Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-60364: Problem with MFA after the 21.6 update

Privileged Access Service ,  

2 October,21 at 04:37 AM

Updated 18 September 2021



Problem:
 Users experience issues with MFA after the 21.6 update. This has been observed when clients attempt MFA. In the tenant under Activity for a user, Access -> Users -> User (a particular user) -> Activity, a line with "Challenge using OATH, result: Failed" will be seen. In this example it is OATH, but failures can occur with other factors such as SMS, OTP, etc. 

Cause: An issue with MFA has been identified when the MFA Redirection feature is enabled for a user. This is configured on the tenant under Access -> Users -> User (a particular user) -> Account.

Resolution: 21.6 HF1 was released on Saturday September 18, 2021. This hot fix addresses the following two issues (also listed in the Centrify 21.6 Release Notes):
  • Resolved an issue where performing step up authentication challenges with a user that had MFA redirect enabled would cause the challenge to fall into an infinite challenge loop (355167).
  • Fixed an issue where setting a redirected user and then changing to another user would occasionally revert to the original user.
Some behavioral changes for MFA Redirection were made in the 21.6 release. Please see https://docs.centrify.com/Content/CoreServices/Authenticate/MFARedirection.htm for documentation on the MFA Redirection feature.


If there are additional questions, please do not hesitate to contact our support team.