Forum Discussion

EvanTse's avatar
EvanTse
Copper Contributor
Apr 26, 2020
Solved

Where does "Require MFA for administrative roles" count come from?

When auditing our security score and checking the improvement actions, we can see the "Require MFA for administrative roles" as incomplete.   We opened the improvement action blade and followed the...
  • ChristianBergstrom's avatar
    Apr 27, 2020

    EvanTse I highly recommend the MS docs for your questions.

     

    1. Enabling Azure Multi-Factor Authentication through a Conditional Access policy doesn't change the state of the user.

    2. You shouldn't enable or enforce users if you're using Conditional Access policies. As for viewing user status I believe PowerShell is the way to go.

     

    https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-userstates