SOLVED
Home

How to tell if user is ready to enable MFA

%3CLINGO-SUB%20id%3D%22lingo-sub-870958%22%20slang%3D%22en-US%22%3EHow%20to%20tell%20if%20user%20is%20ready%20to%20enable%20MFA%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-870958%22%20slang%3D%22en-US%22%3E%3CP%3EBefore%20we%20enable%20MFA%20through%20conditional%20access%2C%20we%20send%20out%20an%20email%20with%20details%20to%20the%20user%20and%20pointing%20them%20to%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fmyprofile.microsoft.com%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fmyprofile.microsoft.com%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EHow%20can%20I%20confirm%20the%20user%20has%20setup%20the%20authenicator%20app%20or%20txt%20messages%3F%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ESo%20I%20don't%20enable%20the%20conditional%20access%20for%20an%20user%20that%20hasn't%20completed%20the%20security%20info%20in%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fmyprofile.microsoft.com%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fmyprofile.microsoft.com%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%2Cjb%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-870958%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EIdentity%20Management%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-871192%22%20slang%3D%22en-US%22%3ERe%3A%20How%20to%20tell%20if%20user%20is%20ready%20to%20enable%20MFA%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-871192%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F7831%22%20target%3D%22_blank%22%3E%40Jason%20Benway%3C%2FA%3E%26nbsp%3BThere%20is%20a%20report%20you%20can%20run%20from%20the%20Portal%20GUI%20which%20should%20give%20you%20the%20info%20you%20need%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EFrom%20the%20Azure%20AD%20Blade%20%2C%20go%20to%20Password%20reset%20%26gt%3B%20Usage%20%26amp%3B%20Insights%20-%20here%20you%20will%20see%20how%20many%20users%20have%20registered%20for%20MFA%20and%2For%20SSPR%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIf%20you%20prefer%20the%20PowerShell%20route%2C%20there%20is%20some%20scripts%20on%20the%20Microsoft%20galary%20which%20will%20also%20let%20you%20pull%20this%20info%20using%20powershell%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Jason Benway
Contributor

Before we enable MFA through conditional access, we send out an email with details to the user and pointing them to https://myprofile.microsoft.com

 

How can I confirm the user has setup the authenicator app or txt messages? 

 

So I don't enable the conditional access for an user that hasn't completed the security info in https://myprofile.microsoft.com

 

Thanks,jb

1 Reply
Solution

@Jason Benway There is a report you can run from the Portal GUI which should give you the info you need

 

From the Azure AD Blade , go to Password reset > Usage & Insights - here you will see how many users have registered for MFA and/or SSPR

 

If you prefer the PowerShell route, there is some scripts on the Microsoft galary which will also let you pull this info using powershell

 

Related Conversations