![]() ![]() Q: Can we prevent MFA from kicking in when authenticating from our internal network?Ī: Absolutely – There are some options depending on if you have Azure AD Premium or not. Maybe the new AzureAD module can help here in the future.Ĭonclusion – we have to instruct our users to enroll for MFA. Troubleshooting further, the required MFA property “StrongAuthenticationUserDetails” is not possible to pre-populate programmaticly, yet. I was fooled and thought it worked, but when I tried on a user that never had enrolled MFA before, it failed. Q: Can we pre-stage the MFA authentication methods so the end user doesn’t have to enroll after being enabled for MFA?Ī: As of now, unfortunately no – I tried to build a PowerShell function to pre-populate the authentication methods if the user already had a mobile phone number. The purpose of this post is to share the most common questions I get from customers about using Azure MFA included in Office 365 (in most cases in combination with ADFS). Hopefully the new shiny Conditional access policies for specific workloads will boost the adoption a bit. The adoption has really been great – at least from an admin user perspective where 99% of my customers admins have it enabled (I usually force them).įrom an end user perspective we have more technical and informational challenges, which means that the adoption has not been as great as on the admin side. Azure Multi Factor Authentication (MFA) is a great service that has been included in Office 365 for almost 2,5 years.
0 Comments
Leave a Reply. |