MFA 3.1 (July 2022) for ADFS (2022/2019/2016/2012R2)
06/30/2022 / Build : 3.1.2207.0
Enhancements
- General Setting added property "Fast enrollment". Limit enrollment ceremony to the default provider
- Providers added property "Lock user on his provider". Limit the user at runtime, to use only his selected provider, and providers that are not locked
- Nuget update for all nuget packages the the latest versions (newtonsoft.json.dll 10.0.x has a security issue -> 13.0.x)
Uninstall prior msi (3.x.xxxx.x)
install this one (3.1.2207.0)
MFA 3.1 (June 2022) for ADFS (2022/2019/2016/2012R2)
06/08/2022 / Build : 3.1.2206.0
Bug
- Solved issue #232 (NullReferenceException in cmdlet Export-MFASystemConfiguration)
Uninstall prior msi (3.x.xxxx.x)
install this one (3.1.2206.0)
MFA 3.1 (May 2022) for ADFS (2022/2019/2016/2012R2)
05/02/2022 / Build : 3.1.2205.0
Enhancements
- Possibility given to administrators to reset user passwords (only in MMC for Domain Admins or Accounts Operators)
- Small UI enhancements
Uninstall prior msi (3.x.xxxx.x)
install this one (3.1.2205.0)
MFA 3.1 (April 2022) for ADFS (2022/2019/2016/2012R2)
04/08/2022 / Build : 3.1.2204.1
Bugs
- Solved issue #224 (only occurs with ADDS mode activated)
Uninstall prior msi (3.x.xxxx.x)
install this one (3.1.2204.1)
03/30/2022 / Build : 3.1.2204.0
Enhancements
- ADDS import :
- PowerShell "ModifiedSince" and "CreatedSince" on the same command.
- Retrieving a user's default group membership
- Filtering on OU or specific distinguishedName (llike Group)
- New PowerShell command CleanUp-MFAUsersADDS (removing deleted ADDS users from MFA)
- Ukrainian Language
- MFA Providers
- added a property on each providers, allowing the exclusion of this one during the registration or inscription see : #222
- Improved dialog text on Biometric authentication
Uninstall prior msi (3.x.xxxx.x)
install this one (3.1.2204.0)
MFA 3.1 (March 2022) for ADFS (2022/2019/2016/2012R2)
03/01/2022 / Build : 3.1.2203.0
Enhancements
- MMC : You've all been waiting for it :)
- Added context menu for user management (right click)
- MFA suspension post available in console
Uninstall prior msi (3.x.xxxx.x)
install this one (3.1.2203.0)
MFA 3.1 (February 2022) for ADFS (2022/2019/2016/2012R2)
02/14/2022 / Build : 3.1.2202.2
Enhancements
- Mail Addresses : added support for description (displayname) : "Name <user@domain.com>" or "Name [user@domain.com]"
This applies to all Mail Addresses (admin contact, email contact, users's mail addresses)
Thanks to @JustITPL for this idea.
Bugs
Uninstall prior msi (3.x.xxxx.x)
install this one (3.1.2202.2)
02/07/2022 / Build : 3.1.2202.1
Enhancements
- TOTP Provider, addition of the possibility of positioning an image and personalized links presenting in the TOTP registration home page the proposal for a type of personalized authenticator.
Logo image must be deployed on each adfs server in c:\ProgramFiles\MFA\Config, the required size 60x60 px
New properties
- CustomAuthenticatorLogo
- CustomAuthenticatorMSStoreLink
- CustomAuthenticatorAppStoreLink
- CustomAuthenticatorGooglePlayLink
$c = Get-MFAProvider Code
$c.CustomAuthenticatorLogo = "Aegis.png"
$c.CustomAuthenticatorGooglePlayLink = "https://play.google.......
$c.WizardOptions = ([MFA.PSOTPWizardOptions]::AuthyAuthenticator -bxor [MFA.PSOTPWizardOptions]::GoogleAuthenticator -bxor [MFA.PSOTPWizardOptions]::CustomAuthenticator)
Set-MFAProvider -Providertype Code $cActivation is also possible via the MMC console
Uninstall prior msi (3.x.xxxx.x)
install this one (3.1.2202.1)
02/01/2022 / Build : 3.1.2202.0
Enhancements
- Added the possibility to suspend the MFA for a number of days defined by the administrator (PowerShell only)
$c = Get-MFAConfig
$c.AllowPauseForDays = 5
Set-MFAConfig $cBugs
- Resolved bad display of devices list in Biometrics UI.
Uninstall prior msi (3.x.xxxx.x)
install this one (3.1.2202.0)
MFA 3.1 (January 2022) for ADFS (2022/2019/2016/2012R2)
12/15/2021 / Build : 3.1.2201.0
Enhancements
- Added full support for mac os x desktop devices and safari (thanks to @PsySuck for testing)
- Added Administration Pin option (pin must be valid to update configuration changes)
- AdministrationPinEnabled : $false (default)
- AdministrationPin : 1230 (default)
Sample
$c = Get-MFASecurity
$c.AdministrationPinEnabled = $true
$c.AdministrationPin = 12345678
Set-MFASecurity $cUninstall prior msi (3.x.xxxx.x)
install this one (3.1.2201.0)