Configure Multi-Factor Authentication for Privilege Elevation when the Agent Cannot Connect to the Platform
You can use this group policy to configure offline multi-factor authentication for users that are required to use multi-factor authentication to use elevated roles in the event that the agent cannot connect to the Centrify Platform.
There are three configuration possibilities:
- Only users who have set up an offline MFA profile will be prompted for offline multi-factor authentication for privilege elevation. Users who have not set up an offine passcode will not be able to proceed.
- If an offline MFA profile is set up, prompt for offline MFA. Otherwise, allow the user to proceed and remind them to set up the offline MFA profile.
- Users can use elevated rights or roles when their machine is offline without multi-factor authentication.
If this policy is set to Disabled or Not Configured, the default is the first option.