5.0 Configuring Multi-Factor Authentication on the ADFS Server for Testing Purpose

After you have installed and configured ADFS and configured the appliance with LDAP, you must configure MFA on the ADFS server.

To configure MFA on the ADFS server, perform the following steps:

  1. Enable the Test page ADFS.

    NOTE:ADFS 2016 disables the idpinitiatedsignon page by default. You must manually enable it using the following command in Windows PowerShell:

    Set-AdfsProperties -EnableIdPInitiatedSignonPage $true

  2. Verify the URL in your browser: https://<ADFSServer>/adfs/ls/idpinitiatedsignon.htm.

  3. Open the ADFS console.

  4. Click Trust Relationships > Relying Party Trusts > Action > Add Relying Party Trust.

  5. Select Claim Aware and click Start.

  6. Select Import data about the relying party published online or on a local network.

  7. Specify https://<ADFSServer>/federationmetadata/2007-06/federationmetadata.xml

  8. Click Next.

  9. Specify the Display name and description (optional).

  10. Select an access control policy as Permit everyone and require MFA.

  11. Click Next.

  12. Verify the configuration in the Ready to Add Trust tab.

  13. Click Next.

  14. Verify: https://<ADFSServer>/adfs/ls/idpinitiatedsignon.htm.