![]() I wanted to demonstrate that this solution can protect also Domain Admins group to protect high privileged accounts (important notice about is present in this document : ( FAQs for hybrid FIDO2 security key deployment - Azure Active Directory | Microsoft Docs – “FIDO2 security key sign-in isn't working for my Domain Admin or other high privilege accounts.Please have a look also at Plan a passwordless authentication deployment with Azure AD | Microsoft Docs. The solution is today present : the use a security key (FIDO2) : Passwordless security key sign-in to on-premises resources - Azure Active Directory | Microsoft Docs. Many customers asked me, after they have used Azure/Office 365 MFA: is it possible to use something like that to log on to the domain/on prem resources.No direct or indirect guarantee is given, and this cannot be considered official documentation. ![]() It’s up to you to integer this work into your security posture and evaluate impacts. I am not here to discuss if this document in any parts adhere to all principles and best practices of a secure administration environment, I just want to show a feature as a proof of concept.
0 Comments
Leave a Reply. |