Multiple conditional access / MFA questions

Niels de Jager · ‎Feb 05 2019

Hi all,

I've configured Conditional Access to require MFA when connecting to O365 services.

I have some qustions about this, all seems to work fine. But;

- The Native iOS mail app for some users seem to work for one day only, they stop syncing and are not asking for MFA / credentials. All devices have iOS 12+.

- The windows / mac devices are not Azure AD joined, so Teams, Outlook and OneDrive are all requiring MFA. I've added the ability to remember MFA on devices they trust for 30 days. But, for example for teams there is no options to remember this for 30 days, is this bound to a device? So if you choose 'remember for 30 day's' on Outlook it will remember it for all apps? If yes, do they need to enter MFA for all apps every 30 days? Or, if no do they need to enter MFA every day? (doesnt seem so).

- I can't test this right now but people tell me they did not choose 'remember for 30 day's' and did not had to enter MFA today.

Conditional access is setups as (see attachment)

Does this have anything to do with tokens?

Cheers..

Nicklas Jersing · ‎Feb 06 2019

Hi Niels,

Did you configure the iOS native mail app manually (where you have to type in server information) or did you choose "sign in"? I believe if you choose "sign in" then the native client will use modern authentication to authenticate and work with MFA.

I can recommend watching this MFA video from last years Ignite:

https://www.youtube.com/watch?v=x7W3vjpF8y4

Regards,

Nicklas

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Multiple conditional access / MFA questions

Multiple conditional access / MFA questions

Re: Multiple conditional access / MFA questions