Mar 10 2021
When is ConfigMgr client using interactive and when it is using non-interactive sign-ins to CMG?
When using non-interactive sign-ins to the CMG app: The sign-in log i AAD shows the Device ID. From the sign-in info we can make a conditional access policy to make it skip MFA.
When using interactive sign-ons to the CMG app: The sign-log contains no info about the device, so we cannot make a conditional access policy that skips MFA.
Perhaps I'm just missing some documentation about CMG and MFA?
Thanks a lot!