Conditional Access Policy for MFA for Guest is flagging non-guest users

Copper Contributor



We recently enabled a conditional access policy for MFA for Guest Users.    We have a hybrid environment, but some of our new users only have Azure AD accounts, since they have no reason to be associated with our on premise AD.    It appears that this Guest MFA conditional access policy is being applied to non-guest users if they are only found in Azure AD and not on prem.    


I guess the question is,  why is this policy not ignoring "User" types in 

5 Replies
can you share a screenshot of your CA policy settings

@eliekarkafy   Absolutely,    There are no exclusions.  I even included the activity details for the user when logging in.        Appreciate the help.






@MikeThor can you please recreate the conditional access policy using the template below from the CA blade. Make sure also that you don't have another CA affecting the member users. 


also double check also if your member users dont not have per user mfa enabled 




@eliekarkafy   The re-creating of the policy seems to do the trick.  It is now bypassing the policy.


Appreciate the help.


Please click Mark as Best Response & Like if my post helped you to solve your issue. This will help others to find the correct solution easily.