Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Missing steps to enable Multi-Factor Auth Client and Multi-Factor Auth Connector #40977

Closed
Absoblogginlutely opened this issue Oct 17, 2019 — with docs.microsoft.com · 3 comments
Closed

Missing steps to enable Multi-Factor Auth Client and Multi-Factor Auth Connector #40977

Absoblogginlutely opened this issue Oct 17, 2019 — with docs.microsoft.com · 3 comments
Assignees
@souravmishra-msft
Labels
active-directory/svc authentication/subsvc cxp Pri1 triaged

Comments

@Absoblogginlutely docs.microsoft.com
Copy link
Contributor

We went through all these steps and kept getting the following errors showing up.
NPS Extension for Azure MFA: CID: 341b704d-03f1-4ba6-ae92-eb19ae2f2bf3 :Exception in Authentication Ext for User myusername :: ErrorCode:: CID :341b704d-03f1-4ba6-ae92-eb19ae2f2bf3 ESTS_TOKEN_ERROR Msg:: Verify the client certificate is properly enrolled in Azure against your tenant and the server can access URL in Registry STS_URL. Error authenticating to eSTS: ErrorCode:: ESTS_TOKEN_ERROR Msg:: Error in retreiving token details from request handle: -895352831 AADSTS7000112: Application '981f26a1-7f43-403b-a875-f8b09b8cd720'(Azure Multi-Factor Auth Client) is disabled.
Trace ID: c5379bf7-9e15-49d0-9541-547b68c95d00
Correlation ID: e3dfe056-fbdd-4b4b-8852-2d55991e97be
Timestamp: 2019-10-17 20:48:29Z Enter ERROR_CODE @ https://go.microsoft.com/fwlink/?linkid=846827 for detailed troubleshooting steps. Enter ERROR_CODE @ https://go.microsoft.com/fwlink/?linkid=846827 for detailed troubleshooting steps.

Went through all the troubleshooting steps above, no joy.
Ran the following to enable the relevant apps -
Set-MsolServicePrincipal -AppPrincipalId "981f26a1-7f43-403b-a875-f8b09b8cd720" -AccountEnabled $True
Set-MsolServicePrincipal -AppPrincipalId "1f5530b3-261a-47a9-b357-ded261e17918" -AccountEnabled $True

Restarted NPS server - now able to get Push notifications when vpn'ing in.
Hope this helps someone else configure this (there are a lot of search results for this error but not many fixes documented).

Document Details

Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
@souravmishra-msft
Copy link
Contributor

@Absoblogginlutely, Thank you for sharing the steps with us. We are looking into this and will review the steps and will try to incorporate the same in the docs after review, so that it helps others too.

@souravmishra-msft souravmishra-msft self-assigned this Oct 18, 2019
@souravmishra-msft
Copy link
Contributor

@Absoblogginlutely, we are closing this thread for now.

@chucksnow
Copy link

Why is this still an issue? I just installed the Azure MFA NPS extension and ran into the same issue.

@chucksnow chucksnow mentioned this issue Nov 16, 2021
Closed
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@souravmishra-msft souravmishra-msft

Labels
active-directory/svc authentication/subsvc cxp Pri1 triaged
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@Absoblogginlutely @chucksnow @PRMerger12 @souravmishra-msft