This article relates to Cloud Drive Mapper.
Cloud Drive Mapper is natively compatible with Azure AD MFA and other modern third-party MFA providers. Cloud Drive Mapper (version 2.2.3 and above) will simply "just work" with MFA, with no additional configuration required.
For customers using older versions of Cloud Drive Mapper (pre-v220.127.116.11) you will need to implement the following settings to enable MFA (although we strongly recommend upgrading to 2.3+ instead):
Enabling MFA in CDM pre-v18.104.22.168 (legacy)
In order to activate full MFA support, you'll need to set the registry key.
Reg Key ( String ) :- UseADAL
Value = True
reg add "hkcu\software\iam cloud\clouddrivemapper" /v "UseADAL" /t "REG_SZ" /d "true" /f
reg add "hklm\software\iam cloud\clouddrivemapper" /v "UseADAL" /t "REG_SZ" /d "true" /f
That's it! Cloud Drive Mapper will now be compatible with Azure MFA (which is native to Office 365), and most other modern MFA services.
Azure MFA can also be set with conditional access rules / whitelists whereby the corporate network can be whitelisted. This will mean that when a user logs into Office 365 on a machine that is attached to the corporate network they will not have to use MFA.
We have a number of clients that do this.
CDM is capable of picking up a clients' own "on-prem" ADFS and as such can auto-login without the need for further auth.
However, where clients have their own "on-prem" ADFS & MFA this no longer is viable with app passwords as this pwd is rejected, rightly so, by the clients ADFS.
To circumnavigate this, we have built in the ability for an extra reg key to be added which notifies CDM to ignore ADFS and auth directly with O365 via the use of AppPasswords.
Reg Key( String ) :- UseO365AppPassword
Value = true
reg add "hkcu\software\iam cloud\clouddrivemapper" /v "UseO365AppPassword" /t "REG_SZ" /d "true" /f
reg add "hklm\software\iam cloud\clouddrivemapper" /v "UseO365AppPassword" /t "REG_SZ" /d "true" /f
Below are some links to assist further with this approach.
If you need any assistance please do not hesitate to contact email@example.com