| page_type | languages | products | description | urlFragment | ||
|---|---|---|---|---|---|---|
sample |
|
|
Script to run against Azure MFA NPS Extension servers to perform some basic checks to detect any issues. The output will be in HTML format. |
azure-mfa-nps-extension-health-check |
Script to run against Azure MFA NPS Extension servers to perform some basic checks to detect any issues. The output will be in HTML format.
The script needs to be run as a user with local admin privilege on the server, and will ask for global admin on the tenant to be run against.
Download and run the MFA_NPS_Troubleshooter.ps1 script from this GitHub repo.
The script performs the following test against MFA Extension Server:
- Check accessibility to https://login.microsoftonline.com
- Check accessibility to https://adnotifications.windowsazure.com
- Check MFA version.
- Check if the NPS Service is Running.
- Check if the SPN for Azure MFA is Exist and Enabled.
- Check if Authorization and Extension registry keys have the right values.
- Check other Azure MFA related registry keys have the right values.
- Check if there is a valid certificated matched with the certificates stored in Azure AD.
- Check the time synchronization in the Server.
- Compare server time with reliable time server.
- Check all missing updates on the server.
In PowerShell console it will only display the tests name, then it will convert the result to HTML file located at C:\AzureMFAReport.html.
Example console output:
Example HTML output:
No, but the script will suggest some remediation steps, as shown in the previous example HTML output.
No, here I need your help! Feel free to share your ideas with me and we can work together to improve it. Open a GitHub issue or pull request in this repo.
No, help to make it better! Open a GitHub pull request in this repo with your improvements.
This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.
When you submit a pull request, a CLA bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact [email protected] with any additional questions or comments.