You can configure Entra joined PCs to use Entra ID as the user authentication server, and configure Entra ID to delegate MFA to the DualShield MFA server.
Below is the architecture and data flow in this type of system:
To set up this type of system, follow the steps below:
Configure Entra ID EAM with DualShield MFA
...
Configure Computer Logon MA Agent with Entra ID
...
D1 - Using On-Prem AD as the Identity Source
E1- Using Azure AD as the Identity Source
To use DualShield MFA to authenticate users on Entra ID joined PCs via Entra ID EAM, you must complete the following steps:
- Set up an enterprise application in Entra ID for Computer Logon MA
- Set up External Authentication Method for Microsoft Entra ID
- Configure Computer Logon Modern Authentication
- Deploy Computer Logon
...
Configure Offline Login with MFA
...