Forum Discussion

rbgibbons's avatar
rbgibbons
Brass Contributor
Oct 24, 2022

Need to Disable MFA for Common Area Phone user

I'm configuring a https://learn.microsoft.com/en-us/microsoftteams/set-up-common-area-phones and simply need to create an Azure user that is excluded from MFA requirements. I have the user excluded from the Multifactor authentication registration policy under Security, Identity Protection in Azure, but I'm still getting prompted for the extra security features when trying to log in. We do also use Conditional Access and I have excluded the user from our Block Legacy Authentication policy in there.

 

I know I'm going to feel silly when one of you geniuses tell me it's something simple, but here it is: what am I missing?

calling
microsoft teams

1 Reply

  • kaaven's avatar
    kaaven
    Brass Contributor
    Oct 24, 2022

    The recommended way is to apply MFA is to use conditional access: https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-policy-all-users-mfa (MS Learn). From that policy you can exclude accounts that shouldn't be affected.

     

    Remember to increase security by https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-policy-location.