MSExchangeGuru.com

Learn Exchange the Guru way !!!

 

Azure MFA Failed: NPS Database Corruption

Today we encounter an interesting and weird issue where Azure MFA was not working as expected. Let us see what happened here.

This kind of issue hard to fix because mostly RDWeb and MFA are handled by the different team and this kind of issue always required coordination between 2 teams.

I configured my customers MFA with the help of the following blogs.

https://msexchangeguru.com/2017/01/28/azure-mfa1/

https://msexchangeguru.com/2017/01/28/azure-mfa2/

https://msexchangeguru.com/2017/02/02/mfa-for-rds1/

https://msexchangeguru.com/2017/02/02/mfa-for-rds2/

https://msexchangeguru.com/2016/12/09/wap-adfs-mfa-part-1/

https://msexchangeguru.com/2016/12/09/wap-adfs-mfa-part-2/

Issue:

When tested, we found a very vague issue where users were receiving MFA after logging in to the application and using it.

At this point, we restarted all the servers starting ADFS to RD Gateway to WAP to RDWeb.

But there was no change, in fact, I got the following error.


“RD Gateway: The following error(s) occurred: Unable to update IAS server configuration Your current configuration maybe in an inconsistent state”

This error told us that there is a corruption in the NDP database and why MFA was misbehaving.

Resolution:

-Removed all RDGateway and NPS configuration.

-Uninstalled Network Policy Server and Remote Desktop Gateway from the Server.

-Restarted the RD Gateway Server

-Installed Network Policy Server and Remote Desktop Gateway on the same server.

-Restarted the RD Gateway Server

-Reconfigured everything as mentioned here https://msexchangeguru.com/2017/02/02/mfa-for-rds2/

-The issue got resolved.

 

Prabhat Nigam

CTO @ Golden Five

Team@MSExchangeGuru

Leave a Reply

Categories

Archives

MSExchangeGuru.com