Forum Discussion
Report on users with MFA Enabled
- Feb 28, 2018
No, your users are not enabling MFA for themselves by using those URLs, That's a fact. You may have some other configuration going on.
Maybe it is a bug, but it works. Try it out. I'd like it better, if it updated the status to Enabled...
No, your users are not enabling MFA for themselves by using those URLs, That's a fact. You may have some other configuration going on.
- Pablo R. OrtizMar 01, 2018Iron ContributorWhat you can do is search Azure AD audit logs for activity "Enable Strong Authentication" to find out those details
- Pablo R. OrtizFeb 28, 2018Iron Contributor
Correct, you need to find out how MFA is enabled for those users
- dbetlowFeb 28, 2018Iron Contributor
Looks like you are correct, Pablo.
Although the sign-in logs show that MFA was required for users who went through the MFA setup process, it is only saying that when either they were in the Office location (MFA description says that MFA requirement satisfied by token) or they were elsewhere and setup or used the Self-Service Password Reset which must use the same MFA parameters to sign in / verify their account and/or reset/unblock their account.
I guess I still have to ask users to be put on the MFA list and manually intervene.