Forum Discussion
Solved
Override MFA trusted IP for some users
Hi,
I have set up MFA trusted IPs for Our internal IPs to avoid MFA when logging in from internal Networks. This Works fine, but for some users I want MFA even when accessing Azure from internal nertworks, typically I always want MFA for users With admin-roles in Azure. How this be done?
Best regards,
Thor-Egil
If you can afford Azure AD Premium P2 licenses for your admins, then Privileged Identity Management is your best option:
3 Replies
If you can afford Azure AD Premium P2 licenses for your admins, then Privileged Identity Management is your best option:
Thanks you for Your response! This seems to be a good solution. So it is not possible to "ignore" the trusted IP-functionality for a Group of users?
- I'm not aware of an Azure MFA setting to achieve your goal. You can also use Azure AD Conditional Access but, again, this comes with Premium license
https://docs.microsoft.com/en-us/azure/active-directory/active-directory-conditional-access-azure-portal
