Summary 


Cloud Drive Mapper is natively compatible with Azure AD MFA and other modern third-party MFA providers. Cloud Drive Mapper (version 2.2.3 and above) will simply "just work" with MFA, with no additional configuration required. 




For customers using older versions of Cloud Drive Mapper (pre-v2.2.3.18) you will need to implement the following settings to enable MFA (although we strongly recommend upgrading to 2.3+ instead): 


Enabling MFA in CDM pre-v2.2.3.18 (legacy)


In order to activate full MFA support, you'll need to set the registry key. 


Reg Key ( String ) :- UseADAL 
Value = True


reg add "hkcu\software\iam cloud\clouddrivemapper" /v "UseADAL" /t "REG_SZ" /d "true" /f

reg add "hklm\software\iam cloud\clouddrivemapper" /v "UseADAL" /t "REG_SZ" /d "true" /f


That's it! Cloud Drive Mapper will now be compatible with Azure MFA (which is native to Office 365), and most other modern MFA services. 



Alternative Options


Azure MFA can also be set with conditional access rules / whitelists whereby the corporate network can be whitelisted. This will mean that when a user logs into Office 365 on a machine that is attached to the corporate network they will not have to use MFA.


We have a number of clients that do this.


CDM is capable of picking up a clients' own "on-prem" ADFS and as such can auto-login without the need for further auth.

However, where clients have their own "on-prem" ADFS & MFA this no longer is viable with app passwords as this pwd is rejected, rightly so, by the clients ADFS.


To circumnavigate this, we have built in the ability for an extra reg key to be added which notifies CDM to ignore ADFS and auth directly with O365 via the use of AppPasswords.


Reg Key( String ) :- UseO365AppPassword

Value = true


reg add "hkcu\software\iam cloud\clouddrivemapper" /v "UseO365AppPassword" /t "REG_SZ" /d "true" /f

reg add "hklm\software\iam cloud\clouddrivemapper" /v "UseO365AppPassword" /t "REG_SZ" /d "true" /f



Below are some links to assist further with this approach. 


https://docs.microsoft.com/en-us/azure/active-directory/active-directory-named-locations

https://docs.microsoft.com/en-us/azure/multi-factor-authentication/multi-factor-authentication-whats-next#trusted-ips




If you need any assistance please do not hesitate to contact our Technical Support Team:

 

Support Portal: http://support.iamcloud.com

Email us: support@iamcloud.com

Phone (UK): +44 118 324 0000 

Phone (US): +1 914 495 1298