Summary 


Although the current generation of Cloud Drive Mapper does not officially support MFA it can still be used. Azure MFA can be set with conditional access rules / whitelists whereby the corporate network can be whitelisted. This will mean that when a user logs into Office 365 on a machine that is attached to the corporate network they will not have to use MFA.


We have a number of clients that do this.


CDM is capable of picking up a clients' own "on-prem" adfs and as such can autologin without the need for further auth'

However, where clients have their own "on-prem" adfs & MFA this no longer is viable with app passwords as this pwd is rejected, rightly so, by the clients adfs.


To circumnavigate this, we have built in the ability for an extra reg key to be added which notifies CDM to ignore adfs and auth directly with O365 via the use of app passwords.


Reg Key( String ) :- UseO365AppPassword

Value = true



reg add "hkcu\software\iam cloud\clouddrivemapper" /v "UseO365AppPassword" /t "REG_SZ" /d "true" /f


reg add "hklm\software\iam cloud\clouddrivemapper" /v "UseO365AppPassword" /t "REG_SZ" /d "true" /f




Below are some links to assist further with this approach. 


https://docs.microsoft.com/en-us/azure/active-directory/active-directory-named-locations


https://docs.microsoft.com/en-us/azure/multi-factor-authentication/multi-factor-authentication-whats-next#trusted-ips



We also have clients who have gone down an alternate route as per link below:-


https://docs.microsoft.com/en-us/azure/multi-factor-authentication/end-user/multi-factor-authentication-end-user-app-passwords


We have tried and tested this, please follow this link for a pdf showing how simple it was :-

http://resources.iamcloud.net/downloads/documents/cdm-mfa.pdf






The next generation API driven model of CDM ( due later this year ) will have built in support for MFA. Customers who have the current generation of CDM will be applicable for a free upgrade once this has been released.



If you need any assistance please do not hesitate to contact our Technical Support Team:

 

IAM Cloud's Technical SupportTeam. 

 

Support Portal: http://support.iamcloud.com

Email us: support@iamcloud.com

Phone (UK): +44 118 324 0000 

Phone (US): +1 914 495 1298