Microsoft
MicrosoftHi, just want to say I'm very happy with the new way of going with this, I've setup a few clients with MFA/SSPR now and this will most probably remove most of the extra support I had to give users due to having two registration endpoint and different settings between them.
I've just enable this for our environment because I'm doing another setup for just over 1000 users and definitely want to go down this route if I can.
Most of it seems to work for me but for some reason I just can't get the CA policy to work, I've got a fair amount of experience with CA's and the instructions on MS site for this is a very limited CA policy with minimal config.
1. I've created a group that currently target 2 accounts (user & admin)
2. Done the pre-req (Preview)
3. Exclude the group from IP MFA Registration policy
4. Disabled SSPR Registration
I check what-if for both accounts and its showing the policy will not apply due to the "Cloud Apps" settings:
Its shewing this in CA
I'm running out of ideas...
