model factored indication settings, I have the user cities that have just configured. Now, if I go ahead and switch to service settings,
so on the severest settings, I can allow users to be able to create application passwords.
I can also configure trust that eyepiece, which is what I want to do.
In this case. I have my trusted i p already here.
How quiet and copy that's
and paste it into this con figuration window.
Once you've done that, the other options I can do here is I can specify verification options if I wantedto exclude some options from the uses.
But in this case, our liver finances the default are now. Go ahead and safe, that's
And if I click and close.
So now this configuration should have applied in the next task. I'll show you out to verify that's the configuration setting that I did Alia, as indeed, applied
on where? How do that is our jump onto the system that I excluded on. I'll go ahead or not indicate on em. Official escaped for John if it's authenticating from the high P address.
So right now I'm on a system that has the public I p address that I've just excluded from M F. A is in the service setting. If I guide, I'm trying to sign in as John
put in the user principal name and If I click on next on by typing Jones past what?
And if I click enter if I go ahead and click? Yes,
I can say that's John is not from Ted Toe Enter anymore. The factor authentication information here.
However, if I go to another system and I sign in is John
and I put in the password
John, we prompted toe enter the authentication called from the mobile application.
So he has a somebody off the tax double covered in this video.
I was startled by configuring M f A user settings and using its to enable more the fact that indication for a single user.
But then very fight that this configuration set in applied
and then proceeded to show you how to configure to trust our I p configuration setting isn't MFS Service Sutton's
and finally, I very fight. That configuration has applied.
Thanks very much for watching this video on. I'll see you in the next lesson