Feb 7, 2022‚ÄĒCapability to track enrollment emails and new provisioning sources

New features and enhancements

  • Enrollment email management. Lets you monitor the status of enrollment emails sent to new users, check the email status updates, and reinvite users who missed their enrollment deadline.

  • User provisioning from the AD or LDAP directories. With this feature, you can provision new user accounts from your AD or LDAP on-premise directory services to ‚ÄčAkamai MFA‚Äč.

  • Deployment history. Allows you to track significant configuration changes deployed by all members of the administrative team.

  • Username normalization. With this capability, end users may input different variations of their username, which can all be matched to the same user record in ‚ÄčAkamai MFA‚Äč.

  • If you're using the ‚ÄčAkamai MFA‚Äč Splunk app, you need to install the latest version‚ÄĒ1.0.3. To upgrade the app, go to Splunkbase. This is a required upgrade for the Splunk adaptor to function correctly.

Fixed issues

We fixed the following known issues:

  • The lack of authentication data in the Integration field of the Authentication events report. This field was previously left blank if the user enrolled using the email enrollment link.

  • The issue related to the size of a csv file with authentication events.

Known issues

  • If you're using the Windows Logon plug-in on Windows Server 2012 and after installing the plug-in you're not prompted for Multi-factor Authentication on login then ensure your Windows installation has all the latest support updates and patches installed.

  • Users using the Windows Logon plug-in and attempting to unlock the Windows locked screen may sometimes encounter errors entering just the username.
    Workaround: Users may try entering domain\username in the username field to unlock the screen.

  • Clicking the ‚ÄúHelp‚ÄĚ link present in the ‚ÄčAkamai MFA‚Äč authentication prompt may not open the link in the webview displayed inside an application‚Äôs client, such as the WebEx client, that is used to authenticate with MFA for that application. As an alternative, the user may enter <<MFA_DOMAIN>>/help in a standard web browser and reach the same destination.

  • The downloaded csv report with the authentication events doesn't contain the Device ID field.

  • If a user was denied access for violating policy rules, the username and integration fields in a corresponding record of the Authentication events report are blank.

  • Domains that you enter for the username normalization purposes need to have a top-level domain in their values such as acme.com or acme.test.com.

Supported browser versions

The following are the minimum browser versions that support the ‚ÄčAkamai MFA‚Äč browser extension:

  • Firefox 87.0

  • Google Chrome 89.0.4389.90

  • Microsoft Edge 89.0.774.57

  • Safari 14.0.3

Internet Explorer is not supported.

Supported mobile devices versions

The following mobile device OS versions support the ‚ÄčAkamai MFA‚Äč mobile app:

  • iOS 13 and above (iPad, iPhone, iPod Touch)

  • Android 7 and above (phones and tablets)

Supported Windows versions

The following Windows versions support the Windows RDP solution:

  • Clients: Windows 10
  • Servers: Windows Server versions 2012, 2012 R2, 2016, and 2019

If you're running the Windows RDP plug-in version previous to 3.0.0.0, check the Windows Logon plug-in instructions to learn how to upgrade.