cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Multi-Factor Authentication

Hawkins_IT
Copper Contributor

‎Sep 14 2021 08:51 AM - last edited on ‎Feb 08 2023 09:57 AM by

‎Sep 14 2021 08:51 AM - last edited on ‎Feb 08 2023 09:57 AM by

Multi-Factor Authentication

We use Multi-Factor Authentication on all our Office 365 emails. However, we have a Xerox copier/printer that we use to scan-to-email, so it has its own email address. When we enable the Multi-Factor for that email address, the scan-to-email function stops working. Does anyone know a way around using Multi-Factor on a copier/printer? Thank you.

Labels:
4,532 Views
0 Likes
3 Replies
Reply
3 Replies
Vasil Michev

‎Sep 14 2021 10:58 PM

‎Sep 14 2021 10:58 PM

Re: Multi-Factor Authentication

Just exclude it from your MFA/CA policies.
1 Like
Reply
Hawkins_IT

‎Sep 15 2021 05:41 AM

‎Sep 15 2021 05:41 AM

Re: Multi-Factor Authentication

Yes, we did think about that, however, the whole point of MFA is for security. So then are there some other options for security on the copier's email address? Thanks!
0 Likes
Reply
best response confirmed by Hawkins_IT (Copper Contributor)
SimBur2365

‎Sep 16 2021 02:13 AM - edited ‎Sep 16 2021 04:55 AM

‎Sep 16 2021 02:13 AM - edited ‎Sep 16 2021 04:55 AM

Solution

Re: Multi-Factor Authentication

Hi Hawkins_IT, we use the following approach:
1. Add the external IP address of the location it send email from to Named Locations.
2. Create a new policy, assign the account that sends email, set the policy to Block, add a location condition, apply to all locations, then in the exclude tab, select the location you just added for the site.
3. Now you can safely exclude the account from the MFA policy, knowing that it can only sign in from that IP address.

 

Generally it is a good idea to add any office locations external IP to MFA Trusted IPs and as Named Locations in Conditional Access (excluded from your MFA policy).

2 Likes
Reply
1 best response

Accepted Solutions
best response confirmed by Hawkins_IT (Copper Contributor)
SimBur2365

‎Sep 16 2021 02:13 AM - edited ‎Sep 16 2021 04:55 AM

‎Sep 16 2021 02:13 AM - edited ‎Sep 16 2021 04:55 AM

Solution

Re: Multi-Factor Authentication

Hi Hawkins_IT, we use the following approach:
1. Add the external IP address of the location it send email from to Named Locations.
2. Create a new policy, assign the account that sends email, set the policy to Block, add a location condition, apply to all locations, then in the exclude tab, select the location you just added for the site.
3. Now you can safely exclude the account from the MFA policy, knowing that it can only sign in from that IP address.

 

Generally it is a good idea to add any office locations external IP to MFA Trusted IPs and as Named Locations in Conditional Access (excluded from your MFA policy).

View solution in original post

2 Likes
Reply