How to enable MFA for Windows, macOS, and Linux

To enable MFA for desktop or laptop logins, including remote desktop logons, follow the steps given below:


Steps to enforce MFA for Windows, macOS, and Linux machines:

  1. Go to Configuration → Self-Service → Multi-factor Authentication → MFA for Endpoints.
  2. Select a policy from the Choose the Policy drop-down. This will determine which authentication methods are enabled for which sets of users.
  3. Note: ADSelfService Plus allows you to create OU and group-based policies. To create a policy, go to Configuration → Self-Service → Policy Configuration → Add New Policy. Click Select OUs/Groups, and make the selection based on your requirements. You need to select at least one self-service feature. Finally, click Save Policy.
  4. In the MFA for Machine Login section, check the Enable the second authentication factor box and select the authentication method from the drop-down.
  5. Click Save Settings.
  6. Note: If ADSelfService Plus is not reachable or down, users will be left stranded in the login screen unable to finish MFA. You can enable users to bypass MFA in such situations. Refer to the Advanced Settings for more information.


Your request has been submitted to the ADSelfService Plus technical support team. Our technical support people will assist you at the earliest.


Need technical assistance?

  • Enter your email ID
  • Talk to experts
    By clicking 'Talk to experts', you agree to processing of personal data according to the Privacy Policy.

Copyright © 2022, ZOHO Corp. All Rights Reserved.