I have a question regarding Azure MFA Server On-Premises. I work for a company where they have rolled out Office 365 in the US, but we are going to be migrating our UK users to Office 365 within the next 6-12 months.
In the meantime, I would like to enable MFA on our VPN users so one of the solutions we have been looking at is Azure MFA Server. My question is, can we buy 150 Active Directory P1 licenses to cover the VPN users but not assign the license to a user in Azure AD? Does the Azure MFA Server on-premises check who is authenticating against on-premises AD and then check if the user has a license in Azure AD to MFA against Azure MFA Server?
The reason for doing this is, I don't want to sync the users or create them manually in Azure AD until we are ready to start migrating to Office 365.
Thanks in advance for any advice.
Robert Milner | Website: http://www.remilner.co.uk | Twitter: @robm82